On Tue, 4 Aug 2020, Kishore Potnuru wrote:
So, both password files (master and regular user credentials) have the same
contents in this scenario, correct?
No.
Master users are administrative users you allow to authenticate as another
account without having to know their password. If the master account is
"master", and the user account is "xyz", then an administrator can access
xyz's mail by authenticating as
username: xyz*master
password: password for master
This would allow, for example, to migrate all users via the IMAPC
mechanism without having to know all their passwords.
By making both master and passdb's the same, you allow anyone to access
anybody else's account e.g. "xyz" can access account for "abc" by using
their password with user "abc*xyz".
Joseph Tam <jtam.h...@gmail.com>
