PMDF System Manager's Guide


Previous Contents Index

14.6 The POPPASSD Server

The POPPASSD server is used to support changing authentication verifiers (passwords) from POP clients, using the ad-hoc password changing mechanism used by, for instance, Eudora. Note that the POPPASSD protocol involves sending both old and new password "in the clear"; sites should consider this when deciding whether they want to provide this service.

The source of the authentication verifier to be changed---whether the system password file, PMDF user profile password (PMDF MessageStore or PMDF popstore password), or PMDF password database, or some site defined source---can be controlled via the PMDF security configuration; see Section 14.2. For instance, with the implicit security rules used by PMDF if not explicit security configuration file exists, the POPPASSD server will attempt to change the password stored in a user's PMDF user profile, PMDF password database, and the system password file. The POPPASSD server will change each occurrence of the user's password, if the password is stored in more than one location (for instance, stored in both the PMDF password database and the system password file). The POPPASSD server will modify only password entries only for those users with existing entries; it will not create a new entry for a user who did not previously have an entry.

When changing a user's password entry in the PMDF password database, the POPPASSD server will preferentially change the user's SERVICE=POP entry (if one exists); if no POP-service-specific entry is present, then the POPPASSD server will instead change the user's SERVICE=DEFAULT entry.


Previous Next Contents Index