PWD Module

Intro
Installation
SysAdmin
Network
Objects
Transfer
RealTime
Access
Services 
HTTP 
LDAP 
PWD
RADIUS 
SNMP 
Directory
Clusters
Applications
WebMail
PBX
Miscellaneous
Licensing
The CommuniGate PWD module implements a poppwd server for TCP/IP networks.

The poppwd protocol allows a client (mailer) application to connect to the Server computer and specify the user (account) name and the password. If access to the specified user account is granted, the mailer application sends the new password to the Server, and the server update the user password in the user account information data.

The PWD module also provides access to the Server Command Line Interface (CLI)

Password Modification Protocol (poppwd)

The PWD module can be used to modify the CommuniGate Account password. If the "old" password specified by a mail client matches the password set in the user's Account Settings, the new password is stored in the Account Settings.

The PWD module checks the Can Modify Password Account Settings option and refuses to modify an Account password if this option is disabled.

The PWD module supports the clear text authentication method, and it also supports the secure APOP and SASL AUTH authentication methods.

When used in a Cluster environment, the PWD module can update passwords on all Cluster member servers.


Configuring the PWD module

Use a Web browser to configure the PWD module. Open the Access page in the WebAdmin Settings section.
Serving PWD Clients
Log:  
Channels: listener
Log
Use this setting to specify what kind of information the PWD module should put in the Server Log. Usually you should use the Major (password modification reports) or Problems (non-fatal errors) levels. But when you experience problems with the PWD module, you may want to set the Log Level setting to Low-Level or All Info: in this case protocol-level or link-level details will be recorded in the System Log as well. Since the poppwd sends passwords in the clear text format, setting the Log to these setting for long periods of time can become a security hole, if the Log file can be copied from the Server computer.

The PWD module records in the System Log are marked with the PWD tag.

channels
When you specify a non-zero value for the TCP/IP Channels setting, the PWD module creates a so-called "listener" on the specified port. The module starts to accept all PWD connections that mail clients establish in order to updates password data. This setting is used to limit the number of simultaneous connections the PWD module can accept. If there are too many incoming connections open, the module will reject new connections, and the user should retry later.
If the number of channels is set to zero, the PWD module closes the listener and releases (unbinds from) the TCP port.

listener
By default, the PWD module Listener accepts clear text connections on the TCP port 106. Follow the listener link to tune the PWD Listener.
Note:Some versions of Apple MacOSX use the port 106 for Apple's own version of a Password Server. To avoid conflicts with that program, the default CommuniGate Pro PWD port on that OS is set to 8106.


Providing Access to the Server CLI

As soon as a PWD user is authenticated, the Server Command Line Interface (CLI) commands are accepted. See the Command Line Interface chapter for the details.

CommuniGate® Pro Guide. Copyright © 1998-2006, Stalker Software, Inc.