Deprecated since version v2.3.0.


This userdb is probably useless with Dovecot v2.0.12+, since it uses getpwnam_r(), which supports error reporting.

Usually NSS is used with Passwd userdb, but it has one problem:

  • It can’t distinguish between temporary and permanent errors.

So if you’re using e.g. nss_ldap and your LDAP database is down, all userdb lookups may return user doesn't exist errors. This is especially bad if you’re using Dovecot LDA, which causes the mails to be bounced back to sender.

The NSS userdb works around this problem by loading the NSS modules and calling them itself. This is a bit kludgy, and it probably works only with Linux.

This userdb has two parameters:

  • service=<name>: This parameter is required. The name specifies what NSS module to use, for example ldap.

  • blocking=no causes the lookups to be done in auth master processes instead of in worker processes.


userdb {
  driver = nss
  args = service=ldap