[Dovecot] Active Directory Auth

Jeff Graves jeff at image-src.com
Fri May 20 00:15:56 EEST 2005


Not that this is the answer you are looking for, but I was iffy about
manually modifying AD and samba auth didn't have the features I needed, so I
used Windows SFU (free download) and set up an NIS server on the AD domain.
Works great!

Jeff Graves, MCSA
Customer Support Engineer
Image Source, Inc.
10 Mill Street
Bellingham, MA 02019

508.966.5200 - Phone
508.966.5170 - Fax
jeff at image-src.com - Email
www.image-src.com

-----Original Message-----
From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On
Behalf Of Paolo Basenghi
Sent: Tuesday, May 17, 2005 3:43 AM
To: dovecot at dovecot.org
Cc: Juan Pablo Fava
Subject: Re: [Dovecot] Active Directory Auth


Dovecot needs a password DB where to perform authentication and a user 
DB where to retrieve home directory and uid/gid.
With A.D. you can perform only the first: authorization but you should 
use Kerberos and PAM, not LDAP. Actually, a Microsoft extension to A.D. 
exists; it add unix style accounting to A.D., but I did not test it 
(ehi, it's Microsoft stuff! Do you really think it can work?  ;-)
For the user DB you should use static uid/gid and virtual mailboxes (a 
single Linux user that own all the mailboxes).

If you are interested, search the list archives to find my post where I 
rougly explained how to do it.
Sorry for my terrible english.

Greets.

-- 
___________________________________________________________________

Ing. PAOLO BASENGHI :::: Systems & Networking Engineer
p.basenghi at netribe.it
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
NETRIBE srl :: Collaborative E-Business
42100 :: Reggio Emilia :: Italy :: Via della Costituzione, 27/4
ph. +39 0522 232378 :: fax +39 0522 232386 :: http://www.netribe.it
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Le informazioni contenute in questa comunicazione sono riservate e
destinate esclusivamente alla/e persona/e o all'ente sopra indicati.
È vietato ai soggetti diversi dai destinatari qualsiasi uso, copia,
diffusione di quanto in esso contenuto sia ai sensi dell'art. 616
c.p., sia ai sensi della legge 196/2003. Se questa comunicazione vi
è pervenuta per errore, vi preghiamo di rispondere a questa mail e
successivamente cancellarla dal vostro sistema.
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯



Juan Pablo Fava wrote:

>Hi, this is my fist post  :)
>
>I'm trying to authenticate users to Active Directory, but I don´t know how
>to set up dovecot-ldap.conf to do this. Specially user_filter and
>pass_filter attrs.
>
>Does someone have this configuration working?
>
>Thanks in advance.
>  
>






More information about the dovecot mailing list