[Dovecot] Dovecot deliver with AD LDAP userdb
Mark Schaub
mark.schaub at sau24.org
Fri Oct 16 21:59:05 EEST 2009
> What about pass_filter, does that work with imap/pop3 logins?
Interesting question. Typically users only try to login with their
sAMAccountName and thats always worked just fine. I just tested this
and pass_filter seems to be running in to the same issue. If I set the
pass_filter to:
pass_filter = (&(objectclass=person)(|(sAMAccountName=%n)(otherMailbox=%n)))
Then I am not able to log in using my email alias. However if I set it to:
pass_filter = (&(objectclass=person)(|(sAMAccountName=%n)(sn=%n)))
Then I am able to log in using my last name. Just like before other
fields like postalCode and title will not work. For each attribute
that does not work I have verified that an ldapsearch using the same
filter returns exactly 1 sAMAccountName.
All the log shows for the failure (when I attempt to login as my
"postmaster" alias) is:
Info: ldap(postmaster,127.0.0.1): unknown user
But if I set the filter to check the mail attribute and login using my
mail it correctly changes my username (as my mail address is different
from my username):
Info: auth(mark.schaub,127.0.0.1): username changed mark.schaub -> mschaub
Info: ldap(mschaub,127.0.0.1): result: sAMAccountName(user)=mschaub
Info: client out: OK 1 user=mschaub
More information about the dovecot
mailing list