[Dovecot] LDAP as password database - some problems / suggestions
Stefan Palme
palme at kapott.org
Thu Feb 18 12:00:47 EET 2010
On 02/18/2010 09:45 AM, Oliver Eales wrote:
> Isn't it possible to just give the each allowed IMAP Users a attribute
> like imap=1 ?
Yes, it would. But this would also require me to use PASSWORD LOOKUP
(e.g. with a filter like '(&(objectclass=person)(imap=1))'), but I
do not want to use password lookups, but auth binding with a given
DN, which is derived from the username.
> If you really need to do it with the groups, the SUN DSSE Ldap has
> features like ROLES or COSes where you can set attributes for an entry
> based on a internal search.
Same as above - this approach only makes sense when using password
lookups.
What I need is a combination of lookup and auth_bind. The lookup is
needed to find a DN to authenticate as, after that I want to use this
DN for LDAP based authentication...
-stefan-
More information about the dovecot
mailing list