[Dovecot] Quota based on LDAP group
Timo Sirainen
tss at iki.fi
Tue Jun 25 00:13:05 EEST 2013
On 25.6.2013, at 0.05, Pavel Herrmann <morpheus.ibis at gmail.com> wrote:
>> Sounds like you need to do two LDAP lookups and merge them. That requires
>> Dovecot v2.2.
>
> Sure, I am open to upgrading, if it solves the issue.
>
> I would actually need more than 2 requests, as AD supports recursive groups (a
> group being member of another group), which I do use.
>
> One possible issue is that from what I can see on the wiki does not really
> work with how groups in LDAP usually work. What I would need is the opposite
> direction - locate a group that has "member=myUserDn" attribute, look whether
> it has quota attribute set, if not use the group DN as myUserDn and repeat the
> search.
> Granted, AD has a backlink "memberOf" attribute, but I am still left with
> recursively looking up whether the group has a quota attribute, and whether it
> is a member of another group (cyclic membership is not possible AFAIK). Is
> this possible with Dovecot 2.2?
http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb -> "Subqueries and pointers" does what you need I think. My head can't really follow LDAP stuff well enough to say for sure.
More information about the dovecot
mailing list