Dovecot LDAP using custom field to allow users to connect

Martin Wheldon martin.wheldon at greenhills-it.co.uk
Wed Jun 7 13:59:00 EEST 2017


Hi Michael,

We do exactly that see example below:

user_filter = 
(&(&(objectClass=ukFirmGhITPerson)(ukFirmGhITAccSubSrvcs=Email)(ukFirmGhITAccLocked=Email-FALSE))(|(uidNumber=%u)(mail=%u)(ukFirmGhITAccMailAlias=%u)))
pass_filter = 
(&(&(objectClass=ukFirmGhITPerson)(ukFirmGhITAccSubSrvcs=Email)(ukFirmGhITAccLocked=Email-FALSE))(|(uidNumber=%u)(mail=%u)))

Does it work without the AllowUser section of the search?
Do you get any records back when you do a ldapsearch with your 
user_filter search?

Best Regards

Martin

On 2017-06-07 09:48, Michael JOIGNY wrote:
> Hi all,
> 
> I'd like to know if it's possible to add a custom field when the
> authentification is made by users.
> 
> My boolean custom field will be for example "AllowUser" (false/true).
> 
> I'm trying to do something like that but it's not working :
> 
> /user_filter =
> (&(objectClass=posixAccount)(uid=%u)(objectClass=myclass)(AllowUser=TRUE))/
> 
> This is my dovecot/ldap configuration below :
> 
> /*# dovecot.conf*
> /
> /passdb {//
> //  driver = ldap//
> //  args = /etc/dovecot/dovecot-ldap.conf//
> //}/
> 
> *# dovecot-ldap.conf*
> 
> /hosts = myurl:myport//
> //dn = cn=myuser,dc=mydomain,dc=com//
> //dnpass = ********//
> //a//uth_bind = yes//
> //auth_bind_userdn = uid=%u,ou=users,dc=mydomain,dc=com//
> //ldap_version = 3//
> //base = ou=Users,dc=mydomain,dc=com//
> //scope = base//
> //default_pass_scheme = SSHA512
> /
> Do you have an idead ?
> 
> Kind regards.
> 
> --
> Michael


More information about the dovecot mailing list