dovecot ldap and mysql

Maciej Milaszewski maciej.milaszewski at iq.pl
Thu Sep 30 17:35:05 EEST 2021 

Hi
Sorry from last e-mail :) problem solved problem was in mysql query and
iterate_query

W dniu 30.09.2021 o 15:10, Maciej Milaszewski pisze:
> Hi
> In ldap:
>
> ....
> user_attrs = uid=user, mailMessageStore=home,
> mailQuotaSize=quota_rule=*:bytes=%$
> user_filter =
> (&(&(!(accountStatus=deleted))(objectClass=MailUser))(|(mail=%u)(uid=%u)(mailAlternateAddress=%u)))
> pass_attrs =
> uid=user,userPassword=password,=proxy=y,uid=userdb_user,mailQuotaSize=userdb_quota_rule=*:bytes=%$,mailMessageStore=userdb_home
>
> pass_filter =
> (&(objectClass=MailUser)(|(mail=%u)(uid=%u)(mailAlternateAddress=%u)))
>
> iterate_attrs = uid=user
> iterate_filter = (&(&(objectClass=mailUser)(!(accountStatus=deleted))))
> ....
>
> in mysql is hard .... (please do not judge)
>
> ...
> user_query = select a.user_name user, a.mail_message_store home,
> CONCAT('*:bytes=', mail_quota_size) as quota_rule, a.account_status from
> account a , account_mail_alternate_address amaa where amaa.account_id =
> a.id and ((a.account_status is null) or (a.account_status != "deleted"))
> and ( a.user_name = "%u" or a.mail = "%u" or amaa.mail_alternate_address
> = "%u" ) UNION select a.user_name user, a.mail_message_store home,
> CONCAT('*:bytes=', mail_quota_size*1048576) as quota_rule,
> a.account_status from account a where ((a.account_status is null) or
> (a.account_status != "deleted")) and ( a.user_name = "%u" or a.mail = "%u");
>
> password_query = select a.user_password_encoded password, "y" AS proxy
> from account a , account_mail_alternate_address amaa where
> amaa.account_id = a.id and ((a.account_status is null) or
> (a.account_status != "deleted")) and ( a.user_name = "%u" or a.mail =
> "%u" or amaa.mail_alternate_address = "%u" ) UNION select
> a.user_password_encoded password,"y" AS proxy from account a where
> ((a.account_status is null) or (a.account_status != "deleted")) and (
> a.user_name = "%u" or a.mail = "%u" );
> ...
>
> W dniu 30.09.2021 o 14:44, Aki Tuomi pisze:
>>> On 30/09/2021 15:01 Maciej Milaszewski <maciej.milaszewski at iq.pl> wrote:
>>>
>>>  
>>> Hi
>>> I have dovecot director + nodes and migrate users from ldap to mysql.
>>> I allow to auth via e-mail and alias and uid - thats i need
>>>
>>> In director ( where users is in ldap ) all works fine - user is proxy to
>>> UID like:
>>>
>>> ...
>>> doveadm auth test ola at domain.ltd passs
>>> passdb: ola at domain.ltd auth succeeded
>>> extra fields:
>>>   user=uid_122_ola_domain.ltd
>>>   proxy
>>>   original_user=ola at domain.ltd
>>> ...
>>>
>>> In lab director2 ( where users is in mysql) not:
>>> ...
>>> doveadm auth test ola at domain.ltd passs
>>> passdb: ola at domain.ltd auth succeeded
>>> extra fields:
>>>   user=ola at domain.ltd
>>>   proxy
>>> ...
>>>
>>> and I dont known where is a problem in mysql. Mayby subquery/other ?
>> Can you include the relevant bits of doceot ldap and mysql config files, please?
>>
>> Aki
>


-- 
Maciej Miłaszewski
Starszy Administrator Systemowy
IQ PL Sp. z o.o.

Biuro Obsługi Klienta:
e-mail: bok at iq.pl
tel.: +48 58 326 09 90 - 94
fax: +48 58 326 09 99

Dział pomocy: https://www.iq.pl/pomoc
Informacja dotycząca przetwarzania danych osobowych: https://www.iq.pl/kontakt

IQ PL Sp. z o.o. z siedzibą w Gdańsku (80-298), ul. Geodetów 16, KRS 0000007725, Sąd rejestrowy: Sąd Rejonowy w Gdańsku VII Wydział KRS, kapitał zakładowy: 140.000 PLN, NIP 5832736211, REGON 192478853


-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <https://dovecot.org/pipermail/dovecot/attachments/20210930/24a0d72a/attachment.sig>

More information about the dovecot mailing list