Hi Sergey,
Sergey A. Kobzar wrote:
You can use standard LDAP attributes. It's more than enough.
Well, I know that it works with standard LDAP attributes, that's what I do right now. But that is what I want to avoid, because I want to have IMAP users *without* standard uid/gid attributes because they are not Unix users. To avoid confusion and security holes I'd prefer to use separate Attributes for the LDAP objects. And in some cases I need to override the default PATH variable, which requires a new attribute. And I cannot work with static uid/gid schemes as in your example, because every IMAP user is managed by one of several Unix users, therefore they cannot share the same uid/gid.
I can define my own LDAP scheme, what I did in a test environment.
But I'd prefer if there was a common dovecot scheme for such cases.
regards Hadmut