Hi,
J.M. Maurer escribió:
Recently at Better.be we implemented LDAP authenticated bind support for dovecot. A patch against CVS HEAD is attached.
I have not tested it against all possible configurations one can use, but the basic operation seems to be right.
As documented in the patch, it adds one new option to the dovecot-ldap.conf configuration file:
# Set "auth_bind" to "yes" if you want to use "authenticated binds" # as a login validation mechanism. NOTE: the pass_attrs option # will (naturally) be ignored if you enable this auth_bind = yes
Authenticated bind support is implemented asynchronously. This involves 2 asynchronous calls: the first being 'ldap_search' to find the dn to bind against and the second being the actual 'ldap_bind' call.
I'd love to hear some feedback on this.
Great work!
It'd be nice to have also a 'fastbind' implementation. It would avoid the 'ldap_search' call on environments where the dn is predictable and you don't need extra search capabilities.
Then the user_filter setting can be used as the template dn, which once expanded (%u, %d, ...) you have the dn do the 'ldap_bind' call.
An example of this can be found in saslauthd.
Regards, Marc Maurer Better.be B.V.
Regards,
Angel Marin http://anmar.eu.org/