On Tue, 2008-12-09 at 14:44 -0600, Romer Ventura wrote:
Hello,
I am trying to use userdb prefetch so that I don't do an extra LDAPlookup and I am having some problems:
Here is my dovecot-ldap.conf # cat /etc/dovecot/dovecot-ldap.conf hosts = 192.168.50.30 192.168.50.31 base = ou=HST-Users,dc=h-st,dc=com ldap_version = 3 auth_bind = yes
Auth binding is currently doing one lookup to get the DN for the user. If your DN fits to a template, you could set auth_bind_userdn setting to avoid the initial lookup. That way you would get the same result as with prefetch: two LDAP lookups.
dn = cn=ldap,cn=Users,dc=h-st,dc=com dnpass = <PASSWORD> user_attrs = sAMAccountName=mail=maildir:/home/vmail/%Ud/%Ln/Maildir/,=gid=1000,=uid=1001 user_filter = (&(objectClass=person)(mail=%u)) #pass_attrs = sAMAccountName=mail=maildir:/home/vmail/%Ud/%Ln/Maildir/,=gid=1000,=uid=1001 pass_filter = (&(objectClass=person)(mail=%u))
So, if you don't set auth_bind_userdn, you can set pass_attrs to contain all the same things as user_attrs, except with userdb_ prefix:
pass_attrs = sAMAccountName=userdb_mail=maildir:/home/vmail/%Ud/%Ln/Maildir/,=userdb_gid=1000,=userdb_uid=1001
Although instead of setting uid/gid in the pass/user_attrs, you could just set mail_uid and mail_gid settings in dovecot.conf.
For dovecot.conf then use:
passdb ldap { .. } userdb prefetch { } userdb ldap { .. }