I am using 2.0.8. Anonymous binds are no longer supported in the environment I am using. I need to change my userdb ldap setup to bind. I believe the ldap server does Kerberos (or can) authentication. My users are authenticating using Kerberos or Kerberos/PAM. This needs to stay in place.
Can anyone suggest how I might go about changing my setup to work?
My current ldap setup is as follows (the directories, user id, etc are set statically in the configuration elsewhere): tls = yes hosts = MAILSERVER base = dc=middleearth,dc=sapphiresunday,dc=org ldap_version = 3 user_attrs = userPrincipalName=user user_filter = (&(objectClass=person)(|(mail=%u)(sAMAccountName=%u)(userPrincipalName=%u))) # For using doveadm -A: iterate_attrs = userPrincipalName=user iterate_filter = (objectClass=person)
Thank you, Trever Adams
"Seize the day, put no trust in the morrow!" -- Quintus Horatius Flaccus (Horace)