[Dovecot] Problems with pam+ldap + quota
I think that I need to modify "/etc/ldap.conf" to remap some attribute with mailQuota from ldap, and then, try to catch this as arg.
Someone has pam+ldap+quota ?
-- Antonio Pérez-Aranda Alcaide aperezaranda@yaco.es
Yaco Sistemas S.L. http://www.yaco.es/ C/ Rioja 5, 41001 Sevilla Teléfono +34 954 50 00 57 Fax +34 954 50 09 29
Antonio Perez-Aranda aperezaranda@yaco.es wrote:
I think that I need to modify "/etc/ldap.conf" to remap some attribute with mailQuota from ldap, and then, try to catch this as arg.
Someone has pam+ldap+quota ?
Why PAM _and_ LDAP? Why not just only LDAP? LDAP+Quota works fine over $here.
Grüße, Sven.
-- Sig lost. Core dumped.
Yes I know and I have some nodes with dovecot+ldap
But this node need to login with module pam_imap, because it's use a "closed" one time password system.
I'm trying with something like this:
userdb { driver = passwd args = uid=exim gid=exim quota=*:bytes=%$ }
But I need to put the nss attribute en %$ var or another. 2011/3/15 Sven Hartge sven@svenhartge.de:
Antonio Perez-Aranda aperezaranda@yaco.es wrote:
I think that I need to modify "/etc/ldap.conf" to remap some attribute with mailQuota from ldap, and then, try to catch this as arg.
Someone has pam+ldap+quota ?
Why PAM _and_ LDAP? Why not just only LDAP? LDAP+Quota works fine over $here.
Grüße, Sven.
-- Sig lost. Core dumped.
-- Antonio Pérez-Aranda Alcaide aperezaranda@yaco.es
Yaco Sistemas S.L. http://www.yaco.es/ C/ Rioja 5, 41001 Sevilla Teléfono +34 954 50 00 57 Fax +34 954 50 09 29
Antonio Perez-Aranda aperezaranda@yaco.es wrote:
Yes I know and I have some nodes with dovecot+ldap
But this node need to login with module pam_imap, because it's use a "closed" one time password system.
I'm trying with something like this:
userdb { driver = passwd args = uid=exim gid=exim quota=*:bytes=%$ }
But I need to put the nss attribute en %$ var or another.
From my experience with PAM,NSS and LDAP I don't think it is possible to achieve what you are trying to do.
Grüße, Sven.
-- Sig lost. Core dumped.
Ok I will try to use passdb with pam and userdb with ldap driver, although in another conf, this two fail together. El 15/03/2011 19:28, "Sven Hartge" sven@svenhartge.de escribió:
Antonio Perez-Aranda aperezaranda@yaco.es wrote:
Yes I know and I have some nodes with dovecot+ldap
But this node need to login with module pam_imap, because it's use a "closed" one time password system.
I'm trying with something like this:
userdb { driver = passwd args = uid=exim gid=exim quota=*:bytes=%$ }
But I need to put the nss attribute en %$ var or another.
From my experience with PAM,NSS and LDAP I don't think it is possible to achieve what you are trying to do.
Grüße, Sven.
-- Sig lost. Core dumped.
Hi,
Just take a look on pam_ldap for authentification of user against pam in LDAP Database so that your dovecot settings should only be based on Ldap attributes for both user and password.
Regards, Stephane
Le 15 mars 2011 à 20:26, Antonio Perez-Aranda aperezaranda@yaco.es a écrit :
Ok I will try to use passdb with pam and userdb with ldap driver, although in another conf, this two fail together. El 15/03/2011 19:28, "Sven Hartge" sven@svenhartge.de escribió:
Antonio Perez-Aranda aperezaranda@yaco.es wrote:
Yes I know and I have some nodes with dovecot+ldap
But this node need to login with module pam_imap, because it's use a "closed" one time password system.
I'm trying with something like this:
userdb { driver = passwd args = uid=exim gid=exim quota=*:bytes=%$ }
But I need to put the nss attribute en %$ var or another.
From my experience with PAM,NSS and LDAP I don't think it is possible to achieve what you are trying to do.
Grüße, Sven.
-- Sig lost. Core dumped.
Antonio Perez-Aranda aperezaranda@yaco.es wrote:
userdb { driver = passwd args = uid=exim gid=exim quota=*:bytes=%$ }
BTW: I think it is very dangerous to use the exim-user and -group as user and group for your virtual user.
You better use a different user to store and access the emails under, like "virtmail", "vmail", etc.
Grüße, S°
-- Sig lost. Core dumped.
Yes, I think the same so, but is a customer requeriment.
2011/3/15 Sven Hartge sven@svenhartge.de:
Antonio Perez-Aranda aperezaranda@yaco.es wrote:
userdb { driver = passwd args = uid=exim gid=exim quota=*:bytes=%$ }
BTW: I think it is very dangerous to use the exim-user and -group as user and group for your virtual user.
You better use a different user to store and access the emails under, like "virtmail", "vmail", etc.
Grüße, S°
-- Sig lost. Core dumped.
-- Antonio Pérez-Aranda Alcaide aperezaranda@yaco.es
Yaco Sistemas S.L. http://www.yaco.es/ C/ Rioja 5, 41001 Sevilla Teléfono +34 954 50 00 57 Fax +34 954 50 09 29
Antonio Perez-Aranda aperezaranda@yaco.es wrote:
2011/3/15 Sven Hartge sven@svenhartge.de:
Antonio Perez-Aranda aperezaranda@yaco.es wrote:
userdb { driver = passwd args = uid=exim gid=exim quota=*:bytes=%$ }
BTW: I think it is very dangerous to use the exim-user and -group as user and group for your virtual user.
You better use a different user to store and access the emails under, like "virtmail", "vmail", etc.
Yes, I think the same so, but is a customer requeriment.
I know your problem. But sometimes you have to convince your customer of their ill-doing and correct any imminent problems before they cause havoc.
Especially with mail. No need for another SPAM-spewing hacked server.
Grüße, Sven.
-- Sig lost. Core dumped.
participants (3)
-
Antonio Perez-Aranda
-
Stéphane Wartel
-
Sven Hartge