[Dovecot] Static home while using LDAP
Hello all,
I've been googling for a workaround for this for nearly a week to no avail and I hope someone in the list can shed some light on it.
I have downloaded and compiled dovecot 1.0.5 and applied the quota-warning to it. I have configured everything and it's working wonderfully, even the lda with the sieve plugin. This is my current relevant configuration:
userdb static{ args = uid=501 gid=12 home=/var/mail/buzones/%d/%n allow_all_users=yes }
passdb ldap { args = /etc/dovecot/dovecot-ldap.conf }
However, I need to obtain some more data from LDAP, so I need to switch to an ldap userdb, but want to keep the home as it is in the static configuration and not having to store it in LDAP. Is it possible to use a fixed home (as in the static userdb) while using an ldap userdb? I am looking for something similar to user_global_uid and user_global_gid but for the "home". If not, is it possible to fix or append something to the values in the user_attrs (like the following)?
user_attrs = [whatever_i_want_to_append]uid=home uidNumber=uid,gidNumber=gid
Regards, David Bosque
David Bosque wrote:
Hello all,
I've been googling for a workaround for this for nearly a week to no avail and I hope someone in the list can shed some light on it.
I have downloaded and compiled dovecot 1.0.5 and applied the quota-warning to it. I have configured everything and it's working wonderfully, even the lda with the sieve plugin. This is my current relevant configuration:
userdb static{ args = uid=501 gid=12 home=/var/mail/buzones/%d/%n allow_all_users=yes }
passdb ldap { args = /etc/dovecot/dovecot-ldap.conf }
However, I need to obtain some more data from LDAP, so I need to switch to an ldap userdb, but want to keep the home as it is in the static configuration and not having to store it in LDAP. Is it possible to use a fixed home (as in the static userdb) while using an ldap userdb? I am looking for something similar to user_global_uid and user_global_gid but for the "home". If not, is it possible to fix or append something to the values in the user_attrs (like the following)?
user_attrs = [whatever_i_want_to_append]uid=home uidNumber=uid,gidNumber=gid
Regards, David Bosque You're almost there - but not quite. Instead, you'll use the pass_attrs in your ldap config for both password and user info - but prefix the needed userdb arguments with "userdb_". So:
pass_attrs = userPassword=password,userdb_somearg=ldapsomearg,etc.
-- Daniel
Daniel L. Miller escribió:
Hello all,
I've been googling for a workaround for this for nearly a week to no avail and I hope someone in the list can shed some light on it.
I have downloaded and compiled dovecot 1.0.5 and applied the quota-warning to it. I have configured everything and it's working wonderfully, even the lda with the sieve plugin. This is my current relevant configuration:
userdb static{ args = uid=501 gid=12 home=/var/mail/buzones/%d/%n allow_all_users=yes }
passdb ldap { args = /etc/dovecot/dovecot-ldap.conf }
However, I need to obtain some more data from LDAP, so I need to switch to an ldap userdb, but want to keep the home as it is in the static configuration and not having to store it in LDAP. Is it possible to use a fixed home (as in the static userdb) while using an ldap userdb? I am looking for something similar to user_global_uid and user_global_gid but for the "home". If not, is it possible to fix or append something to the values in the user_attrs (like the following)?
user_attrs = [whatever_i_want_to_append]uid=home uidNumber=uid,gidNumber=gid
Regards, David Bosque You're almost there - but not quite. Instead, you'll use the
David Bosque wrote: pass_attrs in your ldap config for both password and user info - but prefix the needed userdb arguments with "userdb_". So:
pass_attrs = userPassword=password,userdb_somearg=ldapsomearg,etc.
You mean I should keep the userdb static and the passdb ldap, right?
When I do that:
userdb static{ args = uid=501 gid=12 }
passdb ldap { args = /etc/dovecot/dovecot-ldap.conf }
In dovecot-ldap.conf : pass_attrs = uid=user,postOfficeBox=userdb_home
I get this:
dovecot: Oct 26 09:28:23 Info: auth(default): ldap(dbosque,X.X.X.X):
bind search: base=dc=cuentas, dc=cica, dc=es
filter=(&(objectClass=posixAccount)(uid=dbosque))
dovecot: Oct 26 09:28:23 Info: auth(default): ldap(dbosque,X.X.X.X):
result: uid(user)=dbosque
postOfficeBox(userdb_home)=/var/mail/buzones/dbosque
dovecot: Oct 26 09:28:23 Info: auth(default): ldap(dbosque,X.X.X.X):
bind: dn=uid=dbosque,dc=cica,dc=cuentas,dc=cica,dc=es
dovecot: Oct 26 09:28:23 Info: auth(default): client out: OK 1
user=dbosque
dovecot: Oct 26 09:28:23 Info: auth(default): master in: REQUEST
2 1116 1
dovecot: Oct 26 09:28:23 Info: auth(default): master out: USER 2
dbosque uid=501 gid=12
dovecot: Oct 26 09:28:23 Info: pop3-login: Login: user=<dbosque>,
method=PLAIN, rip=X.X.X.X, lip=X.X.X.X, TLS
dovecot: Oct 26 09:28:23 Error: POP3(dbosque):
mkdir(/HOME_DIRECTORY_USED_BUT_NOT_GIVEN_BY_USERDB/mail/cur) failed:
Permission denied
dovecot: Oct 26 09:28:23 Error: POP3(dbosque):
mkdir(/HOME_DIRECTORY_USED_BUT_NOT_GIVEN_BY_USERDB/mail/cur) failed:
Permission denied
As you can see, it is seeing the userdb_home attribute, but no using it where it should. However, if I set:
userdb prefetch { }
...it will do use the home set by userdb_home, but then I will have to store the home attribute in LDAP.
Is there any other way of using a static home (not stored in LDAP) but being able to use LDAP for quotas and other stuff?
Thanks a lot, David Bosque
On Fri, 2007-10-26 at 09:51 +0200, David Bosque wrote:
Is there any other way of using a static home (not stored in LDAP) but being able to use LDAP for quotas and other stuff?
With v1.0 you can kludge it:
plugin { home = /home/%d/%n }
If you use deliver you'll probably need new enough (1.0.5?) version for this to work.
With v1.1 it's possible to add "=home=/home/%d/%n" (IIRC) to user_attrs.
Timo Sirainen escribió:
On Fri, 2007-10-26 at 09:51 +0200, David Bosque wrote:
Is there any other way of using a static home (not stored in LDAP) but being able to use LDAP for quotas and other stuff?
With v1.0 you can kludge it:
plugin { home = /home/%d/%n }
If you use deliver you'll probably need new enough (1.0.5?) version for this to work.
With v1.1 it's possible to add "=home=/home/%d/%n" (IIRC) to user_attrs.
I'm using 1.0.5 and don't want to upgrade to 1.1 until it is released as stable. I've tried your suggestion, but it is not working even for a plain imap login. My configuration:
userdb ldap { args = /etc/dovecot/dovecot-ldap.conf }
passdb ldap { args = /etc/dovecot/dovecot-ldap.conf }
plugin { home = /var/mail/buzones/%n ... }
In dovecot-ldap.conf I have:
user_attrs = gidNumber=gid pass_attrs = uid=user
and the neccessary user and pass filters.
However, when I try to read my mail, I get this:
dovecot: Oct 29 14:48:37 Info: auth(default): ldap(dbosque,X.X.X.X):
bind: dn=uid=dbosque,dc=cica,dc=cuentas,dc=cica,dc=es
dovecot: Oct 29 14:48:37 Info: auth(default): client out: OK 1
user=dbosque
dovecot: Oct 29 14:48:37 Info: auth(default): master in: REQUEST
7 24813 1
dovecot: Oct 29 14:48:37 Info: auth(default): ldap(dbosque,X.X.X.X):
user search: base=dc=cuentas, dc=cica, dc=es scope=subtree
filter=(&(objectClass=posixAccount)(uid=dbosque)(pop=TRUE)) fields=gidNumber
dovecot: Oct 29 14:48:37 Info: auth(default): master out: USER 7
dbosque gid=6 uid=501
dovecot: Oct 29 14:48:37 Info: imap-login: Login: user=<dbosque>,
method=PLAIN, rip=X.X.X.X, lip=X.X.X.X, TLS
dovecot: Oct 29 14:48:37 Error: IMAP(dbosque):
mkdir(/HOME_DIRECTORY_USED_BUT_NOT_GIVEN_BY_USERDB/mail/cur) failed:
Permission denied
dovecot: Oct 29 14:48:37 Error: IMAP(dbosque):
mkdir(/HOME_DIRECTORY_USED_BUT_NOT_GIVEN_BY_USERDB/mail/cur) failed:
Permission denied
So, it's not picking up the home directory supposedly set in the plugin section. Is there any plugin to enable somewhere? I tried setting mail_plugins = home and it gave me an error ;-). Any ideas?
Thanks a lot for your help. David Bosque
On Mon, 2007-10-29 at 15:20 +0100, David Bosque wrote:
plugin { home = /var/mail/buzones/%n ... }
dovecot: Oct 29 14:48:37 Error: IMAP(dbosque): mkdir(/HOME_DIRECTORY_USED_BUT_NOT_GIVEN_BY_USERDB/mail/cur) failed: Permission denied
Well, the home directory does get passed to imap process, but expanding mail_location (and namespace locations) is done before that, so the plugin-kludge doesn't work. So you'd have to change mail_location to not use home dir.
participants (3)
-
Daniel L. Miller
-
David Bosque
-
Timo Sirainen