On 02.02.2012 14:54, Timo Sirainen wrote:

user_attrs { home = %{ldap:homeDirectory} uid = %{ldap:uidNumber} gid = %{ldap:gidNumber} mail = %{ldap:mailboxFormat}:%{ldap:homeDirectory} }

Any ideas for further improvements before I do this change?

One thing I was recently missing was something like this:

If the user is in LDAP group "group1", then use host = imap1 otherwise use host = imap2

However this would require a separate LDAP query since most LDAP servers do not list any group information in the user table.

Another nice feature: Use some sort of script to compute the lookup result, e.g. an external shell script:

#!/bin/bash if [[ $ldap_uid == fred ]]; then echo "quota_rule = storage=3G" else echo "quota_rule = storage=100M" fi

Stuff like this is possible for SQL user databases, however LDAP does not have such flexible queries.

Cheers, Christoph

-- Christoph Bußenius Rechnerbetriebsgruppe der Fakultäten Informatik und Mathematik TU München +49 89-289-18519 <> Raum 00.05.055 <> Boltzmannstr. 3 <> Garching