[Dovecot] LDAP + mail_location: Get "%d" from customfield
hi,
my mail_location looks like:
mail_location = maildir:/imap/spool/%d/%1n/%n:INDEX=/imap/spool/% d/indexes/%1n/%n
for example:
/imap/spool/domain.foo/a/anton/new
The problem is, that the user log in with only the username and no domainpart. So, Dovecot looks into:
/imap/spool/a/anton/new
what isn't correct. We created an LDAP entry in which domain the user is and searching for a way, to get it working. So, only what I want is to use our customfield as domainpart for the mail_location. Postfix works perfect and delivers the messages in the correct folder.
any idea?
cu denny
On 07/29/2010 12:36 PM Denny Schierz wrote:
hi,
my mail_location looks like:
mail_location = maildir:/imap/spool/%d/%1n/%n:INDEX=/imap/spool/% d/indexes/%1n/%n
for example:
/imap/spool/domain.foo/a/anton/new
The problem is, that the user log in with only the username and no domainpart. So, Dovecot looks into:
/imap/spool/a/anton/new
what isn't correct. We created an LDAP entry in which domain the user is and searching for a way, to get it working. So, only what I want is to use our customfield as domainpart for the mail_location. Postfix works perfect and delivers the messages in the correct folder.
any idea?
cu denny
See http://wiki.dovecot.org/MainConfig#Authentication_processes → auth_default_realm
Regards, Pascal
The trapper recommends today: defaced.1021018@localdomain.org
hi,
Am Donnerstag, den 29.07.2010, 18:15 +0200 schrieb Pascal Volk:
See http://wiki.dovecot.org/MainConfig#Authentication_processes → auth_default_realm
sorry, if I was unclear: Authentification works :-) Only mail_location is the problem.
I can't use %d for mail_location, cause the user doesn't have the @ part. The domainpart is stored in postAddress (LDAP => for example: domain.foo.org) so I searching a way to use the content of postAddress with mail_location.
cu denny
On Fri, 2010-07-30 at 14:53 +0200, Denny Schierz wrote:
I can't use %d for mail_location, cause the user doesn't have the @ part. The domainpart is stored in postAddress (LDAP => for example: domain.foo.org) so I searching a way to use the content of postAddress with mail_location.
pass_attrs = .., postAddress=domain
Assuming v1.1+. This changes the username to user@domain everywhere.
hi,
Am Freitag, den 30.07.2010, 15:24 +0100 schrieb Timo Sirainen:
pass_attrs = .., postAddress=domain
Assuming v1.1+. This changes the username to user@domain everywhere.
thanks for helping :-) But, it doesn't work:
ldap.conf:
user_attrs = postalAddress=domain,homeDirectory=/imap/spool/%d/%1n/%n user_filter = (&(objectClass=posixAccount)(uid=%n)) pass_attrs = postalAddress=domain, uid=user, userPassword=password pass_filter = (&(objectClass=posixAccount)(uid=%n))
After login, DoveCot creates the directory /imap/spool/f/foo, instead of /imap/spool/subdomain.domain.bla/f/foo
Log (anonymized) :
so I assume, that %d isn't filled ...
any suggestions?
hi,
Am Montag, den 02.08.2010, 10:08 +0200 schrieb Denny Schierz:
so I assume, that %d isn't filled ...
any suggestions?
I've forgotten to say: our version from Dovecot is 1.2.11
cu denny
On Mon, 2010-08-02 at 10:08 +0200, Denny Schierz wrote:
pass_attrs = .., postAddress=domain
Assuming v1.1+. This changes the username to user@domain everywhere.
thanks for helping :-) But, it doesn't work:
ldap.conf:
user_attrs = postalAddress=domain,homeDirectory=/imap/spool/%d/%1n/%n user_filter = (&(objectClass=posixAccount)(uid=%n))
OK, there is a bug/missing feature that this doesn't work with user_attrs.
pass_attrs = postalAddress=domain, uid=user, userPassword=password pass_filter = (&(objectClass=posixAccount)(uid=%n))
This would work, except I guess you're using auth binds and have also set auth_bind_userdn? Since according to your logs, it doesn't even attempt to do this passdb lookup from ldap.
On Mon, 2010-08-02 at 13:10 +0100, Timo Sirainen wrote:
user_attrs = postalAddress=domain,homeDirectory=/imap/spool/%d/%1n/%n user_filter = (&(objectClass=posixAccount)(uid=%n))
OK, there is a bug/missing feature that this doesn't work with user_attrs.
Fixed for v2.0: http://hg.dovecot.org/dovecot-2.0/rev/63124518977a
hi,
Am Montag, den 02.08.2010, 13:10 +0100 schrieb Timo Sirainen:
auth_bind_userdn
I have (I think):
the complete ldap.conf:
hosts = ldap.subdomain.domain.foo auth_bind = yes auth_bind_userdn = uid=%u,cn=accounts,dc=mail,dc=subdomain,dc=foo,dc=bla ldap_version = 3 base = cn=accounts, dc=mail, dc=subdomain, dc=foo, dc=bla user_attrs = postalAddress=domain,homeDirectory=/imap/spool/%d/%1n/%n user_filter = (&(objectClass=posixAccount)(uid=%n)) pass_attrs = postalAddress=domain, uid=user, userPassword=password pass_filter = (&(objectClass=posixAccount)(uid=%n))
If I remove user_attrs=postalAddress=domain, then I don't see anything in the logs, where domain is replaced.
dovecot.conf
auth default { mechanisms = plain login passdb ldap { args = /usr/local/dovecot/dovecot/etc/conf.d/ldap.conf }
userdb ldap { args = /usr/local/dovecot/dovecot/etc/conf.d/ldap.conf }
So I repeat before getting confused :-) : Login works and I don't need the domainpart, with this setup. I only want to change the mail_location.' For me it looks like, that Dovecot has no reason to take a look into %d, because the username does not had one while he logged in. DoveCot has to replace %d with the content of PostalAdress, before home="..."
Just only a thought :-) Maybe, I'm completely wrong ...
cu denny
ps. I saw the patch from you for 2.0.
On Mon, 2010-08-02 at 15:08 +0200, Denny Schierz wrote:
hosts = ldap.subdomain.domain.foo auth_bind = yes auth_bind_userdn = uid=%u,cn=accounts,dc=mail,dc=subdomain,dc=foo,dc=bla
If you remove the auth_bind_userdn, it does a lookup using pass_filter and pass_attrs.
pass_attrs = postalAddress=domain, uid=user, userPassword=password pass_filter = (&(objectClass=posixAccount)(uid=%n))
And when such lookup is done, it reads the domain, and changes the username to user@postalAddress and %d expands to postalAddress then.
If I remove user_attrs=postalAddress=domain, then I don't see anything in the logs, where domain is replaced.
Yes, but even though you see it in logs, it's completely ignored by everything.. Unless you use latest v2.0 hg.
So I repeat before getting confused :-) : Login works and I don't need the domainpart, with this setup. I only want to change the mail_location.' For me it looks like, that Dovecot has no reason to take a look into %d, because the username does not had one while he logged in. DoveCot has to replace %d with the content of PostalAdress, before home="..."
There's no simple way to currently use random userdb fields in mail_location. Maybe some day.
On 07/29/2010 12:36 PM, Denny Schierz wrote:
hi,
my mail_location looks like:
mail_location = maildir:/imap/spool/%d/%1n/%n:INDEX=/imap/spool/% d/indexes/%1n/%n
for example:
/imap/spool/domain.foo/a/anton/new
The problem is, that the user log in with only the username and no domainpart. So, Dovecot looks into:
/imap/spool/a/anton/new
what isn't correct. We created an LDAP entry in which domain the user is and searching for a way, to get it working. So, only what I want is to use our customfield as domainpart for the mail_location. Postfix works perfect and delivers the messages in the correct folder.
any idea?
cu denny
Hi Denny,
had the same problem and solved it by changing the pass_attrs entry in dovecot-ldap.conf file. Mine is pass_attrs = mail=user,userPassword=password
Reads: LDAP attribute "mail" will become the Dovecot field "user". This user can then be separed by %d and %n variables.
Hope this helps, Radim
participants (4)
-
Denny Schierz
-
Pascal Volk
-
R. Svejda
-
Timo Sirainen