[Dovecot] Use both SQL and LDAP
Hey guys,
I am just wondering if it is possible to use both SQL and LDAP queries at the same time to get information.
Example on why I want to do this:
I work at a school where we have the need for 2 separate types of mailbox configuration (better wording is eluding me at the moment). Staff and Students currently share the same email server. I would like to be able to give staff a bigger inbox (eg: 500MB) than students (eg: 50MB).
The way I am thinking, if this is even possible, to pull username and group membership from Active Directory. Check the groups against a SQL query to give the user the appropriate mailbox size. Also, having email is a privilege, not a right at my school so is it also possible to check if a user is part of a BannedEmailUsers or AllowedEmailUser group so I could quickly and effectively disable accounts as needed.
I apologise if this is a little hard to follow. Writing what I want has never been a strongpoint for me J
I also apologise if this has been asked, or information is available somewhere. I did search and didn't come up with much.
Regards,
Shayne Jellesma Network Administrator / ICT Support St Martins Lutheran College
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 29 Jun 2010, Shayne Jellesma wrote:
I am just wondering if it is possible to use both SQL and LDAP queries at the same time to get information.
Example on why I want to do this:
I work at a school where we have the need for 2 separate types of mailbox configuration (better wording is eluding me at the moment). Staff and
Well, Dovecot works by requesting attributes from a database, that means
The way I am thinking, if this is even possible, to pull username and group membership from Active Directory. Check the groups against a SQL query to
it can pull a group membership, but cannot put a "semantic" to it. Well, Timo built lots of stuff in that part of code, so I maybe miss some trick here.
give the user the appropriate mailbox size. Also, having email is a privilege, not a right at my school so is it also possible to check if a user is part of a BannedEmailUsers or AllowedEmailUser group so I could quickly and effectively disable accounts as needed.
You can easily authentificate against one source and request user information from yet another source.
You can use a full customized SQL query, hence, anything your SQL DB can generate - well, maybe your SQL DB can query the group membership - can be used to generate the attributes.
However:
a) if you want to selectivly allow access to your server for your userbase, I see two ways
think of a query for your passdb { } that only returns true for allowed users. Dovecot support a myriad of passdb backends, even a shell script.
craft a, presumly, SQL query, that returns mail_location to a read-only directory, explaining that the user may not have any access here, but what they can do to get one.
b) if you want to return different quota, you have to think of a query, that returns the required _numbers_ per user. Or for one sete of users and configure the other value as default.
Reading your post I guess you must merge some information, in order to get both requirements fullfilled.
Regards,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBTCn++b+Vh58GPL/cAQKlxgf/XTDjYzzAty+BfY8CWcTw7BmHRb/sF9Gh rfrTL/NttDhyMny4AxedBNdQ91ZrWUqzQqsQtdQr/KRLPWBJ1anj/aFtNnxadzNf 4YMhnLWOGQu6OeXs30RZGrJuzuz3vnImKq2rVrhsn1ZmiZLTSz1zKCf87WOTkE14 98KWaGzc6BtEZ6Ga1cJYXPcJ7A9tD6I7wbT9ol64YFEBp6W/G1Pa+O3voD0Y7pHI ylVIMvwx9CFH0SGIfI3BxdNwnN7rSOAp/NCrys+xwCvBBTPfNFCv4xHorz1zO78R yMg0wtHTsdMFR+wlYK9RCr42Jd6rlnUEttzVIEueeYIAcye2YahxQw== =39ov -----END PGP SIGNATURE-----
participants (2)
-
Shayne Jellesma
-
Steffen Kaiser