LDAP AD Quota override not working
Hi there,
I'm testing the new version of Dovecot 2.4 in Debian 13 before upgrading to my customers and I'm having difficult on trying to override the user's quota. The LDAP base is from Samba4 AD and having been trying the following configuration:
auth-ldap.conf.ext: ldap_uris = ldap://localhost ldap_auth_dn = cn=admin,dc=localdomain ldap_auth_dn_password = password ldap_base = ou=users, dc=localdomain
passdb ldap { filter = (&(objectClass=person)(sAMAccountName=%{user})) bind = yes fields { userdb_quota_storage_size = %{ldap:telephoneNumber}B } }
userdb prefetch { driver = prefetch }
userdb ldap { fields { quota_storage_size = %{ldap:telephoneNumber}B } }
90-quota.conf mail_plugins { quota = yes } quota "User quota" { } quota_storage_size = 40M
Since there is no quotaBytes in Samba AD, I'm testing to map the telephoneNumber parameters to override the quota, also I'm just testing a 40M to see how it works. Roundcube webmail can see the quota being overriden in its inferior bar, but when I send an email to the user which is above the quota, the journal log inform "failed to store into mailbox 'INBOX': Quota exceeded (mailbox for user is full)".
I don't know how to override the quota, since in passdb section I used the "userdb_" prefix but it is not being passed to userdb when I input the "doveadm user ..." command.
I don't know if I have been clear in my request, but I'd appreciate any help.
On 22/09/2025 22:14 EEST wt.forsaken--- via dovecot <dovecot@dovecot.org> wrote:
Hi there,
I'm testing the new version of Dovecot 2.4 in Debian 13 before upgrading to my customers and I'm having difficult on trying to override the user's quota. The LDAP base is from Samba4 AD and having been trying the following configuration:
auth-ldap.conf.ext: ldap_uris = ldap://localhost ldap_auth_dn = cn=admin,dc=localdomain ldap_auth_dn_password = password ldap_base = ou=users, dc=localdomain
passdb ldap { filter = (&(objectClass=person)(sAMAccountName=%{user})) bind = yes fields { userdb_quota_storage_size = %{ldap:telephoneNumber}B } }
userdb prefetch { driver = prefetch }
userdb ldap { fields { quota_storage_size = %{ldap:telephoneNumber}B } }
90-quota.conf mail_plugins { quota = yes } quota "User quota" { } quota_storage_size = 40M
Since there is no quotaBytes in Samba AD, I'm testing to map the telephoneNumber parameters to override the quota, also I'm just testing a 40M to see how it works. Roundcube webmail can see the quota being overriden in its inferior bar, but when I send an email to the user which is above the quota, the journal log inform "failed to store into mailbox 'INBOX': Quota exceeded (mailbox for user is full)".
I don't know how to override the quota, since in passdb section I used the "userdb_" prefix but it is not being passed to userdb when I input the "doveadm user ..." command.
I don't know if I have been clear in my request, but I'd appreciate any help.
auth-ldap.conf.ext files are not supported, unless there is something that actually includes these into dovecot.conf, please check doveconf
to ensure that these settings are really there.
Also you might want to check with doveadm auth lookup
and doveadm user
to see that you are actually getting the quota_storage_size field out from userdb.
Aki
Hi Aki,
Thanks for the reply.
Yes, I think Debian split the main .conf into multiple files, there is one called "10-auth.conf" that calls for another conf "auth-ldap.conf.ext"...
That's something I've been looking and still couldn't find a solution, for example, if I input "doveadm user" command, here's the output: field value user DOMAIN\user uid 1000 gid 100 home /home/user mail_path /home/user/Maildir system_groups_user DOMAIN\user
It does not show the "quota_storage_size", no matter what fields "{}" I insert into userdb. Now if I remove the "userdb_" prefix from passdb and input "doveadm auth lookup...", it appears in passdb session and whatever field I put into passdb, in this case I just inserted the "quota_storage_site": passdb: user user : user quota_storage_size: 104857600B
I'm starting to think that there is a userdb template that always override what I put in userdb session...
Thanks.
participants (3)
-
Aki Tuomi
-
Fabrizio
-
wt.forsaken@gmail.com