Re: [Dovecot] Samba4 and user auth
Hi
On Monday 01 July 2013 12:36:39 Carsten Laun-De Lellis wrote:
the password field is hidden (only the user can see it) by default, and not stored as a unix-friendly value (anything a crypt() would understand) what I use is auth_bind (which uses user-supplied password to bind to the LDAP directory).
what it means is that on every login there are 2 lookups (first one using your "service" DN to find the user DN, second one with your user DN to check the password)
that also means that you need a password format that your LDAP can understand (mostly a plaintext password, or NTLM if your mail server is a Samba domain member). As long as you only offer IMAP/SSL I dont think plaintext (as in "auth_mechanisms = plain") is an issue, security wise.
as far as the service account (the one that is used to look up users) goes, I am using the default option (setting "dn" and "dnpass" variables), which I think is a simple bind. it is possible that it only works because Samba4 and dovecot run on the same machine.
Pavel Herrmann
Hi Pavel
Thankx for your explanations.
Also in my scenario Samba, Postfix and Dovecot are running on the same machine. I will try your config and then see if it works.
But again kind regards and thankx to you and all others who came back to me with suggestions how to find the right config.
Mit freundlichem Gruß
Carsten Laun-De Lellis
Hauptstrasse 13 D-67705 Trippstadt
Phone: +49 6306 992140 Fax: +49 6306 992142 Mobile: +49 151 27530865 email: carsten.delellis@delellis.net
http://www.linkedin.com/in/carstenlaundelellis [1]
Am 2013-07-01 13:05, schrieb Pavel Herrmann:
Links:
participants (2)
-
Carsten Laun-De Lellis
-
Pavel Herrmann