[Dovecot] Thinking about switching from courier-imap to Dovecot: 2 simple questions
Hi, I'm using RHEL4 and since the dovecot RPM is present in the main repository, I'm thinking about switching from courier-imap (with whom I've got trouble to update) to Dovecot. Here are two questions about Dovecot (google didn't answer me):
Is it possible for dovecot to use the bind mecanism against ldap for authentification purpose. My main concern is to avoid the clear-text password in the dovecot-ldap.conf file. With courier-imap, the process simply bind to the ldap tree with the users's supplied login/password. No need for a special authentification purpose user.
Does imap's dovecot implementation support folders imbrication (more than one level folders) ?
Thanks, kfx.
On Wed, 2005-12-14 at 15:03 +0100, kadafax wrote:
- Is it possible for dovecot to use the bind mecanism against ldap for authentification purpose. My main concern is to avoid the clear-text password in the dovecot-ldap.conf file. With courier-imap, the process simply bind to the ldap tree with the users's supplied login/password. No need for a special authentification purpose user.
Only with PAM + pam_ldap module currently.
- Does imap's dovecot implementation support folders imbrication (more than one level folders) ?
Sure.
On Wednesday 2005-December-14 12:54, Timo Sirainen wrote:
On Wed, 2005-12-14 at 15:03 +0100, kadafax wrote:
- Is it possible for dovecot to use the bind mecanism against ldap for authentification purpose. My main concern is to avoid the clear-text password in the dovecot-ldap.conf file. With courier-imap, the process simply bind to the ldap tree with the users's supplied login/password. No need for a special authentification purpose user.
Only with PAM + pam_ldap module currently.
I'm planning a migration to nss_ldap ... any reason why that wouldn't work?
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: headerOn Thu, 2005-12-22 at 22:33 -0600, /dev/rob0 wrote:
On Wednesday 2005-December-14 12:54, Timo Sirainen wrote:
On Wed, 2005-12-14 at 15:03 +0100, kadafax wrote:
- Is it possible for dovecot to use the bind mecanism against ldap for authentification purpose. My main concern is to avoid the clear-text password in the dovecot-ldap.conf file. With courier-imap, the process simply bind to the ldap tree with the users's supplied login/password. No need for a special authentification purpose user.
Only with PAM + pam_ldap module currently.
I'm planning a migration to nss_ldap ... any reason why that wouldn't work?
Yes. nss_ldap is buggy:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154314
Dovecot can catch those nowadays, but still probably not that good idea.
participants (3)
-
/dev/rob0
-
kadafax
-
Timo Sirainen