Whitelist file for LDAP authentication
Hi,
The dovecot version is 2.2.33.2 and we are using LDAP to do the authentication for SMTP service.
We have the following configuration in auth-ldap.conf.ext to deny some users for LDAP auth. passdb { args = /etc/dovecot/deny.smtp driver = passwd-file deny = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap }
And now we want to change the mechanism and only users in the list can send to LDAP auth and deny all others: passdb { args = /etc/dovecot/allow.smtp driver = passwd-file deny = no
result_failure = return-fail result_internalfail = return-fail result_success = continue-fail }
passdb { # Path for LDAP configuration file, see example-config/dovecot-ldap.conf.ext args = /etc/dovecot/dovecot-ldap.conf driver = ldap }
Since we do not have the users’ password in the plain text file “allow.smtp”, the authentication process will fail and exit in the first passdb.
Anyone can help to advice how to configure dovecot to have a whitelist for user LDAP authentication? Thank you very much.
Best regards, William Pang
Academic Computing and Technology Services Section Information and Communication Technology Office University of Macau Tel: 8822 8407
Am 13.07.2018 um 10:30 schrieb whpang:
Hi,
The dovecot version is 2.2.33.2 and we are using LDAP to do the authentication for SMTP service.
[ ... ]
Anyone can help to advice how to configure dovecot to have a whitelist for user LDAP authentication? Thank you very much.
Best regards, William Pang
Academic Computing and Technology Services Section Information and Communication Technology Office University of Macau Tel: 8822 8407
Define an LDAP attibute which stands for "being allowed to submit" and set your LDAP filter accordingly.
Alexander
%s flag should be very useful for this. See https://wiki.dovecot.org/Authentication/RestrictAccess ---Aki TuomiDovecot oy -------- Original message --------From: Alexander Dalloz ad+lists@uni-x.org Date: 13/07/2018 17:50 (GMT+02:00) To: dovecot@dovecot.org Subject: Re: Whitelist file for LDAP authentication Am 13.07.2018 um 10:30 schrieb whpang:
Hi,
The dovecot version is 2.2.33.2 and we are using LDAP to do the authentication for SMTP service.
[ ... ]
Anyone can help to advice how to configure dovecot to have a whitelist for user LDAP authentication? Thank you very much.
Best regards, William Pang
Academic Computing and Technology Services Section Information and Communication Technology Office University of Macau Tel: 8822 8407
Define an LDAP attibute which stands for "being allowed to submit" and set your LDAP filter accordingly.
Alexander
participants (3)
-
Aki Tuomi
-
Alexander Dalloz
-
whpang