[Dovecot] Active Directory
Hi all I've been doing research but haven't found anything yet. Is there a doc to show how to get Dovecot to authenticate directly against active directory.
On Monday 11 September 2006 18:06, Peter Fraser wrote:
Hi all
Hi Peter,
I've been doing research but haven't found anything yet. Is there a doc to show how to get Dovecot to authenticate directly against active directory.
I haven't used Dovecot with Active Directory, but I wrote another application in Python to authenticate against it. It's actually very easy to use, because AD allows simple binds. My guess is that if you set the following parameters in the dovecot-ldap.conf file, it should work:
hosts = ip.address.of.active.directory.server
(Alternatively, you can use the setting "uris", and specity your AD server as ldap://ip.address.of.active.directory.server)
auth_bind = yes
This is the most important setting. It tells Dovecot to use the username and password supplied by the client to bind to the AD server. This way, you don't need to have the AD server's administrator login credentials.
You should also use the parameter "auth_bind_userdn" to supply a default template to construct the DN to use to perform the bind.
Look through the example file for more information. If you understand LDAP, then you should be able to easily make sense of the parameters.
-- Anand
Peter Fraser wrote:
Hi all I've been doing research but haven't found anything yet. Is there a doc to show how to get Dovecot to authenticate directly against active directory.
I've not used it myself, but I have seen a lot of posts to this list. AD talks LDAP, it seems, so many people originally used LDAP via PAM. I understand this was because Dovecot, at the time, did not support some feature of LDAP (auth bind?), which it does now.
It would pay you to search the list archives on this topic.
-- Curtis Maloney cmaloney@cardgate.net
On Tue, Sep 12, 2006 at 09:59:55AM +1000, Curtis Maloney wrote:
Peter Fraser wrote:
Hi all I've been doing research but haven't found anything yet. Is there a doc to show how to get Dovecot to authenticate directly against active directory.
I've not used it myself, but I have seen a lot of posts to this list. AD talks LDAP, it seems, so many people originally used LDAP via PAM. I understand this was because Dovecot, at the time, did not support some feature of LDAP (auth bind?), which it does now.
Hm. I would say that the keyword is `kerberos'..
At least if you're talking about authentication mechanisms & AD.
Regards,
Petar
participants (4)
-
Anand Buddhdev
-
Curtis Maloney
-
Petar Bogdanovic
-
Peter Fraser