[Dovecot] Dovecot as IMAP proxy to Exchange
Hello list,
I'm looking into the possibility to setup dovecot to act as an IMAP proxy to an Exchange server. Things i know beforehand: the server.
- I will not be able to use the ldap (Active Directory) user DN for auth binds (but i discovered that i could could use the user userPrincipalName attribute as bind DN. I tested it using ldapsearch and it worked fine.)
- I will not be able to perform any unbinded searches.
- The Exchange server is unique, so i can setup a static proxy route to
Given the above, i'd like to post some questions:
1 - Will i be able to use auth_bind = yes given the restrictions? My first guess is that this might work if i use something like "auth_bind_userdn = %u@example.org"
2 - Will i be able to specify a static route to the exchange server, not having to rely on that information from the AD itself?
Another thing i'd like to know is if NTLM auth can be used while dovecot acts only as proxy.
Thanks in advance,
Hugo Monteiro.
-- fct.unl.pt:~# cat .signature
Hugo Monteiro Email : hugo.monteiro@fct.unl.pt Telefone : +351 212948300 Ext.15307 Web : http://hmonteiro.net
Divisão de Informática Faculdade de Ciências e Tecnologia da Universidade Nova de Lisboa Quinta da Torre 2829-516 Caparica Portugal Telefone: +351 212948596 Fax: +351 212948548 www.fct.unl.pt apoio@fct.unl.pt
fct.unl.pt:~# _
Hugo Monteiro wrote:
Hello list,
I'm looking into the possibility to setup dovecot to act as an IMAP proxy to an Exchange server. Things i know beforehand: the server.
- I will not be able to use the ldap (Active Directory) user DN for auth binds (but i discovered that i could could use the user userPrincipalName attribute as bind DN. I tested it using ldapsearch and it worked fine.)
- I will not be able to perform any unbinded searches.
- The Exchange server is unique, so i can setup a static proxy route to
Given the above, i'd like to post some questions:
1 - Will i be able to use auth_bind = yes given the restrictions? My first guess is that this might work if i use something like "auth_bind_userdn = %u@example.org"
Yes, you can do things like "auth_bind_userdn = %n@example.org" As long as it works to bind that way with ldapsearch you should be fine.
2 - Will i be able to specify a static route to the exchange server, not having to rely on that information from the AD itself?
Don't know the answer here.
Another thing i'd like to know is if NTLM auth can be used while dovecot acts only as proxy.
Hmm, I don't think so with auth_bind = yes. I could be wrong though.
participants (2)
-
Hugo Monteiro
-
Willie Gillespie