[Dovecot] authentication via LDAP
Hi all. I have a couple of questions. ANY of those will solve mi situation.
- 'Complex' LDAP validation: I need to validate a user in the 2 step authentication / authorizacion mech.
The 'users' (with the password) are in ou=Person,o=Work
the group which contains the mail users is in cn=MailUsers,ou=Groups,o=Work
Can dovecot make such a thing? Cause im not shure if i can make this in a single ldap filter.
- If not... 2.1) Does dovecot accept more than 1 rule for authenticating? 2.2) Does dovecot accept an arbitrary program for authentication?
Well, that's all for now. Thanks! Gerardo
in principle possible:
pass auth: auth_bind = yes auth_bind_userdn = uid=%u,ou=Person,o=Work
filter by group: user_filter = (&(&(&(objectclass=user)(objectclass=person))(memberOf=*MailUsers.*))(uid=%n)) pass_filter = (&(&(&(objectclass=user)(objectclass=person))(memberOf=*MailUsers.*))(uid=%u))
but need to configure ldap for memberOf ....
Gerardo Herzig wrote:
Hi all. I have a couple of questions. ANY of those will solve mi situation.
- 'Complex' LDAP validation: I need to validate a user in the 2 step authentication / authorizacion mech.
The 'users' (with the password) are in ou=Person,o=Work
the group which contains the mail users is in cn=MailUsers,ou=Groups,o=Work
El mar, 09-08-2011 a las 00:47 +0300, DaLiV@apollo.lv escribió:
in principle possible:
pass auth: auth_bind = yes auth_bind_userdn = uid=%u,ou=Person,o=Work
filter by group: user_filter = (&(&(&(objectclass=user)(objectclass=person))(memberOf=*MailUsers.*))(uid=%n)) pass_filter = (&(&(&(objectclass=user)(objectclass=person))(memberOf=*MailUsers.*))(uid=%u))
but need to configure ldap for memberOf .... Gerardo Herzig wrote:
Hi all. I have a couple of questions. ANY of those will solve mi situation.
- 'Complex' LDAP validation: I need to validate a user in the 2 step authentication / authorizacion mech.
The 'users' (with the password) are in ou=Person,o=Work
the group which contains the mail users is in cn=MailUsers,ou=Groups,o=Work
Thanks for the guidance, i will try it!
Gerardo
participants (2)
-
DaLiV@apollo.lv
-
Gerardo Herzig