[Dovecot] Dovecot deliver with AD LDAP userdb
Mark Schaub
mark.schaub at sau24.org
Fri Oct 16 21:18:07 EEST 2009
I have tried the user_filter you suggested, it did not change
anything. I played around with some Active Directory permissions today
and set it up so that I could perform anonymous queries and verified
that they were successful with ldapsearch on the command line. This
still didn't seem to help the problem.
As far as I can tell userdb ldap queries are run using the user
specified in dn with the password specified in dnpass. I know those
fields are correct as userdb has no problem querying users by
sAMAccountName or mail attributes. I also know that the user_filter
string works as I can run an ldapsearch using dn, dnpass, and
user_filter and that returns the correct information. For some reason
when the deliver process does this nothing is returned.
As I mentioned in the initial post, some fields work and others do
not. If I change the filter to look for sn=%n and try to deliver to my
last name then it delivers fine. If I set the filter to title=%n and
try to deliver to my title then I get the same problem as with
otherMailbox.
Is there schema information dovecot is using that defines certain
userdb attributes it can and can't use?
On Thu, Oct 15, 2009 at 12:28 PM, Timo Sirainen <tss at iki.fi> wrote:
> On Wed, 2009-10-14 at 16:00 -0400, Mark Schaub wrote:
>> user_filter = (&(objectclass=person)(|(sAMAccountName=%n)(mail=%n at sau24.org)(otherMailbox=%n at sau24.org)))
>
> My LDAP knowledge isn't that great, but does | accept more than one
> parameter? Try changing this to:
>
> user_filter = (&(objectclass=person)(|(sAMAccountName=%n)(|(mail=%n at sau24.org)(otherMailbox=%n at sau24.org))))
>
> Other than that, I don't really have much ideas. Does the same filter
> work with e.g. ldapsearch?
>
>
More information about the dovecot
mailing list