[Dovecot] Secondary groups from ldap
Timo Sirainen
tss at iki.fi
Thu Sep 17 04:16:09 EEST 2009
On Sep 16, 2009, at 5:18 AM, Ian Levesque wrote:
> I'm trying to configure my user_attrs using LDAP as the userdb so
> that dovecot knows what secondary groups a user is a member of. The
> LDAP backend is an Open Directory implementation, which stores
> secondary group affiliations as memberUid attributes in
> cn=groupname,cn=groups,dc=dns,dc=name,dc=server.
Do you mean memberGid? Also is it only secondary groups, the primary
group is somewhere else?
> With ldapsearch, my query would be:
>
> ldapsearch -x -b cn=groups,dc=dns,dc=name,dc=server
> "(memberUid=ian)" cn
>
> Is this possible to configure in Dovecot?
Hmm. Looking at the code if you do:
user_attrs = memberGid=gid
then it should set "gid=123,345,456" field. You could verify that this
gets returned by setting auth_debug=yes. But .. I can't really see
where that code would actually be used, since it looks like only the
first GID is actually used. Try anyway how far you can get. :)
More information about the dovecot
mailing list