[Dovecot] LDAP as password database - some problems / suggestions

Stefan Palme palme at kapott.org
Thu Feb 18 12:00:47 EET 2010

On 02/18/2010 09:45 AM, Oliver Eales wrote:
> Isn't it possible to just give the each allowed IMAP Users a attribute
> like imap=1 ?

Yes, it would. But this would also require me to use PASSWORD LOOKUP
(e.g. with a filter like '(&(objectclass=person)(imap=1))'), but I
do not want to use password lookups, but auth binding with a given
DN, which is derived from the username.

> If you really need to do it with the groups, the SUN DSSE Ldap has
> features like ROLES or COSes where you can set attributes for an entry
> based on a internal search.

Same as above - this approach only makes sense when using password

What I need is a combination of lookup and auth_bind. The lookup is
needed to find a DN to authenticate as, after that I want to use this
DN for LDAP based authentication...


More information about the dovecot mailing list