[Dovecot] LDAP auth improvements
Christoph Bußenius
busseniu at in.tum.de
Fri Feb 3 15:47:41 EET 2012
On 02.02.2012 14:54, Timo Sirainen wrote:
> user_attrs {
> home = %{ldap:homeDirectory}
> uid = %{ldap:uidNumber}
> gid = %{ldap:gidNumber}
> mail = %{ldap:mailboxFormat}:%{ldap:homeDirectory}
> }
>
> Any ideas for further improvements before I do this change?
One thing I was recently missing was something like this:
If the user is in LDAP group "group1", then use
host = imap1
otherwise use
host = imap2
However this would require a separate LDAP query since most LDAP servers
do not list any group information in the user table.
Another nice feature: Use some sort of script to compute the lookup
result, e.g. an external shell script:
#!/bin/bash
if [[ $ldap_uid == fred ]]; then
echo "quota_rule = storage=3G"
else
echo "quota_rule = storage=100M"
fi
Stuff like this is possible for SQL user databases, however LDAP does
not have such flexible queries.
Cheers,
Christoph
--
Christoph Bußenius
Rechnerbetriebsgruppe der Fakultäten Informatik und Mathematik
TU München
+49 89-289-18519 <> Raum 00.05.055 <> Boltzmannstr. 3 <> Garching
More information about the dovecot
mailing list