auth-deny : from file to LDAP
hummel at pasteur.fr
hummel at pasteur.fr
Thu Jan 8 13:48:47 UTC 2015
Hello Timo,
I want to deny access to some users. For now I'm doing it using 2 passdb's and listing users in a text file.
!include auth-deny.conf.ext -> passwd-file driver
!include auth-ldap.conf.ext -> ldap driver
I want to do the same using only LDAP. I'm not quite sure how to do it :
a) should I
. change the driver of the first passdb from passwd-file to ldap
. for user to be rejected, add an LDAP attribute named "foo" with a value of "yes" and map it with something like this :
pass_attrs = ....,foo=deny in dovecot-ldap.conf.ext ?
b) or could I use only one ldap passdb by changing the pass_filter
from
pass_filter = (&(objectClass=posixAccount)(uid=%u))
to something like
pass_filter = (&(objectClass=posixAccount)(uid=%u)(!foo=yes))
?
Thanks
--
Thomas Hummel | Institut Pasteur
<hummel at pasteur.fr> | Groupe Exploitation et Infrastructure
More information about the dovecot
mailing list