Which allowed services can be defined (imap, pop3, etc.)
Malte Schmidt
info at vialactea.de
Tue Jun 6 14:01:51 EEST 2017
Hello,
I am using Dovecot with an LDAP-backend for authentication.
According to the documentation at
https://wiki.dovecot.org/Authentication/RestrictAccess with LDAP and
"pass_filter" it is possible to filter allowed services for the user with:
pass_filter = (&(objectClass=posixAccount)(uid=%u)(service=%s))
Thats pretty cool. Now, in the LDAP-settings I created corresponding
fields (service) and added the allowed services to tthese fields (imap,
pop3, etc.).
After that change, certain services were not available to that user
anymore. So it seems that more services are there and after explicitly
setting the services which are allowed, the other, not mentioned
services stop to work.
Now two questions:
Is there any documented, full-featured list of the services that can be
added?
Is it possible to "flip" that setting so its not allowing certain
services but denying the ones that are added to the "service"-fields?
Cheers
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xFF379C0C.asc
Type: application/pgp-keys
Size: 37590 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20170606/d5a62585/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20170606/d5a62585/attachment-0001.sig>
More information about the dovecot
mailing list