LDAP userdb and dovecot LDA/LMTP - different requirements

Franta Hanzlík franta at hanzlici.cz
Tue Feb 6 20:46:57 EET 2018 

Hi,
I want to use Dovecot LDA (or rather LMTP) use as local deliver with
Postfix MTA. Users are in LDAP DB with structure as:

dn: cn=username, ou=rank, o=myorg
cn: username
objectClass: Person
gidNumber: uNNN
uidNumber: gNNN
userPassword:               (somehow hashed, can only bind verification)
homeDirectory: /Home/$rank/$username
mailActive:  0/1 
mail: usera at OneDomain
mail: userb at SecDomain       (not all users have 2+ addresses]
uid: username
groupMembership: group DN   (can be multiple times for different groups)
...

where:
- cn = uid = expected IMAP login username (which hasn't @domain part)
- user1 (and user2) isn't always same as username

Now I not know, how to solve IMO diferent requirements to userdb:

- LDA/LMTP need LDAP userdb unit, that can retrieve the name from an
 email address (ie for "usera at myDomain" returns cn/uid (as dovecot
 "username").

- IMAP server need LDAP userdb unit, that will have the user login
 (username) as the input parameter, and which returns information
 whether or not the user exists.

Can be these different requirements solved in one userdb unit?
Or is it possible to have one userdb unit for LDA/LMTP, and another
one for IMAP and other Dovecot components?

I have also encountered entries getting the values from LDAP userdb
in the form as:

user_attrs = \
     =user=%{ldap:uid}, \
     @mail=base(%{ldap:mailDN}), \
     =uid=%{ldap:uidNumber at mail}, \
     =gid=%{ldap:gidNumber at mail}, \
     =home=%{ldap:rootPath at mail}/%d/%n

or

user_attrs = \
  =home=%{ldap:homeDirectory}, \
  =uid=%{ldap:uidNumber},
  =gid=%{ldap:gidNumber},
  =quota_rule=*:bytes=%{ldap:quotaBytes},
  =namespace/default/separator=%{ldap:mailSeparator}

Can anyone explain how these constructions work?
And what do mean attribute notations in the form '=attr=' or '@attr='
 or 'quota_rule=*:storage=100M' ?
Nowhere have I found a sufficiently comprehensible description of these
 constructions...

Help very much appreciated.
Thanks, Franta Hanzlik

More information about the dovecot mailing list