Authenticate users using their firstname
Aki Tuomi
aki.tuomi at open-xchange.com
Sat Sep 29 11:55:59 EEST 2018
Why not authenticate users by email address? Using firstname as user identifier does not sound very long term solution...
Anyways...
if you insist on using firstname only, you'll need to use Lua auth database to split the username (or perform the whole deal)
passdb {
driver = lua
args = file="/etc/dovecot/username.lua" blocking=no
}
passdb {
driver = ldap
args = /ldap.config
}
and put into username.lua
function auth_passdb_lookup(req)
firstname = req.username:gsub("^([^.]+)[.].*", "%1")
return dovecot.auth.PASSDB_RESULT_OK, {firstname=firstname, noauthenticate="y"}
end
Aki
> On 29 September 2018 at 11:42 Fady AL HAYALI <codeforger at outlook.com> wrote:
>
>
> Hi,
>
> I'm setting up a Postfic and Dovecot with LDAP email server. My users in LDAP is like this:
>
> dn: uid=firstname,ou=People,dc=domain,dc=com
> uid: firstname
> uidNumber: 4025
> gidNumber: 4025
> givenName: firstname
> objectClass: top
> objectClass: person
> objectClass: posixAccount
> objectClass: shadowAccount
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> loginShell: /bin/bash
> homeDirectory: /home/firstname
> cn: firstname lastname
> mail: firstname.lastname at domain.com<mailto:firstname.lastname at domain.com>
>
> This is how I connect Dovecot with LDAP
>
> hosts = ldapserver
> ldap_version = 3
> base = ou=People,dc=domain,dc=com
> deref = never
> scope = subtree
> user_attrs =
> user_filter = (&(objectclass=inetOrgPerson)(uid=%n)
> pass_attrs = uid=user,userPassword=password
> pass_filter = (&(objectclass=inetOrgPerson)(uid=%n))
> default_pass_scheme = SSHA
>
> When I enter a user's email address and password as the following:
> email: firstname.lastname at domain.com<mailto:firstname.lastname at domain.com>
> password: password
>
> and according to my setting which I used "%n" as you see above, the username used to authenticate is "firstname.lastname". I checked the Dovecot variables but I couldn't find something useful in this case to manipulate the "%n" variable.
>
> I would like to keep using email addresses as "firstname.lastname at domain.com"<mailto:firstname.lastname at domain.com> but authenticate users using their first name. I really hit a wall here and any help will be much appreciated.
More information about the dovecot
mailing list