acl_groups from LDAP issue
Jakobus Schürz
wertstoffe at nurfuerspam.de
Mon Feb 4 14:39:58 EET 2019
Hi!
I have some trouble with userdb, ldap an extrafields for acl_groups.
There is a script in python, which fetches the groups and sets the
environment-variable ACL_GROUPS to this groups.
It works when i log in to imap (thunderbird for example shows my public
folders which are protected by acl_groups).
But when it try
doveadm mailbox list -u user.name
the mailboxes are not listed and with -Dv i get "permission denied, no
lookup rights".
in my dovecot-ldap-userdb.conf.ext is
hosts = ldap.server.example
dn = cn=service_id,ou=mailserver,ou=system,ou=services,dc=server,dc=example
dnpass = protectedpassword12345
tls = yes
tls_ca_cert_file = /etc/ssl/certs/ca-certificates.crt
tls_require_cert = demand
ldap_version = 3
base = ou=users,dc=server,dc=example
deref = always
scope = subtree
user_attrs =
=home={ldap:dcMailMessageStore},system_groups_user=%u,allow_all_users=yes,=acl_groups=%{env:ACL_GROUPS}
user_filter =
(&(objectClass=posixAccount)(uid=%u)(!(sn=NoLogin))(|(memberof=cn=perm-app-mymail_admins,ou=mymail,ou=apps,ou=services,dc=schuerz,dc=at)(memberof=cn=perm-app-mymail_users,ou=mymail,ou=apps,ou=services,dc=schuerz,dc=at)))
when i change acl_groups=%{env:ACL_GROUPS} to acl_gropus=mygroup, the
doveadm mailbox list command shows my public mailbox
So how do i get my acl_groups from the postlogin-script output into
userdb-query?
Even, when i do on the shell
ACL_GROUPS=mygroup doveadm mailbox list -u user.name
the ACL_GROUPS Environment is ignored by the doveadm-command...
thank you
jakob
More information about the dovecot
mailing list