lmtp and virtual users
Jean-Daniel
jddupas at xooloo.com
Wed Oct 2 20:47:53 EEST 2019
You set ‘auth_bind' to ‘no' and and you make sure ‘dn’ and ‘dnpass’ are properly configured with a user with enough privileges to read users passwords.
And also, you make sure your pass_attrs contains a password attributes (containing the user password hash).
> Le 2 oct. 2019 à 19:33, David Wells - Alfavinil S.A. via dovecot <dovecot at dovecot.org> a écrit :
>
> Is there anywhere an example of how this would be setup? I understand the use of a service account which I already setup but I can't figure out how to use this service account to retrieve information and authenticate users.
>
> Thanks!
> Best regards,
> David Wells.
>
>
> El 02/10/2019 a las 04:29, Aki Tuomi escribió:
>>
>> On 1.10.2019 17.33, David Wells - Alfavinil S.A. via dovecot wrote:
>>> Good morning.
>>>
>>> I was just reading https://wiki.dovecot.org/AuthDatabase/LDAP/PasswordLookups <https://wiki.dovecot.org/AuthDatabase/LDAP/PasswordLookups> and found the following statement
>>>> When using LDA <https://wiki.dovecot.org/LDA> and static userdb, deliver can check if destination user exists. With auth binds this check isn't possible.
>>>
>>> Is this still relevant? Is there a workaround? It seems like using dovecots lmtp in an active directory environment is not possible, is this correct?
>>>
>> You cannot check user existence with auth binds because auth bind requires user credentials.
>>
>> This is why I suggested you use a "service user" in LDAP to perform the database lookups instead of auth binds. You can still authenticate your users using kerberos.
>>
>> Aki
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20191002/c55abbba/attachment.html>
More information about the dovecot
mailing list