lmtp and virtual users
Aki Tuomi
aki.tuomi at open-xchange.com
Wed Oct 2 20:49:26 EEST 2019
As documented e.g. here https://doc.dovecot.org/configuration_manual/authentication/ldap/
Aki
> On 02/10/2019 20:47 Jean-Daniel via dovecot <dovecot at dovecot.org> wrote:
>
>
> You set ‘auth_bind' to ‘no' and and you make sure ‘dn’ and ‘dnpass’ are properly configured with a user with enough privileges to read users passwords.
>
>
> And also, you make sure your pass_attrs contains a password attributes (containing the user password hash).
>
>
>
> > Le 2 oct. 2019 à 19:33, David Wells - Alfavinil S.A. via dovecot <dovecot at dovecot.org> a écrit :
> >
> >
> > Is there anywhere an example of how this would be setup? I understand the use of a service account which I already setup but I can't figure out how to use this service account to retrieve information and authenticate users.
> >
> > Thanks!
> > Best regards,
> > David Wells.
> >
> >
> >
> > El 02/10/2019 a las 04:29, Aki Tuomi escribió:
> >
> >
> > >
> > >
> > >
> > > On 1.10.2019 17.33, David Wells - Alfavinil S.A. via dovecot wrote:
> > >
> > >
> > > > Good morning.
> > > >
> > > > I was just reading https://wiki.dovecot.org/AuthDatabase/LDAP/PasswordLookups and found the following statement
> > > >
> > > > > When using LDA (https://wiki.dovecot.org/LDA) and static userdb, deliver can check if destination user exists. With auth binds this check isn't possible.
> > > >
> > > > Is this still relevant? Is there a workaround? It seems like using dovecots lmtp in an active directory environment is not possible, is this correct?
> > > >
> > > >
> > > >
> > > You cannot check user existence with auth binds because auth bind requires user credentials.
> > > This is why I suggested you use a "service user" in LDAP to perform the database lookups instead of auth binds. You can still authenticate your users using kerberos.
> > >
> > > Aki
> > >
> >
> >
>
More information about the dovecot
mailing list