Remap login before authentication
Aki Tuomi
aki.tuomi at open-xchange.com
Mon Jan 11 18:00:11 EET 2021
auth_bind_userdn = uid=%d,dc=domain,dc=tld, also see
%D - return “sub.domain.org” as “sub,dc=domain,dc=org” (for LDAP queries)
from https://doc.dovecot.org/configuration_manual/config_file/config_variables/
Aki
> On 11/01/2021 17:58 Miloslav Hůla <miloslav.hula at gmail.com> wrote:
>
>
> Hi,
>
> with Dovecot 2.3.4 I would like to allow user to login with two
> different usernames:
>
> - USERNAME (no domain) - now works
> - name.surname at domain.tld - would like to add
>
> Problem is, that the only authentication method I have is LDAP bind by
> USERNAME. Now I use:
>
> ============
> passdb {
> driver = ldap
> args = /etc/dovecot/dovecot-ldap.conf.ext
> }
>
> # Args
> uris = ldaps://ldap.domain.tld
> auth_bind = yes
> auth_bind_userdn = uid=%u,dc=domain,dc=tld
> base =
> ============
>
> I know passdb can remap user&domain, but I have no password hash at all.
> And for example '{SASL}' is not supported password scheme to return e.g.
> from SQL passdb.
>
>
> Is there any way how to achive this? Maybe somehow remap username in
> first passdb and then continue to LDAP bind?
>
> 1. login as name.surname at domain.tld
> 2. remap to USERNAME
> 3. do the LDAP bind
>
>
> Milo
More information about the dovecot
mailing list