Remap login before authentication
Miloslav Hůla
miloslav.hula at gmail.com
Mon Jan 11 18:11:26 EET 2021
Probably not way for me. I forgot to write, then I cannot change LDAP
schema, so bindDN is fixed for me.
Milo
Dne 11.01.2021 v 17:00 Aki Tuomi napsal(a):
> auth_bind_userdn = uid=%d,dc=domain,dc=tld, also see
>
> %D - return “sub.domain.org” as “sub,dc=domain,dc=org” (for LDAP queries)
>
> from https://doc.dovecot.org/configuration_manual/config_file/config_variables/
>
> Aki
>
>> On 11/01/2021 17:58 Miloslav Hůla <miloslav.hula at gmail.com> wrote:
>>
>>
>> Hi,
>>
>> with Dovecot 2.3.4 I would like to allow user to login with two
>> different usernames:
>>
>> - USERNAME (no domain) - now works
>> - name.surname at domain.tld - would like to add
>>
>> Problem is, that the only authentication method I have is LDAP bind by
>> USERNAME. Now I use:
>>
>> ============
>> passdb {
>> driver = ldap
>> args = /etc/dovecot/dovecot-ldap.conf.ext
>> }
>>
>> # Args
>> uris = ldaps://ldap.domain.tld
>> auth_bind = yes
>> auth_bind_userdn = uid=%u,dc=domain,dc=tld
>> base =
>> ============
>>
>> I know passdb can remap user&domain, but I have no password hash at all.
>> And for example '{SASL}' is not supported password scheme to return e.g.
>> from SQL passdb.
>>
>>
>> Is there any way how to achive this? Maybe somehow remap username in
>> first passdb and then continue to LDAP bind?
>>
>> 1. login as name.surname at domain.tld
>> 2. remap to USERNAME
>> 3. do the LDAP bind
>>
>>
>> Milo
More information about the dovecot
mailing list