benjamin thielsen
2009-Jan-27 16:54 UTC
[Dovecot] discrete passdb lookups for dovecot-auth
hi- i'm using ldap for user authentication, and would like to use different ldap lookups for authentication happening via postfix (smtp auth) vs. authentication happening through dovecot (imap logins). how can this be done, without running multiple instances? thanks! -bt
On Tue, 2009-01-27 at 11:54 -0500, benjamin thielsen wrote:> hi- > > i'm using ldap for user authentication, and would like to use > different ldap lookups for authentication happening via postfix (smtp > auth) vs. authentication happening through dovecot (imap logins). how > can this be done, without running multiple instances?Unfortunately currently you can't. The best you can do is to use %s in the ldap filters or base, but that probably won't be enough for you. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20090127/bd73c143/attachment-0002.bin>
benjamin thielsen
2009-Jan-28 13:35 UTC
[Dovecot] discrete passdb lookups for dovecot-auth
On Jan 27, 2009, at 13.21, Timo Sirainen wrote:> On Tue, 2009-01-27 at 11:54 -0500, benjamin thielsen wrote: >> hi- >> >> i'm using ldap for user authentication, and would like to use >> different ldap lookups for authentication happening via postfix (smtp >> auth) vs. authentication happening through dovecot (imap logins). >> how >> can this be done, without running multiple instances? > > Unfortunately currently you can't. The best you can do is to use %s in > the ldap filters or base, but that probably won't be enough for you.thanks for the confirmation. has this been considered? in my particular case, we have users who can receive and retrieve mail, but not send mail, defined by the groups they belong to in our directory tree. would the ability to define discrete lookups (based on the service? - maybe other criteria as well?) also be useful in other scenarios? regards -ben