Zhou, Yan
2010-Nov-09 15:57 UTC
[Dovecot] how can I use different LDAP config for LDA and AUTH?
Hi there, I am setting up mail client with DoveCot and, at the same time, use Postfix to deliver message to DoveCot via LDA. I want to support having user name "jsmith" on my mail client, and that gets all messages for email address: dovecotdemo at domain. (The user name is different from what is in the email address). In addition, all user & password look up is handled by LDAP. Here is my problem: 1. my mail client will login as "jsmith", that goes through LDAP to find mail/home/password for this user. (this matches user name) 2. When postfix delivers a message, DoveCot LDA will find a match with email address "dovecotdemo at domain", it goes through the same LDAP configuration. (this matches email address). You can see the two search criteria are different, but by default they use the same passdb and userdb configuration. I want to use a different LDAP config. file for LDA to use, where it will match the email address (so that it is different from the default dovecot-ldap.conf, which is used by authentication). DoveCot Deliver can specify a separate configuration file with "-c", so I tried that. But I cannot get LDA to use a different configuration. Would should be an example of config file used by Deliver? Anyone running into this problem? Thanks, Yan NOTICE: This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. This message has been content scanned by the Axway MailGate. MailGate uses policy enforcement to scan for known viruses, spam, undesirable content and malicious code. For more information on Axway products please visit www.axway.com.
maximatt
2010-Nov-09 17:53 UTC
[Dovecot] how can I use different LDAP config for LDA and AUTH?
hi... you can set more than one ldap config in dovecot: passdb ldap { args= /full/path/to/dovecot-ldap1.conf } passdb ldap { args= /full/path/to/dovecot-ldap2.conf } userdb ldap { args= /full/path/to/dovecot-ldap1.conf } userdb ldap { args= /full/path/to/dovecot-ldap2.conf } or you can set these in dovecot ldap config user_filter= (&(|(uid=%u)(mail=%u))(.....)) Anyway, i think you must config postfix to perform queries in apropiate setting parameters that you give from ldap with something like these: query_filter= (&(|(mail=%s)(...))(....)) result_attribute= uid,mail,..... so, you can autenticate with uid or mail value. Salu2! 2010/11/9 Zhou, Yan <yzhou at medplus.com>> Hi there, > > I am setting up mail client with DoveCot and, at the same time, use > Postfix to deliver message to DoveCot via LDA. I want to support having > user name "jsmith" on my mail client, and that gets all messages for > email address: dovecotdemo at domain. (The user name is different from > what is in the email address). In addition, all user & password look up > is handled by LDAP. > > Here is my problem: > 1. my mail client will login as "jsmith", that goes through LDAP to find > mail/home/password for this user. (this matches user name) > 2. When postfix delivers a message, DoveCot LDA will find a match with > email address "dovecotdemo at domain", it goes through the same LDAP > configuration. (this matches email address). > > You can see the two search criteria are different, but by default they > use the same passdb and userdb configuration. I want to use a different > LDAP config. file for LDA to use, where it will match the email address > (so that it is different from the default dovecot-ldap.conf, which is > used by authentication). > > DoveCot Deliver can specify a separate configuration file with "-c", so > I tried that. But I cannot get LDA to use a different configuration. > Would should be an example of config file used by Deliver? > > Anyone running into this problem? > > Thanks, > Yan > > > NOTICE: This email message is for the sole use of the intended recipient(s) > and may contain confidential and privileged information. Any unauthorized > review, use, disclosure or distribution is prohibited. If you are not the > intended recipient, please contact the sender by reply email and destroy > all > copies of the original message. > > This message has been content scanned by the Axway MailGate. > MailGate uses policy enforcement to scan for known viruses, spam, > undesirable content and malicious code. For more information on Axway > products please visit www.axway.com. >-- *Salu2 ;)*