Displaying 20 results from an estimated 430 matches for "pass_attrs".
2008 Jan 04
3
%d not recognized with LDAP
...ocation: maildir:/var/mail/apps/%d/%n/Maildir
mail_debug: yes
auth default:
passdb:
driver: ldap
args: /usr/local/dovecot/etc/dovecot-ldap.conf
userdb:
driver: static
args: uid=vmail gid=vmail home=/var/mail/apps/%d/%n
Here's the relevant LDAP configuration:
auth_bind = yes
pass_attrs = uid=user
pass_filter = uid=%n
I tried setting the mail_location to: maildir:~/Maildir and explicitly
specifying the full path, but still the Maildir is getting created
with out the %d. Of course, the user is logging in with
"admin at domain.com".
Any ideas?
2014 Jan 25
1
allow_nets + default + ldap
...2.0.2.143/32"
as mentioned in http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets
But if I use an LDAP backend it looks different.
Following http://wiki2.dovecot.org/AuthDatabase/LDAP/AuthBinds and
http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb#Attribute_templates_.28v2.1.29
my pass_attrs looks this:
pass_attrs = =user=%{ldap:uid}, \
=allow_nets=%{ldap:allownets}
Using this syntax I could add an attribute "allownets" in the ldapserver
to limit access for a user.
A problem occour if the attribute is not present. For example if a user
should not be limited or...
2007 Sep 05
2
passdb/userdb args
...nstructions for deliver state a userdb is still required if using
prefetch
userdb ldap {
args = /etc/dovecot/dovecot-ldap.conf
}
userdb prefetch {
}
My dovecot-ldap.conf is pretty simple - the trimmed version is:
hosts = localhost
auth_bind = no
user_attrs = %d/%n=mail
user_filter = (mail=%u)
pass_attrs = (&(userPassword=password)(mail=%u))
user_global_uid = 5000
user_global_gid = 8
I recognize that the pass_attrs is incorrect for a prefetch config - but
I couldn't get it to work. My mail folder structure is
/var/mail/domain/username.
If, under 1.0.3, I can't use the %d/%n variabl...
2014 Sep 01
2
Escape comma in the LDAP passdb subquery configuration
Hi
I have to configure the LDAP passdb to execute a subquery defining
dinamically the new DN to use.
For example:
pass_attrs = @mail=mail=%{login_user},dc=%{login_domain},dc=example,dc=com,\
=proxy=y,\
=host=%{ldap:mailHost at mail}
In the previous example, the problem is the use of "," for DN
representation, which is also the separator for the attribute template
in the pass_attr par...
2017 Jun 02
3
Two domains - same user names filter
...f the user names are equal.
Is it possible to use a user_filter which will choose the correct maildir
and user/domain from the email address?
My current ldap.conf for domain1:
hosts = ldap.domain1.com
base = ou=People,dc=domain1,dc=com
ldap_version = 3
user_attrs = uid=user
user_filter = (uid=%n)
pass_attrs = uid=user,userPassword=password
pass_filter = (uid=%n)
default_pass_scheme = MD5
and for domain2:
hosts = ldap.domain2.com
base = ou=People,dc=domain2,dc=com
ldap_version = 3
user_attrs = \
=mail=maildir:/home/vmail/%{ldap:departmentNumber)/%n/Maildir
user_filter = (uid=%n)
pass_attrs = uid=%...
2015 Jun 29
2
LDAP default value variable interpolation
I'm wondering if there is a way I can dynamically generate an LDAP default
value by using variables.
I have a configuration that works something like this on my front end proxy:
pass_attrs = mail=user,\
=nopassword=y,\
=proxy=y,\
=host=mail.%d
The above works perfectly well even though it seems a bit hack.
I want to fetch the host field from LDAP and default it to "mail.%d" if the
attribute isn't populated for the user.
I have tried the following :
pass_attrs...
2019 May 08
2
Dovecot not surviving OpenLDAP restart
Hi!
Running Dovecot 2.2.36 and authenticating against
an OpenLDAP 2.4.45 server.
Now since some update of dovecot it will not be able to authenticate
your logins after a restart of the LDAP service is restarted
without a reboot of the dovecot server.
Anything new here that I should be aware of?
Best Regards
Dag
2007 Nov 23
3
dovecot with ldap and allow_nets
Hi,
I'm using dovecot on debian etch:
||/ Name Version
ii dovecot-common 1.0.rc15-2etch1
ii dovecot-imapd 1.0.rc15-2etch1
ii dovecot-pop3d 1.0.rc15-2etch1
# dovecot --version
1.0.rc15
Now here is my question.
Some of the mail users may only login from the LAN, while others can
login from the LAN and the internet.
I've read about
2007 Nov 21
2
Ldap Proxy
...ith a user in a
"passwd-file", but not ldap directory. Here is part my "args" file on the
passdb ldap stanza:
base = dc=example,dc=com
auth_bind = yes
pass_filter =
(&(objectClass=BCMailAccount)(BCMailEnable=true)(BCMailDovecotEnable=true)(uid=%u)(BCMailDovecotProxyHost=*))
pass_attrs = uid=user,proxy,BCMailDovecotProxyHost=host
I've turned on auth_verbose, debug, etc and still can't figure out why it
wont proxy. Ive tried adding user_attrs (the same as the pass attrs). I've
even just put nologin in the pass_attrs but the user is still able to login,
its like that...
2007 Jan 11
1
Configuring Dovecot for use with Active Directory
...ral Office,dc=<DOMAIN>,dc=local
dnpass = <>PASSWORD
#sasl_bind = no
#sasl_mech =
#sasl_realm =
#sasl_authz_id =
auth_bind = yes
#auth_bind_userdn =
ldap_version = 3
base = dc=<DOMAIN>, dc=local
deref = never
scope = subtree
#user_filter = (&(objectClass=posixAccount)(uid=%u))
#pass_attrs = uid=user,userPassword=password
#pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid
#pass_filter = (&(objectClass=posixAccount)(uid=%u))
#default_pass_scheme = CRYPT
user_global_uid = 101
user_global_gid = 101
Your help is appreciat...
2007 Feb 22
1
Final LDAP issues
Hi all,
I'm in my final steps with my testing server using rc23 in a x86 RHEL4
machine.
Everything is working quite well, but still are some LDAP related issues I'd
like to clarify:
- I'm using auth_bind and auth_bind_userdn. So pass_filter isn't used, and
pass_attrs are never searched. Is this true or am I missing something?
- Is there a choice for the userdb bind/queries to be done using the user
supplied dn -the one used for passdb-? I would like to access some non-public
attributes, but I've had no luck until now. If I use the same
dovecot-ldap.conf...
2010 Jun 26
2
dovecot ldap search result ordering?
I use openLDAP as dovecot pass/user db.
here is main part of dovecot-ldap.conf:
pass_attrs = mail=user, uid=userdb_home=/home/xadmin/%d/%$,userPassword=password
pass_filter = (&(objectClass=posixAccount)(uid=%u))
default_pass_scheme = SSHA
user_attrs = mail=user, uid=home=/home/xadmin/%d/%$
user_filter = (&(objectClass=posixAccount)(|(mail=%u)(mailAlias=%u)))
It works fine, but...
2016 Oct 24
2
Problem to configure dovecot-ldap.conf.ext
...penLDAP with debugging enabled
# to get enough output.
#debug_level = 0
# Use authentication binding for verifying password's validity. This works by
# logging into LDAP server using the username and password given by client.
# The pass_filter is used to find the DN for the user. Note that the pass_attrs
# is still used, only the password field is ignored in it. Before doing any
# search, the binding is switched back to the default DN.
auth_bind = yes
# If authentication binding is used, you can save one LDAP request per login
# if users' DN can be specified with a common template. The templat...
2010 Aug 30
1
Passdb filter question - LDAP.
...ldap-passdb.conf
}
userdb prefetch {
}
# The userdb below is used only by deliver.
userdb ldap {
args = /etc/dovecot/dovecot-ldap-userdb.conf
}
-----
----- dovecot-ldap-passdb.conf
search base is dc=example,dc=org
pass_filter = (&(objectclass=brPerson)(objectclass=inetOrgPerson)(mail=%u))
pass_attrs = userPassword=password,%u=user
-----
----- dovecot-ldap-userdb.conf
search base is ou=%d,ou=mail,ou=services,dc=example,dc=org
user_filter = (&(objectclass=nisMailAlias)(cn=%n))
user_attrs =
rfc822MailMember=user,EmailQuota=quota_rule=*:storage=%$M
-----
Here is how the LDAP tree is:...
2007 Nov 26
4
dovecot imap hangs
...logged in user. Normally you want to keep this empty.
#sasl_authz_id =
# Use authentication binding for verifying password's validity. This works by
# logging into LDAP server using the username and password given by client.
# The pass_filter is used to find the DN for the user. Note that the pass_attrs
# is still used, only the password field is ignored in it. Before doing any
# search, the binding is switched back to the default DN.
auth_bind = yes
# If authentication binding is used, you can save one LDAP request per login
# if users' DN can be specified with a common template. The templat...
2008 Jul 04
2
Different PROXY for IMAP and POP3 using LDAP-auth
...Ls.conf
}
userdb ldap {
args = /usr/local/etc/dovecot-ldap-%Ls.conf
}
With results in dovecot not starting with error message:
Can't open configuration file /usr/local/etc/dovecot-ldap-%Ls.conf:
No such file or directory
So %Ls was not replaced.
2) Variable in pass_attrs
[dovecot-ldap.conf]
pass_attrs = \
uid=user,userPassword=password,homeDirectory=userdb_home,\
uidNumber=userdb_uid,gidNumber=userdb_gid,\
dovecotProxy%Ls=proxy,dovecotHost%Ls=host,dovecotPort%Ls=port
With results in this LDAP server log entries:
SRCH attr=uid...
2012 Jan 11
3
proxy, managesieve and ssl?
Hello,
On a dovecot 2.0.14 proxy, I found that proxying managesieve works well
when using 'starttls' option in pass_attrs, but does not work when using
'ssl' option. The backend server is also dovecot 2.0.14; when using the
ssl option, it reports "no auth attempts" in the logs about
managesieve-login, and meanwhile the MUA, Thunderbird with sieve plugin,
reports [TRYLATER] account is temporary di...
2008 Jun 07
0
question: auth_bind and userdb
...39;m converting from courier imap, and want to bring a special problem
to your attention:
I would like to use auth_bind and prefetch, b/c due to data security
restriction the user information is only visible to the user himself.
From http://wiki.dovecot.org/AuthDatabase/LDAP I found out that
pass_attrs only works if no userdn template is set. But when unsetting
userdn, dovecot-auth still tries to find the information from
pass_attrs before binding.
I'm no coding expert so here is my question:
would it be possible to make pass_attrs work with userdn?
If yes, even prefetch would work.
rig...
2015 Jun 23
2
a temporary failure
...only configure ldap backed, nothing
>>>> else. Ldap works, I can query it without failling.
>>>> I believe it's very simple set up but I must be wrong somewhere.
>>>>
>>>> pass_filter = (&(objectClass=posixAccount)(uid=%n))
>>>> pass_attrs = uid=user=%n,userPassword=password
>>
>> Use either uid=user oder =user=%n but not uid=user=%n. I would use
>> uid=user, so the user cannot specify the case of the username.
>>
>>>> user_attrs =
>>>> =home=/var/spool/mail/%d/%n,=mail=maildir:/var...
2017 Jun 02
1
Two domains - same user names filter
...e a user_filter which will choose the correct maildir
> and user/domain from the email address?
>
> My current ldap.conf for domain1:
>
> hosts = ldap.domain1.com
> base = ou=People,dc=domain1,dc=com
> ldap_version = 3
> user_attrs = uid=user
> user_filter = (uid=%n)
> pass_attrs = uid=user,userPassword=password
> pass_filter = (uid=%n)
> default_pass_scheme = MD5
>
> and for domain2:
> hosts = ldap.domain2.com
> base = ou=People,dc=domain2,dc=com
> ldap_version = 3
> user_attrs = \
> =mail=maildir:/home/vmail/%{ldap:departmentNumber)/%n/Maildi...