search for: pass_attrs

...ocation: maildir:/var/mail/apps/%d/%n/Maildir mail_debug: yes auth default: passdb: driver: ldap args: /usr/local/dovecot/etc/dovecot-ldap.conf userdb: driver: static args: uid=vmail gid=vmail home=/var/mail/apps/%d/%n Here's the relevant LDAP configuration: auth_bind = yes pass_attrs = uid=user pass_filter = uid=%n I tried setting the mail_location to: maildir:~/Maildir and explicitly specifying the full path, but still the Maildir is getting created with out the %d. Of course, the user is logging in with "admin at domain.com". Any ideas?

...2.0.2.143/32" as mentioned in http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets But if I use an LDAP backend it looks different. Following http://wiki2.dovecot.org/AuthDatabase/LDAP/AuthBinds and http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb#Attribute_templates_.28v2.1.29 my pass_attrs looks this: pass_attrs = =user=%{ldap:uid}, \ =allow_nets=%{ldap:allownets} Using this syntax I could add an attribute "allownets" in the ldapserver to limit access for a user. A problem occour if the attribute is not present. For example if a user should not be limited or...

...nstructions for deliver state a userdb is still required if using prefetch userdb ldap { args = /etc/dovecot/dovecot-ldap.conf } userdb prefetch { } My dovecot-ldap.conf is pretty simple - the trimmed version is: hosts = localhost auth_bind = no user_attrs = %d/%n=mail user_filter = (mail=%u) pass_attrs = (&(userPassword=password)(mail=%u)) user_global_uid = 5000 user_global_gid = 8 I recognize that the pass_attrs is incorrect for a prefetch config - but I couldn't get it to work. My mail folder structure is /var/mail/domain/username. If, under 1.0.3, I can't use the %d/%n variabl...

Hi I have to configure the LDAP passdb to execute a subquery defining dinamically the new DN to use. For example: pass_attrs = @mail=mail=%{login_user},dc=%{login_domain},dc=example,dc=com,\ =proxy=y,\ =host=%{ldap:mailHost at mail} In the previous example, the problem is the use of "," for DN representation, which is also the separator for the attribute template in the pass_attr par...

...f the user names are equal. Is it possible to use a user_filter which will choose the correct maildir and user/domain from the email address? My current ldap.conf for domain1: hosts = ldap.domain1.com base = ou=People,dc=domain1,dc=com ldap_version = 3 user_attrs = uid=user user_filter = (uid=%n) pass_attrs = uid=user,userPassword=password pass_filter = (uid=%n) default_pass_scheme = MD5 and for domain2: hosts = ldap.domain2.com base = ou=People,dc=domain2,dc=com ldap_version = 3 user_attrs = \ =mail=maildir:/home/vmail/%{ldap:departmentNumber)/%n/Maildir user_filter = (uid=%n) pass_attrs = uid=%...

I'm wondering if there is a way I can dynamically generate an LDAP default value by using variables. I have a configuration that works something like this on my front end proxy: pass_attrs = mail=user,\ =nopassword=y,\ =proxy=y,\ =host=mail.%d The above works perfectly well even though it seems a bit hack. I want to fetch the host field from LDAP and default it to "mail.%d" if the attribute isn't populated for the user. I have tried the following : pass_attrs...

Hi! Running Dovecot 2.2.36 and authenticating against an OpenLDAP 2.4.45 server. Now since some update of dovecot it will not be able to authenticate your logins after a restart of the LDAP service is restarted without a reboot of the dovecot server. Anything new here that I should be aware of? Best Regards Dag

Hi, I'm using dovecot on debian etch: ||/ Name Version ii dovecot-common 1.0.rc15-2etch1 ii dovecot-imapd 1.0.rc15-2etch1 ii dovecot-pop3d 1.0.rc15-2etch1 # dovecot --version 1.0.rc15 Now here is my question. Some of the mail users may only login from the LAN, while others can login from the LAN and the internet. I've read about

...ith a user in a "passwd-file", but not ldap directory. Here is part my "args" file on the passdb ldap stanza: base = dc=example,dc=com auth_bind = yes pass_filter = (&(objectClass=BCMailAccount)(BCMailEnable=true)(BCMailDovecotEnable=true)(uid=%u)(BCMailDovecotProxyHost=*)) pass_attrs = uid=user,proxy,BCMailDovecotProxyHost=host I've turned on auth_verbose, debug, etc and still can't figure out why it wont proxy. Ive tried adding user_attrs (the same as the pass attrs). I've even just put nologin in the pass_attrs but the user is still able to login, its like that...

...ral Office,dc=<DOMAIN>,dc=local dnpass = <>PASSWORD #sasl_bind = no #sasl_mech = #sasl_realm = #sasl_authz_id = auth_bind = yes #auth_bind_userdn = ldap_version = 3 base = dc=<DOMAIN>, dc=local deref = never scope = subtree #user_filter = (&(objectClass=posixAccount)(uid=%u)) #pass_attrs = uid=user,userPassword=password #pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid #pass_filter = (&(objectClass=posixAccount)(uid=%u)) #default_pass_scheme = CRYPT user_global_uid = 101 user_global_gid = 101 Your help is appreciat...

Hi all, I'm in my final steps with my testing server using rc23 in a x86 RHEL4 machine. Everything is working quite well, but still are some LDAP related issues I'd like to clarify: - I'm using auth_bind and auth_bind_userdn. So pass_filter isn't used, and pass_attrs are never searched. Is this true or am I missing something? - Is there a choice for the userdb bind/queries to be done using the user supplied dn -the one used for passdb-? I would like to access some non-public attributes, but I've had no luck until now. If I use the same dovecot-ldap.conf...

I use openLDAP as dovecot pass/user db. here is main part of dovecot-ldap.conf: pass_attrs = mail=user, uid=userdb_home=/home/xadmin/%d/%$,userPassword=password pass_filter = (&(objectClass=posixAccount)(uid=%u)) default_pass_scheme = SSHA user_attrs = mail=user, uid=home=/home/xadmin/%d/%$ user_filter = (&(objectClass=posixAccount)(|(mail=%u)(mailAlias=%u))) It works fine, but...

...penLDAP with debugging enabled # to get enough output. #debug_level = 0 # Use authentication binding for verifying password's validity. This works by # logging into LDAP server using the username and password given by client. # The pass_filter is used to find the DN for the user. Note that the pass_attrs # is still used, only the password field is ignored in it. Before doing any # search, the binding is switched back to the default DN. auth_bind = yes # If authentication binding is used, you can save one LDAP request per login # if users' DN can be specified with a common template. The templat...

...ldap-passdb.conf } userdb prefetch { } # The userdb below is used only by deliver. userdb ldap { args = /etc/dovecot/dovecot-ldap-userdb.conf } ----- ----- dovecot-ldap-passdb.conf search base is dc=example,dc=org pass_filter = (&(objectclass=brPerson)(objectclass=inetOrgPerson)(mail=%u)) pass_attrs = userPassword=password,%u=user ----- ----- dovecot-ldap-userdb.conf search base is ou=%d,ou=mail,ou=services,dc=example,dc=org user_filter = (&(objectclass=nisMailAlias)(cn=%n)) user_attrs = rfc822MailMember=user,EmailQuota=quota_rule=*:storage=%$M ----- Here is how the LDAP tree is:...

...logged in user. Normally you want to keep this empty. #sasl_authz_id = # Use authentication binding for verifying password's validity. This works by # logging into LDAP server using the username and password given by client. # The pass_filter is used to find the DN for the user. Note that the pass_attrs # is still used, only the password field is ignored in it. Before doing any # search, the binding is switched back to the default DN. auth_bind = yes # If authentication binding is used, you can save one LDAP request per login # if users' DN can be specified with a common template. The templat...

...Ls.conf } userdb ldap { args = /usr/local/etc/dovecot-ldap-%Ls.conf } With results in dovecot not starting with error message: Can't open configuration file /usr/local/etc/dovecot-ldap-%Ls.conf: No such file or directory So %Ls was not replaced. 2) Variable in pass_attrs [dovecot-ldap.conf] pass_attrs = \ uid=user,userPassword=password,homeDirectory=userdb_home,\ uidNumber=userdb_uid,gidNumber=userdb_gid,\ dovecotProxy%Ls=proxy,dovecotHost%Ls=host,dovecotPort%Ls=port With results in this LDAP server log entries: SRCH attr=uid...

Hello, On a dovecot 2.0.14 proxy, I found that proxying managesieve works well when using 'starttls' option in pass_attrs, but does not work when using 'ssl' option. The backend server is also dovecot 2.0.14; when using the ssl option, it reports "no auth attempts" in the logs about managesieve-login, and meanwhile the MUA, Thunderbird with sieve plugin, reports [TRYLATER] account is temporary di...

...39;m converting from courier imap, and want to bring a special problem to your attention: I would like to use auth_bind and prefetch, b/c due to data security restriction the user information is only visible to the user himself. From http://wiki.dovecot.org/AuthDatabase/LDAP I found out that pass_attrs only works if no userdn template is set. But when unsetting userdn, dovecot-auth still tries to find the information from pass_attrs before binding. I'm no coding expert so here is my question: would it be possible to make pass_attrs work with userdn? If yes, even prefetch would work. rig...

...only configure ldap backed, nothing >>>> else. Ldap works, I can query it without failling. >>>> I believe it's very simple set up but I must be wrong somewhere. >>>> >>>> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >>>> pass_attrs = uid=user=%n,userPassword=password >> >> Use either uid=user oder =user=%n but not uid=user=%n. I would use >> uid=user, so the user cannot specify the case of the username. >> >>>> user_attrs = >>>> =home=/var/spool/mail/%d/%n,=mail=maildir:/var...

...e a user_filter which will choose the correct maildir > and user/domain from the email address? > > My current ldap.conf for domain1: > > hosts = ldap.domain1.com > base = ou=People,dc=domain1,dc=com > ldap_version = 3 > user_attrs = uid=user > user_filter = (uid=%n) > pass_attrs = uid=user,userPassword=password > pass_filter = (uid=%n) > default_pass_scheme = MD5 > > and for domain2: > hosts = ldap.domain2.com > base = ou=People,dc=domain2,dc=com > ldap_version = 3 > user_attrs = \ > =mail=maildir:/home/vmail/%{ldap:departmentNumber)/%n/Maildi...