search for: rnsmsaclgroup

Hi, I use a post login script for imap, to fetch acl groups from LDAP. Because Dovecot can only deal with a single value, which must be a comma seperated list of groups, I decided to use a post login script do deal with multi values in LDAP: This looks like this in LDAP: rnsMSACLGroup: admin rnsMSACLGroup: automx rnsMSACLGroup: amavis rnsMSACLGroup: postfix rnsMSACLGroup: dovecot rnsMSACLGroup: rspamd rnsMSACLGroup: powerdns rnsMSACLGroup: sogo rnsMSACLGroup: zabbix rnsMSACLGroup: dane-users rnsMSACLGroup: gentoo rnsMSACLGroup: openbsd My post login script looks like this: ---...

...gt; > I use a post login script for imap, to fetch acl groups from LDAP. Because Dovecot can only deal with a single value, which must be a comma seperated list of groups, I decided to use a post login script do deal with multi values in LDAP: > > This looks like this in LDAP: > > rnsMSACLGroup: admin > rnsMSACLGroup: automx > rnsMSACLGroup: amavis > rnsMSACLGroup: postfix > rnsMSACLGroup: dovecot > rnsMSACLGroup: rspamd > rnsMSACLGroup: powerdns > rnsMSACLGroup: sogo > rnsMSACLGroup: zabbix > rnsMSACLGroup: dane-users > rnsMSACLGroup: gentoo > rnsMSACLGro...

.../ldap-auth-userdb.secret" > local base = "ou=people,ou=it,dc=roessner-net,dc=de" > local binddn = "cn=dovecot," .. base > > local cmd = [=[ > /bin/sh -c "ldapsearch -LLL -ZZ -y $bindpwfile -xD $binddn -b $base '(rnsMSDovecotUser=$user)' rnsMSACLGroup | \ > grep rnsMSACLGroup | \ > awk -vORS=, '{ print \$2 }' | \ > sed 's/,$/\n/'" > ]=] > > cmd = cmd:gsub('$(%w+)', { bindpwfile = bindpwfile }) > cmd = cmd:gsub('$(%w+)', { binddn = binddn }) > cmd = cmd:gsub(...

...t;>> local base = "ou=people,ou=it,dc=roessner-net,dc=de" >>> local binddn = "cn=dovecot," .. base >>> >>> local cmd = [=[ >>> /bin/sh -c "ldapsearch -LLL -ZZ -y $bindpwfile -xD $binddn -b $base '(rnsMSDovecotUser=$user)' rnsMSACLGroup | \ >>> grep rnsMSACLGroup | \ >>> awk -vORS=, '{ print \$2 }' | \ >>> sed 's/,$/\n/'" >>> ]=] >>> >>> cmd = cmd:gsub('$(%w+)', { bindpwfile = bindpwfile }) >>> cmd = cmd:gsub('$(%w+)',...

...gt;> local base = "ou=people,ou=it,dc=roessner-net,dc=de" >>> local binddn = "cn=dovecot," .. base >>> >>> local cmd = [=[ >>> /bin/sh -c "ldapsearch -LLL -ZZ -y $bindpwfile -xD $binddn -b $base '(rnsMSDovecotUser=$user)' rnsMSACLGroup | \ >>> grep rnsMSACLGroup | \ >>> awk -vORS=, '{ print \$2 }' | \ >>> sed 's/,$/\n/'" >>> ]=] >>> >>> cmd = cmd:gsub('$(%w+)', { bindpwfile = bindpwfile }) >>> cmd = cmd:gsub('$(%w+)...

...ile = "/etc/dovecot/ldap-auth-userdb.secret" local base = "ou=people,ou=it,dc=roessner-net,dc=de" local binddn = "cn=dovecot," .. base local cmd = [=[ /bin/sh -c "ldapsearch -LLL -ZZ -y $bindpwfile -xD $binddn -b $base '(rnsMSDovecotUser=$user)' rnsMSACLGroup | \ grep rnsMSACLGroup | \ awk -vORS=, '{ print \$2 }' | \ sed 's/,$/\n/'" ]=] cmd = cmd:gsub('$(%w+)', { bindpwfile = bindpwfile }) cmd = cmd:gsub('$(%w+)', { binddn = binddn }) cmd = cmd:gsub('$(%w+)', { base = base }) cmd...

> On 28/08/2019 21:01 R.N.S. via dovecot <dovecot at dovecot.org> wrote: > > > > Am 28.08.2019 um 19:46 schrieb Jakobus Sch?rz via dovecot <dovecot at dovecot.org>: > > > > I think, i had the same problem as you. > > > > When dovecot runs lmtp, no user is logged in, so there is no user from > > which you can get groups. So i think, my

....secret" >> local base = "ou=people,ou=it,dc=roessner-net,dc=de" >> local binddn = "cn=dovecot," .. base >> >> local cmd = [=[ >> /bin/sh -c "ldapsearch -LLL -ZZ -y $bindpwfile -xD $binddn -b $base '(rnsMSDovecotUser=$user)' rnsMSACLGroup | \ >> grep rnsMSACLGroup | \ >> awk -vORS=, '{ print \$2 }' | \ >> sed 's/,$/\n/'" >> ]=] >> >> cmd = cmd:gsub('$(%w+)', { bindpwfile = bindpwfile }) >> cmd = cmd:gsub('$(%w+)', { binddn = binddn }) &...