Displaying 3 results from an estimated 3 matches for "userfilt".
Did you mean:
userfile
2018 Jun 08
0
GSSAPI vs group check
...ps.
Our config:
auth_gssapi_hostname = <our servers hostname>
auth_krb5_keytab = <path to our dovecot keytab>
auth_mechanisms = plain login gssapi
passdb {
# contains passfilter for LDAP
args = /<...>/dovecot-ldap-passdb.conf.ext
driver = ldap
}
userdb {
# contains userfilter for LDAP
args = /<...>/dovecot-ldap-userdb.conf.ext
driver = ldap
}
The filters look like these:
passfilter =
(&(objectclass=posixAccount)(cn=%u)(memberof=CN=example-pass-group,OU=example-ou,DC=example-domain,DC=net))
userfilter =
(&(objectclass=posixAccount)(cn=%u)(member...
2018 Jun 01
2
GSSAPI vs group check
Dear All,
Is it possible to make any authorization (eg. checking of group
membership) in case of GSSAPI authentication?
Our dovecot authenticates the users against PAM and GSSAPI. In the PAM
file I'm able to check if a user is a member of a selected (e.g
mailreader) group. If the user is member, he can login otherwise not
(see below). If the user has a valid Kerberos ticket and he
2016 Feb 29
6
Timout for LDAP connection
...tion:
# 2.2.devel (2d8f665): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.devel (0de2a19)
# OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.3
uris = ldaps://LDAP-SERVER
dn = BINDDN
dnpass = BINDPASS
auth_bind = yes
ldap_version = 3
base = BASEDN
scope = subtree
user_attrs= ATTRIBUTES
user_filter = USERFILTER
pass_filter = PASSFILTER
iterate_filter = ITERATEFILTER
Best regards,
Gordon
--
Technischer Leiter & stellv. Direktor
Universit?tsrechenzentrum (URZ)
E.-M.-Arndt-Universit?t Greifswald
Felix-Hausdorff-Str. 12
17489 Greifswald
Germany
Tel. +49 3834 86 1456
Fax. +49 3834 86 1401