[patch]saslauthd+ldap+virtual_domains
Igor Brezac
igor at ipass.net
Mon Oct 14 15:20:25 EDT 2002
On Mon, 14 Oct 2002, Kervin L. Pierre wrote:
>
> Hi,
>
> attached is a patch to cyrus/saslauthd/lak.c to allow it to expand '%d'
> macro in ldap_search_base option to the domain context derived from the
> realm '%r'.
>
> eg.
>
> ldap_search_base: ou=people, %d
> in saslauthd.conf
>
> if realm is 'domain.tld', the ldap search base will expand to
> 'ou=people,dc=domain,dc=tld'
>
> Does imapd always provide the realm in a virtual server environment when
> authenticating users? Is it safe to assume that the realm is
> 'domain.tld' or more specifically the domain given to mkimap script?
>
> Is this correct/incorrect/unnecessary?
>
In most cases an organization will have one realm. Realms should not be
confused with domains. In virtual domain setup, %u will look like
username at domain.tld and unless you setup a realm, %r will be blank. So,
%d is not necessary in this case.
--
Igor
More information about the Info-cyrus
mailing list