saslauthd filter

Igor Brezac igor at
Mon Aug 16 12:46:28 EDT 2004

On Mon, 16 Aug 2004, Adi Linden wrote:

> Hi,
> I am using saslauthd to control access to a mail server running SMATP
> AUTH. Can I check for the existance or lack of existance of a ldap
> attribute using saslauthd?
> Here is what I have in /etc/saslauthd.conf now:
> ldap_auth_method: bind
> ldap_servers: ldap://
> ldap_search_base: ou=people,dc=example,dc=ca
> ldap_use_sasl: no

> ldap_method: simple
This is an invalid param

> If I add a line such as:
> ldap_filter: myNewUser=true

You need to use
ldap_filter: (&(uid=%u)(myNewUser=true))

> I would have expected the authentication to succeed if the user has the
> myNewUser attribute set to true. That doesn't work, that's my first
> problem. The second problem is that once this is working I need to invert
> the meaning in the sense that users with myNewUser=true should not
> authenticate...

ldap_filter: (&(uid=%u)(!(myNewUser=true)))

Cyrus Home Page:
Cyrus Wiki/FAQ:
List Archives/Info:

More information about the Info-cyrus mailing list