ptloader and ldap_member_method: filter problem
Sava Chankov
sava at blueboard.biz
Wed Jul 27 13:06:00 EDT 2005
Hi,
I'm using cyrus-imapd-2.2.12 with ptloader patch from Igor Brezac that fixes the
SASL authz bug. Groups are read from LDAP by ptloader properly, but group
authorization doesn't work with this configuration:
virtdomains: yes
ldap_version: 3
ldap_sasl: 0
ldap_size_limit: 500
ldap_bind_dn: uid=proxy_user,o=ControlPanel
ldap_base: ou=People,ou=%d,o=ControlPanel
ldap_filter: uid=%U
ldap_group_base: ou=Group,ou=%d,o=ControlPanel
ldap_group_filter: cn=%U
ldap_member_method: filter
ldap_member_base: ou=Group,ou=%d,o=ControlPanel
ldap_member_attribute: cn
A little example - user mincho at dve.bg is member of groups punk and
ordinary_user. When the domain admin creates a shared folder named "test" and
assigns read right to group punk with the command
sam test group:punk at dve.bg read
the result is that user mincho at dve.bg doesn't see the shared folder. ptdump
output is:
user: group:punk at dve.bg time: 1122481905 groups: 0
user: mincho at dve.bg time: 1122481327 groups: 2
ordinary_user
punk
--
Sava Chankov
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list