How to restrict pop/imap access by user/group names
former03 | Baltasar Cevc
baltasar.cevc at former03.de
Tue Aug 15 19:21:35 EDT 2006
Hi Kai,
On 15.08.2006, at 19:11, Kai Wang wrote:
> Thanks, Baltasar . I understood the main idea. Currently we use one
> imapd.conf file. We configured cyrus -> saslauthd -> pam -> (cas) ldap
> to do authentication. We want to use pam.cas but haven't tested it
> yet. We can not do a select statement. Do you have any idea about
> this?
Using that setup I don't think you can achieve what you want. You need
some point where you can fetch that information and saslauthd is a
single instance which will always produce the same SASL result for the
same user/password combination. Even if you could work around that
(using multiple instances), you'd have to configure different PAM
services to pass on the information.
So the way you should go is to check whether hte ldap auxprop plugin
gives you some mechnism to restrict answers.
Baltasar
--
Baltasar Cevc
_____ former 03 gmbh
_____ infanteriestraße 19 haus 6 eg
_____ D-80797 muenchen
_____ http://www.former03.de
More information about the Info-cyrus
mailing list