username with '@' : works but weird...
Joel CARNAT
joel at carnat.net
Wed Feb 15 10:04:25 EST 2006
Hi,
I want my user to log with their email addresse (eg, jo at here.com).
All my users are stored in LDAP (OpenLDAP) -
"mail=jo at here.com,ou=...,dc=here,dc=com".
It's working - aka I can authenticate a real user.
But, as the "admins: cyrus", I have to have an LDAP entry set like
"mail=cyrus@,dc=here,dc=com" with the password. This looks not nice to
me so I think maybe my whole cyrus conf is not clean - working but not
the "right" way.
To have a working conf, I did :
# egrep -v '^$|^#' /etc/default/saslauthd
START=yes
MECHANISMS="ldap"
# cat /etc/saslauthd.conf
ldap_servers: ldap://localhost/
ldap_search_base: dc=here,dc=com
ldap_bind_dn: cn=Manager,dc=here,dc=com
ldap_bind_pw: secret
#ldap_filter: mail=%u
ldap_filter: mail=%u@%d
ldap_version: 3
# egrep -v '^$|^#' /etc/imapd.conf
configdirectory: /var/lib/cyrus
defaultpartition: default
partition-default: /var/spool/cyrus/mail
partition-news: /var/spool/cyrus/news
newsspool: /var/spool/news
altnamespace: no
unixhierarchysep: yes
lmtp_downcase_rcpt: yes
admins: cyrus
allowanonymouslogin: no
popminpoll: 1
autocreatequota: 0
umask: 077
sieveusehomedir: false
sievedir: /var/spool/sieve
hashimapspool: true
allowplaintext: yes
sasl_mech_list: PLAIN
loginrealms: here.com
sasl_pwcheck_method: saslauthd
sasl_auto_transition: no
tls_ca_path: /etc/ssl/certs
tls_session_timeout: 1440
tls_cipher_list: TLSv1+HIGH:!aNULL:@STRENGTH
If I set :
##########
virtdomains: yes
defaultdomain: here.com
##########
what I want to end with is:
1. as much as possible in LDAP
2. loggin with user at domain.tld
3. most of the email will be user at here.com
4. cyrus admin be "cyrus" (or whatever that does not look like a email
address. using "ldap_filter: (|(mail=%U@%d)(ou=%U))" does what I want
although I'm nearly sure it's not "the clean way" to go.
seems to make sense ?
what's the part of my conf to modify ?
thanks for help,
Jo
--
,- This mail runs ------.
`--------- NetBSD/smtp -'
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : https://lists.andrew.cmu.edu/mailman/private/info-cyrus/attachments/20060215/19587ccd/attachment.bin
More information about the Info-cyrus
mailing list