Re: ldap lookup with different search_base's? [auf Viren überprüft]
Hans Moser
hans.moser at ofd-sth.niedersachsen.de
Thu Jan 4 05:18:53 EST 2007
Andreas Winkelmann schrieb:
> Hmm, you can use ldapdb. Then you can specify multiple authz-regexp In
> slapd.conf. Seperate them somehow in the Matching-Pattern.
That's what I would recommend too.
> I havn't tested this, but I think it's a try worth.
It works.
Slapd converts the the SASL uid for u. Create a general regexp for the
user, which points to something like cn=$1,ou=users,dc=mailservices
and a special regexp for uid admin (or cyrus ...), which points to
cn=admin,dc=mailservices.
>> What do I have to enter at "admins" in /etc/imapd.conf?
Something that matches your special regexp. In my following example it
is cyrus.
I.e. <snip>
authz-regexp uid=cyrus,cn=[^,]*,cn=auth
dn:cn=admin,dc=mailservices
authz-regexp uid=([^,]*),cn=[^,]*,cn=auth
dn.regex:cn=$1,ou=users,dc=mailservices
<snap>
Ask man slap.conf for "authz-policy" and "authz-regexp". And man
slapd.access.
Hans
More information about the Info-cyrus
mailing list