Problem with ptloader and Novell Edirectory
Klaus Steinberger
Klaus.Steinberger at physik.uni-muenchen.de
Wed May 7 06:23:19 EDT 2008
Hi Wes.
> On 06 May 2008, at 15:51, Klaus Steinberger wrote:
> > I'm using cyrus-imapd-2.3.7-1.1.el5 (Scientific Linux).
>
> That's pretty old, there have been a lot of fixes to the pt & ldap
> code in the intervening 5 or so releases.
Thanks! That solved my problem, i built the SRPM from Fedora 8 now for SL5
(2.3.11-1). Groups are working now. I had to change the ldap_group_filter
from my original question, so now the ldap parameters are the following:
ldap_sasl: 0
ldap_base: ou=Personen,o=physik
ldap_filter: (uid=%u)
ldap_group_base: ou=Gruppen,o=physik
ldap_group_filter: (cn=%u)
ldap_uri: ldap://edir11.physik.uni-muenchen.de
ldap_size_limit: 20
ldap_member_method: filter
ldap_member_filter: (member=%D)
ldap_member_attribute: cn
ldap_member_base: ou=Gruppen,o=physik
ldap_tls_cacert_file: /etc/pki/tls/certs/ca-bundle.crt
pts_module: ldap
ptscache_timeout: 10
ptloader_sock: /var/lib/imap/ptclient/ptsock
This should work as long as no user is member of more than 20 groups. (should
not be the case here, some special groups are outside "ou=Gruppen,o=physik"
and are not counted).
ptdump now shows:
[root at test-imap etc]# /usr/lib/cyrus-imapd/ptdump
user: guinea.pig time: 1210155445 groups: 1
group:campususer
user: klaus.steinberger time: 1210155332 groups: 4
group:pr-adm-verw
group:cipwheel
group:etpgrid
group:rechner
[root at test-imap etc]#
Setting ACL's on groups now works as expected.
Sincerly,
Klaus
--
Klaus Steinberger Beschleunigerlaboratorium
Phone: (+49 89)289 14287 Am Coulombwall 6, D-85748 Garching, Germany
FAX: (+49 89)289 14280 EMail: Klaus.Steinberger at Physik.Uni-Muenchen.DE
URL: http://www.physik.uni-muenchen.de/~Klaus.Steinberger/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2002 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20080507/7bf8f186/attachment.bin
More information about the Info-cyrus
mailing list