basing user's mailbox name on different ldap attribute than authentication id

Hal Deadman hal.deadman at gmail.com
Tue Nov 11 12:24:04 EST 2008


I am working with a custom java webmail application that accesses Cyrus imap
configured with sasl/pam_ldap for authentication. The user's login names for
the webmail client are based on the ldap cn attribute but the mailboxes in
Cyrus are based on the ldap mailNickname attribute. The webmail client
passes the mailNickname attribute as the username when it authenticates to
Cyrus.

example:
cn=john.smithmailNickname=ea9d92f15f608c44a7b4fdccf3f02bc5

I am introducing SSO via  JA-SIG CAS and pam-cas. I would like to
authenticate to IMAP using the cn (since that's what pam-cas will get when
it validates the CAS service ticket) but I still want the mailboxes to be
based on the mailNickname attribute.

Is there a way to have the user's mailbox be based on a different ldap
attribute than their authentication id?


Thanks for any pointers.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20081111/f2803988/attachment.html 


More information about the Info-cyrus mailing list