Am 13.11.2012 14:56, schrieb Marco Gatti: > 2012/11/13 Robert Schetterer <r...@sys4.de>: >> Am 13.11.2012 11:35, schrieb Marco Gatti: >>> Hi, I was looking for a particular case of dovecot configuration I >>> cannot find anywhere. >>> Is there a way dovecot can authenticate via ldap different windows >>> 2008 AD users that have access to the same e-mail account (like user >>> authorization in ms exchange)? >>> For example I want to extend AD schema to let users have 10 email >>> accounts (with multiple domain support). If they are private accounts >>> I think there is no problem at all. But if I want two or more users to >>> access the same mail account what happens? Can I do it with dovecot? >>> Or should I create AD groups and add members to that, to let user >>> access the same mail account? >>> Cheers >>> >> >> there may more ways to goal this, for short looking one, way is >> described here >> >> http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm >> >> using ldap might be better >> >> look i.e >> >> http://blog.al-shami.net/2008/05/freebsd-postfix-dovecot-and-active-directory/ >> http://www.howtoforge.com/postfix-dovecot-authentication-against-active-directory-on-centos-5.x >> >> >> for ideas >> >> Best Regards >> MfG Robert Schetterer >> >> -- >> [*] sys4 AG >> >> http://sys4.de, +49 (89) 30 90 46 64 >> Franziskanerstraße 15, 81669 München >> >> Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 >> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >> Aufsichtsratsvorsitzender: Joerg Heidrich > > > Thank you Robert for the quick reply. > I'm aware of the links you sent me, however they don't give me a clue > if what I was asking may me done. > I'll try to give more details. > I have to build a multiple domain mail server with the use of windows > AD authentication. > I've managed to add some extra filed in the AD schema like this: > > mail1: accou...@example1.com > box1: /example1.com/account1/ > enabled1: TRUE > quota1: 1000000 > > mail2: accou...@example2.com > box2: /example2.com/account2/ > enabled2: TRUE > quota2: 1000000 > > There could be 10 or 50 of them for each AD user. > If I use NTLM or PAM authentication (after joining the AD) I have to > use AD usernames to login with dovecot and I don't know how then to > deal with different email addresses configured per user. > If I use LDAP lookup I have to use the email address as username but > then if different AD users have to access the same email account how > dovecot can manage it??? > For example the LDAP configuration for user and password lookup may be > something like this: > > user_attrs = sAMAccountName=mail=maildir:/var/mail/%d/%n,=uid=102,=gid=10050 > user_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) > (&(mail2=%u)(enabled2=TRUE)))) > pass_attrs = userPassword=password > pass_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) > (&(mail2=%u)(enabled2=TRUE)))) > > I think I may be missing something important in how dovecot works, but > cannot find any documentation about it. > Regards >
hm thats complex, however i would not recommand trying change exchange/active dir schemas however the only reason i can think of for what you want is using dovecot as proxy? so what about this ? http://wiki2.dovecot.org/HowTo/ImapcProxy http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy http://wiki2.dovecot.org/Director Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich
