2012/11/13 Robert Schetterer <r...@sys4.de>: > Am 13.11.2012 14:56, schrieb Marco Gatti: >> 2012/11/13 Robert Schetterer <r...@sys4.de>: >>> Am 13.11.2012 11:35, schrieb Marco Gatti: >>>> Hi, I was looking for a particular case of dovecot configuration I >>>> cannot find anywhere. >>>> Is there a way dovecot can authenticate via ldap different windows >>>> 2008 AD users that have access to the same e-mail account (like user >>>> authorization in ms exchange)? >>>> For example I want to extend AD schema to let users have 10 email >>>> accounts (with multiple domain support). If they are private accounts >>>> I think there is no problem at all. But if I want two or more users to >>>> access the same mail account what happens? Can I do it with dovecot? >>>> Or should I create AD groups and add members to that, to let user >>>> access the same mail account? >>>> Cheers >>>> >>> >>> there may more ways to goal this, for short looking one, way is >>> described here >>> >>> http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm >>> >>> using ldap might be better >>> >>> look i.e >>> >>> http://blog.al-shami.net/2008/05/freebsd-postfix-dovecot-and-active-directory/ >>> http://www.howtoforge.com/postfix-dovecot-authentication-against-active-directory-on-centos-5.x >>> >>> >>> for ideas >>> >>> Best Regards >>> MfG Robert Schetterer >>> >>> -- >>> [*] sys4 AG >>> >>> http://sys4.de, +49 (89) 30 90 46 64 >>> Franziskanerstraße 15, 81669 München >>> >>> Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 >>> Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer >>> Aufsichtsratsvorsitzender: Joerg Heidrich >> >> >> Thank you Robert for the quick reply. >> I'm aware of the links you sent me, however they don't give me a clue >> if what I was asking may me done. >> I'll try to give more details. >> I have to build a multiple domain mail server with the use of windows >> AD authentication. >> I've managed to add some extra filed in the AD schema like this: >> >> mail1: accou...@example1.com >> box1: /example1.com/account1/ >> enabled1: TRUE >> quota1: 1000000 >> >> mail2: accou...@example2.com >> box2: /example2.com/account2/ >> enabled2: TRUE >> quota2: 1000000 >> >> There could be 10 or 50 of them for each AD user. >> If I use NTLM or PAM authentication (after joining the AD) I have to >> use AD usernames to login with dovecot and I don't know how then to >> deal with different email addresses configured per user. >> If I use LDAP lookup I have to use the email address as username but >> then if different AD users have to access the same email account how >> dovecot can manage it??? >> For example the LDAP configuration for user and password lookup may be >> something like this: >> >> user_attrs = sAMAccountName=mail=maildir:/var/mail/%d/%n,=uid=102,=gid=10050 >> user_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) >> (&(mail2=%u)(enabled2=TRUE)))) >> pass_attrs = userPassword=password >> pass_filter = (&(objectClass=person)(|(&(mail1=%u)(enabled1=TRUE)) >> (&(mail2=%u)(enabled2=TRUE)))) >> >> I think I may be missing something important in how dovecot works, but >> cannot find any documentation about it. >> Regards >> > > hm thats complex, however i would not > recommand trying change exchange/active dir schemas > however the only reason i can think of for what you want is using > dovecot as proxy? > > so what about this ? > > http://wiki2.dovecot.org/HowTo/ImapcProxy > http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/Proxy > http://wiki2.dovecot.org/Director
Hmm I don't know honestly. I'll give it a try. -- Marco
