Le 31/10/2013 10:42, Achim Gottinger a écrit :
Am 30.10.2013 21:17, schrieb m...@electronico.nc:
Hello and thanks for your answer.
Le 30/10/2013 19:32, Steffen Kaiser a écrit :
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 30 Oct 2013, m...@electronico.nc wrote:
passdb {
args = /etc/dovecot/dovecot-ldap-passdb.conf.ext
driver = ldap
}
/etc/dovecot/dovecot-ldap-passdb.conf.ext:
hosts = localhost
auth_bind = yes
auth_bind_userdn = cn=%u,OU=users,dc=domain,dc=lan
You define your bind DN as cn=%u,OU=users,dc=domain,dc=lan
ldap_version = 3
base = ou=users,dc=domain,dc=lan
scope = subtree
pass_filter = (&(objectClass=person)(cn=%u)(mail=*))
You should use
/etc/dovecot/dovecot-ldap-passdb.conf.ext
hosts = localhost
dn = cn=ldap,cn=Users,DC=domain,DC=lan
dnpass = My_secret_pass
auth_bind = yes
ldap_version = 3
base = OU=users,DC=domain,DC=lan
scope = subtree
pass_filter = (&(objectClass=person)(cn=%u)(mail=*))
That way pass_filter should match
cn=%u,OU=administrative,OU=Users,DC=domain,DC=lan as well. Take an
look at http://wiki2.dovecot.org/AuthDatabase/LDAP/AuthBinds DN lookup
vs. DN template.
Hello Achim,
Thanks for your answer :-)
Sure it works OK, as soon as I specify dn & dnpass (that I omitted in
passdb... :-[ )
Many thanks again !
Nicolas
