As documented e.g. here https://doc.dovecot.org/configuration_manual/authentication/ldap/
Aki > On 02/10/2019 20:47 Jean-Daniel via dovecot <dovecot@dovecot.org> wrote: > > > You set ‘auth_bind' to ‘no' and and you make sure ‘dn’ and ‘dnpass’ are > properly configured with a user with enough privileges to read users > passwords. > > > And also, you make sure your pass_attrs contains a password attributes > (containing the user password hash). > > > > > Le 2 oct. 2019 à 19:33, David Wells - Alfavinil S.A. via dovecot > > <dovecot@dovecot.org> a écrit : > > > > > > Is there anywhere an example of how this would be setup? I understand the > > use of a service account which I already setup but I can't figure out how > > to use this service account to retrieve information and authenticate users. > > > > Thanks! > > Best regards, > > David Wells. > > > > > > > > El 02/10/2019 a las 04:29, Aki Tuomi escribió: > > > > > > > > > > > > > > > > On 1.10.2019 17.33, David Wells - Alfavinil S.A. via dovecot wrote: > > > > > > > > > > Good morning. > > > > > > > > I was just reading > > > > https://wiki.dovecot.org/AuthDatabase/LDAP/PasswordLookups and found > > > > the following statement > > > > > > > > > When using LDA (https://wiki.dovecot.org/LDA) and static userdb, > > > > > deliver can check if destination user exists. With auth binds this > > > > > check isn't possible. > > > > > > > > Is this still relevant? Is there a workaround? It seems like using > > > > dovecots lmtp in an active directory environment is not possible, is > > > > this correct? > > > > > > > > > > > > > > > You cannot check user existence with auth binds because auth bind > > > requires user credentials. > > > This is why I suggested you use a "service user" in LDAP to perform the > > > database lookups instead of auth binds. You can still authenticate your > > > users using kerberos. > > > > > > Aki > > > > > > > >
