On 6/08/2010 9:42 PM, Daniel Berteaud wrote: > Hi. > > We're using SOGo on our server for a few users (less than 10 "beta > testers" for now but we plan to deploy it on bigger installations soon). > > We use OpenLDAP as authentication backend, and I'd like to restrict the > access to SOGo based on group membership. The problem is that I use > inetOrgPerson objectClass for users and posixGroup for groups, so, > there's no group membership informations in user's object, only in > groups (memberUid). So AFAIK, there's no way to restrict access with a > simple LDAP filter (ModulesConstraints or filter). > > Anyone in the same situation ? I'd really apreciate if someone has a > solution.
I'm in a similar position, except I wanted to not list certain users in the address book. I just moved the SOGo users into a new ou=calstaff located inside ou=People, and told SOGo to use ou=calstaff,ou=People as the search base. By relying on the DIT structure it is a gross hack, but it works. Other LDAP things still work fine because they default to search scope=sub. -- James Andrewartha | Sysadmin Data Analysis Australia Pty Ltd | STRATEGIC INFORMATION CONSULTANTS 97 Broadway, Nedlands, Western Australia, 6009 PO Box 3258, Broadway Nedlands, WA, 6009 T: +61 8 9386 3304 | F: +61 8 9386 3202 | I: http://www.daa.com.au
-- [email protected] https://inverse.ca/sogo/lists
