Hi folks,
I'm setting up a multi-tenant mail system at the moment, SOGo works a treat
with it all, however there's one quirk.
We're segregating different mail domains/organizations in LDAP within different
OUs (for example
[email protected],ou=users,domainOU=test1.local,o=hosting,dc=my,dc=domain
and
[email protected],ou=users,domainOU=test2.local,o=hosting,dc=my,dc=domain )
with each UID only having read permissions to it's own domainOU and below.
Address books use a subtree search from o=hosting,dc=my,dc=domain - ACLs screen
out unwanted entries.
When directly listing addresses from LDAP bound as a hosted user
([email protected] for instance), it can only see cards from within
domainOU=test1.local, o=hos...
>From within SOGo however, the user sees *all* configured domains' users, not
>just his own. LDAP debugging indicates queries are made only as the DN written
>into the defaults file (not the logged-in user)
It would be nice if the LDAP addressbooks could be enumerated based on an
indirect bind. Is there any way to get SOGo to do this, or is it into patch
territory? For the moment I'm assuming I'll just have to keep LDAP addressbooks
hidden, but it would be nice to have them work this way...
Thanks,
Nathanael Bettridge
Prodigy Communications--
[email protected]
https://inverse.ca/sogo/lists
