[courier-users] Re: Using LDAP with virtual and normal accounts

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-5899-1117384053-0006
Content-Type: text/plain; format=flowed; charset="US-ASCII"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Lloyd Zusman writes:

> Sam Varshavchik <mrsam@courier-mta.com> writes:
>
>> Lloyd Zusman writes:
>>
>>> I have another authldap question:
>>> Assume the following setup for a user with a "virtual" account:
>>> LDAP_HOMEDIR (homeDirectory): /var/vmail/whoever@virtual.com
>>> LDAP_UID (uidNumber): owner of /var/vmail tree
>>> LDAP_GID (gidNumber): group of /var/vmail tree
>>> LDAP_MAIL (mail): whoever@virtual.com
>>> virtual.com is in "hosteddomains".
>>> This works fine for the delivery of email to "whoever@virtual.com",
>>> which properly ends up under "/var/vmail/whoever@virtual.com/Maildir".
>>> Also, the user can retrieve email via IMAP as long as he/she logs in as
>>> "whoever@virtual.com".
>>> However, I want the user to log using simply "whoever", not
>>> "whoever@virtual.com". How do I enable this capability via authldap?
>>
>> Add a second 'mail' attribute to the LDAP record.
>
> Aha! Thanks.
>
> Previously, the record looked like this:
>
> mail=whoever@virtual.com
> homeDirectory=/var/vmail/whoever@virtual.com
> cn=Virtual User
> uidNumber=[owner of /var/vmail tree]
> gidNumber=[group of /var/vmail tree]
> userPassword=[encrypted password]
>
> So, I presume that it should now look like this:
>
> mail=whoever@virtual.com
> mail=whoever
> homeDirectory=/var/vmail/whoever@virtual.com
> cn=Virtual User
> uidNumber=[owner of /var/vmail tree]
> gidNumber=[group of /var/vmail tree]
> userPassword=[encrypted password]
>
> However, I'm having trouble adding such a record to LDAP, but perhaps
> that's just a bug in the LDAP client software that I'm using. If this
> version with two "mail" attributes is indeed correct (please confirm),
> then I'll start debugging the LDAP client.

This is correct.

It's possible that your LDAP schema prohibits duplicate attributes in a
record. It's a simple matter of changing your schema definition.


--=_mimegpg-commodore.email-scan.com-5899-1117384053-0006
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBCme11x9p3GYHlUOIRAni7AJwNDWKEPw0AX7GcOxwznr lA62cPhACbBZqK
X0OUGIWD7Zdpuu6gjVVQklE=
=ATOA
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-5899-1117384053-0006--


-------------------------------------------------------
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/.../courier-users