|
Dear all, we want to add to saslauthd.conf an ldap group filtering. How I understand, it’s possible that saslauthd can check under an ou listed groups which are linked to users which should have access or instead to search for
groups it’s Possible to specify a single group. Here’s my configuration ldap_servers: ldap://ddcl001.company-group.dir ldap_search_base: dc=company-group,dc=dir #ldap_filter: sAMAccountName=%U ldap_filter: userPrincipalName=%u #ldap_version: 3 ldap_auth_method: bind ldap_bind_dn: cn=Administrator,cn=Users,dc=company-group,dc=dir ldap_bind_pw: ******** ldap_scope: sub ldap_debug: -1 # Group Check Test #ldap_group_search_base: ou=groups,ou=Exchange,DC=company-group,DC=dir #ldap_group_attr: sAMAccountName #ldap_group_match_method: filter #ldap_group_filter: (sAMAccountName=%U) #ldap_group_scope: sub #ldap_size_limit: 0 #ldap_verbose: on I don’t know if the samba AD DC store the attr memberUid, with this one it was also not working to authenticate, without the group check saslauthd works fine. Some help here at this point would be fine, Best Regards, David Faller |
