Thanks! I will try with your configuration! ldapsearch -x -h ldap.mydomain.com -b ou=groups,o=mydomain,dc=fr cn=mongroupe Give me that result : # extended LDIF # # LDAPv3 # base <ou=groups,o=mydomain,dc=fr> with scope subtree # filter: cn=mongroupe # requesting: ALL # # mongroupe, groups, netasq, fr dn: cn=mongroupe,ou=groups,o=mydomain,dc=fr objectClass: top objectClass: groupOfNames description: Test cn: mongroupe member: cn=toto,ou=users,o=mydomain,dc=FR member: cn=toto2,ou=users,o=mydomain,dc=fr # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 And ldapsearch -x -h ldap.mydomain.com -b ou=users,o=mydomain,dc=fr cn=toto2 # extended LDIF # # LDAPv3 # base <ou=users,o=mydomain,dc=fr> with scope subtree # filter: cn=toto2 # requesting: ALL # # toto2, users, netasq, fr dn: cn=toto2,ou=users,o=mydomain,dc=fr o: mydomain initials: toto givenName: toto2 street: my street sn: TEST2 ou: mydomain l: there mail: toto2@xxxxxxxxxxxx facsimileTelephoneNumber: 333 objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: Person uid: toto2 postalCode: 555658 cn: toto2 st: Nord # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 Here is the Ldif structure for my groups : dn: cn=mongroupe, ou=groups, o=mydomain,dc=fr description: Test objectClass: top objectClass: groupOfNames member: cn=toto,ou=users,o=mydomain,dc=FR member: cn=toto2,ou=users,o=mydomain,dc=fr cn: mongroupe So how can i make my filter on group and member? ---------- Debut du message initial ----------- De : "Hans Moser" hans.moser@xxxxxxxxxxxxxxxxxxxxxxxx A : "jc.duss59@xxxxxxxxxxx" jc.duss59@xxxxxxxxxxx Copies : "info-cyrus" info-cyrus@xxxxxxxxxxxxxxxxxxxx Date : Thu, 01 Feb 2007 18:30:53 +0100 Objet : Re: Cyrus Imapd shared folders question [auf Viren überprüft] > jc.duss59@xxxxxxxxxxx schrieb: > > > Jan 31 17:59:37 imaptest ptloader[726]: > > ldap_sasl_interactive_bind() failed 16 (No such attribute). > > Jan 31 17:59:37 imaptest imap[727]: ptload(): bad response > > from ptloader server: ptsmodule_connect() failed > > Jan 31 17:59:37 imaptest imap[727]: ptload completely failed: > > unable to canonify identifier: toto2 > > Jan 31 17:59:37 imaptest imap[727]: badlogin: [10.1.45.1] > > plaintext toto2 invalid user > Please show the toto2 entry from your ldap server. > > # ldapsearch -x -h ldap.mydomain.com -b ou=users,o=myorg,dc=fr uid=toto2 > > you must have anonymous read access to uid. > > I use this in imapd 2.2.12 (ldapdb and pts): > > sasl_log_level: 5 > sasl_pwcheck_method: auxprob > sasl_auxprob_plugin: ldapdb > sasl_ldapdb_uri: ldap://foo > sasl_ldapdb_id: human > sasl_ldapdb_pw: pw > sasl_ldapdb_mech: PLAIN DIGEST-MD5 CRAM-MD5 LOGIN > allowplaintext: yes > sasl_minimum_layer: 0 > sasl_ldapdb_starttls: Demand > sasl_ldap_search_base: ou=humans,ou=bar > sasl_ldap_search_filter: maildrop=%U > tls_cert_file: foo.pem > tls_key_file: foo6.pem > tls_ca_file: foo06.pem > tls_ca_path: ssl/ca > # > # ptloader ldap: > ldap_id: human > ldap_sasl: 1 > ldap_password: pw > ldap_uri: ldap://foo > ldap_mech: PLAIN DIGEST-MD5 CRAM-MD5 LOGIN > ldap_start_tls: 1 > ldap_tls_cacert_file: foo.pem > ldap_tls_cert: foo6.pem > ldap_tls_key: foo06.pem > ldap_base: ou=humans,ou=bar > ldap_group_base: ou=gruppen,ou=humans,ou=bar > ldap_group_filter: ou=%U > ldap_member_attribute: member > ldap_group_scope: sub > ldap_member_method: attribute > > > Hans > Envoyez vos cartes de voeux depuis www.laposte.net Elles seront ensuite distribuées par le facteur : pratique et malin ! ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
