Re: groups, members, LDAP and ptloader

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi, list.

1. I'm also using ldap-based groups ACL in cyrus. When I add any user to 
more them 1 group, cyrus can't autorize them. I can't find any 
documentation about this behavior. Is it normal?

2. How to configure default ldap_realm for connecting to saslauthd?
I have two domains -- 'domain.com' and 'team.domain.com' and want to 
make second my default (users must connect to server as 'user', not 
'user@xxxxxxxxxxxxxxx'). Is it possible?

My imapd.conf:
...
auth_mech: pts
defaultdomain: domain.com
ldap_base: ou=users,o=domain
ldap_filter: (uid=%U)
ldap_group_base: ou=cyrus,ou=mail,o=domain
ldap_group_filter: (cn=%U)
ldap_group_scope: one
ldap_member_attribute: cn
ldap_member_base: ou=cyrus,ou=mail,o=domain
ldap_member_filter: (uniqueMember=%D)
ldap_member_method: filter
ldap_sasl: no
ldap_scope: one
ldap_start_tls: yes
ldap_tls_cacert_file: /etc/ssl/cacert.pem
ldap_uri: ldap://ldap.domain.com
pts_module: ldap
sasl_mech_list: plain login
sasl_pwcheck_method: saslauthd
servername: mail.domain.com
tls_ca_file: /etc/ssl/cacert.pem
tls_cert_file: /usr/local/etc/ssl/mail.domain.com.crt
tls_key_file: /usr/local/etc/ssl/mail.domain.com.key
unixhierarchysep: yes
virtdomains: yes

saslauthd.conf:
ldap_servers: ldap://ldap.domain.com
ldap_tls_cacert_file: /etc/ssl/cacert.pem
ldap_search_base: ou=%3,o=%2
ldap_default_realm: users.domain.com
ldap_filter: uid=%U
ldap_start_tls: yes

----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux