Le 09/08/2011 02:08, Jeroen van Meeuwen (Kolab Systems) a écrit : > Hi there, > Hi, > I wanted to ask who is actively using ptclient/ldap, as I have some inhouse > patch pending on the canonification using some sort of result_attribute, if > you will. > > We currently have under consideration whether everything, life and the > universe should be configurable before the patch is accepted upstream, which > is to say (pardon my postfix lingo); > > - result_attribute_format, > - leaf_result_attribute, > > but also; > > - group_filter_scope, > - group_result_attribute > > Which is to say, we have a deployment extensively using 'nsroledn' -which > functionally behaves like a 'memberOf', and the question then becomes if you > want to use the 'cn' attribute for groups -which most often is not enforced to > be a unique attribute value for groups, but is automatically unique is the > search scope for groups is 'one' and the 'cn' attribute builds the 'rdn'. > > Long story short, I would like to know of other people who use ptclient/ldap, > or have attempted to do so but failed, and the various use-case / deployment > scenarios. We use it for shared folders / mailboxes, on a Stock debian install (so 2.2.x), we only repackaged cyrus to include pts support. Works great so far Actually, I do think everything should be configurable. LDAP deployment are often preexistent, and used by other applications : the more configurable it is, the less work you have to do to use cyrus in your existing environment. Other application might be older proprietary stuff without much flexibility and strange ways to use a LDAP tree... Here are the relevant parts of our imapd.conf : auth_mech: pts pts_module: ldap ptloader_sock: /var/run/cyrus/socket/ptsock username_tolower: 0 ldap_filter: (|(uid=%u)(cn=%u)) ldap_referrals: 1 ldap_group_filter: (&(objectClass=groupOfUniqueNames)(cn=%u)) ldap_group_base: <some path> ldap_member_base: <some path> ldap_member_method: filter ldap_member_filter: (uniqueMember=%D) ldap_member_attribute: cn ldap_size_limit: 0 Groups are in one part of the tree, users are listed in the group with their DN and in another part of the tree. Cheers, -- Clement Hermann (nodens) - "L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?" Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/ Vous trouverez ma clef publique sur le serveur public pgp.mit.edu. Please find my public key on the public keyserver pgp.mit.edu. ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
