Hi, all.
First, I use SquirrelMail 1.4.13.
In global ldap address book, all user must bind as only one user dn,
such as: 'cn=Manager,dc=example,dc=com'.
Every webmail user logins with their mail address, such as: 'www@xxxxxxxxx'.
But how can i let it bind as the login user itself? such as:
mail=www@xxxxxxxxx, o=hello.com, dc=example, dc=com
----
PS, bellow is my ACL in slapd.conf:
#
# Set permission for LDAP attrs.
#
access to attrs="userPassword,mailReplyText,deliveryMode"
by anonymous auth
by self write
by dn.exact="cn=vmail,dc=openbsdonly,dc=org" read
by dn.exact="cn=vmailadmin,dc=openbsdonly,dc=org" write
by
dn.regex="mail=admin@([^,]+),o=$1,o=domains,dc=openbsdonly,dc=org" write
by users none
access to attrs="cn,sn"
by anonymous auth
by self write
by dn.exact="cn=vmail,dc=openbsdonly,dc=org" read
by dn.exact="cn=vmailadmin,dc=openbsdonly,dc=org" write
by
dn.regex="mail=admin@([^,]+),o=$1,o=domains,dc=openbsdonly,dc=org" write
by users read
access to
attrs="description,mail,mailQuota,homeDirectory,mailMessageStore,mailForwardingAddress,accountStatus,objectclass"
by anonymous auth
by self read
by dn.exact="cn=vmail,dc=openbsdonly,dc=org" read
by dn.exact="cn=vmailadmin,dc=openbsdonly,dc=org" write
by
dn.regex="mail=admin@([^,]+),o=$1,o=domains,dc=openbsdonly,dc=org" write
by users read
#
# Set ACL for vmail/vmailadmin.
#
access to dn="cn=vmail,dc=openbsdonly,dc=org"
by anonymous auth
by self write
by dn.exact="cn=vmailadmin,dc=openbsdonly,dc=org" write
by users none
access to dn="cn=vmailadmin,dc=openbsdonly,dc=org"
by anonymous auth
by self write
by users none
#
# Allow users to access their own domain subtree.
#
access to dn.regex="o=([^,]+),o=domains,dc=openbsdonly,dc=org$"
by anonymous auth
by self write
by dn.exact="cn=vmail,dc=openbsdonly,dc=org" read
by dn.exact="cn=vmailadmin,dc=openbsdonly,dc=org" write
by dn.regex="mail=admin@$1,o=$1,o=domains,dc=openbsdonly,dc=org$" write
by dn.regex="mail=[^,]+,o=$1,o=domains,dc=openbsdonly,dc=org$" read
by users none
#
# Enable vmail/vmailadmin.
#
access to dn.subtree="o=domains,dc=openbsdonly,dc=org"
by anonymous auth
by self write
by dn.exact="cn=vmail,dc=openbsdonly,dc=org" read
by dn.exact="cn=vmailadmin,dc=openbsdonly,dc=org" write
by
dn.regex="mail=admin@([^,]+),o=$1,o=domains,dc=openbsdonly,dc=org" write
by users read
#
# Set permission for "cn=*,dc=openbsdonly,dc=org".
#
access to dn.regex="cn=[^,]+,dc=openbsdonly,dc=org"
by anonymous auth
by self write
by users none
#
# Set default permission.
#
access to *
by anonymous auth
by self write
by users read
---
Best Regards
Zhang Huangbin
2008.02.13
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
