[tpop3d-discuss] RE: LDAP Authentication

Thai Tran t_tran99 at yahoo.com
Wed, 18 Sep 2002 17:21:30 -0500 

Hello everyone,
	Okay I fixed the problem.  I fixed the issue by changing the auth-ldap-url.
Originally it was - auth-ldap-url: ldap://localhost
Changed to -  auth-ldap-url: ldap://localhost/o=mye-znet

my config:
listen-address: 0.0.0.0()
mailbox: maildir:/home/mailspool/$(domain)/$(user)/
append-domain: yes
auth-ldap-enable: yes
auth-ldap-url: ldap://localhost/o=mye-znet
auth-ldap-searchdn:
auth-ldap-password:
auth-ldap-filter: (&(uid=$(local_part))(dc=$(domain)))
auth-ldap-mailbox-attr: mailMessageStore
auth-ldap-mail-user: nobody
auth-ldap-mail-group: nobody

Thanks for all the help and patients, I'm so stupid
Thai

-----Original Message-----
From: Prune [mailto:prune@lecentre.net]
Sent: Wednesday, September 18, 2002 1:34 PM
To: t_tran99@yahoo.com
Cc: tpop3d
Subject: Re: [tpop3d-discuss] RE: LDAP Authentication


Hi,

as said chris, the search filter is the same as when you use ldapsearch.
from the man page (with anonymous bind, may not work for you)  :
ldapsearch  -b "c=US" "(o=University*)"  description

which mean, give me the "description" attribute of envery entry containing
the attribut "o" = "University*", starting from "c=US" in the DN.
do you understand that ?

for you, this will give :

ldapsearch  -b "o=mye-znet" "(uid=t_tran99)" mailMessageStore

this will work if you supply only 't_tran99' as login, and don't add the
domain after.
the search filter can be more complicates, for example :
(&(uid=t_tran99)(dc=mye-znet.com))

so :     (&(uid=$(local_part))(dc=$(domain)))

I hope this will work

chris : am I right ?

thai : understand ?

Cheers,

Prune



Thai Tran wrote:

Hello everyone,
    If someone can help point me in the right direction regarding the
auth-ldap-filter.  At the moment I am not sure how tpop3d uses the filter to
manipulate the search or I am just to blind to see it from the default
filter.

    I am aware that the default search filter is
(mail=$(local_part)@$(domain).  If someone can explain to me exactly how
this is used and the results of using the default filter in a ldap url
format.

For example: If I'm logging in with t_tran99@mye-znet.com and my password,
what would the end result of the ldap url be, using the default filter?  I
am assuming this at the moment but tpop3d does use ldap urls to perform
queries, correct?

Thanks,
Thai