[tpop3d-discuss] ldap auth problems

Thai Q. Tran thai.tran at dyotex.com
Mon, 28 Apr 2003 01:50:41 -0500

Since you plan to login via uid only, I would suggest you to search for
that attribute.  Here is an example of how you can do your conf file:

mailbox: maildir:/home/Domain/$(user)/
append-domain: yes
auth-ldap-enable: yes

# The ldap url specified above is very specific, if you support=20
# multiple domains you will have to be more general.
auth-ldap-url: ldap://localhost/ou=3Dusers,dc=3Ddomain,dc=3Dcom

auth-ldap-scope: base

# The ldap filter below will tell it to search for your uid
# objectclass is optional, if you need more search for info about ldap
auth-ldap-filter: (&(uid=3D$(local_part))(objectClass=3DmailUser))
# LDAP filter without object class
# auth-ldap-filter: (uid=3D$(local_part))

# I believe in your case the users home directory is where their mail is
# stored, if not correct it as needed.
auth-ldap-mailbox-attr: homeDirectory

# Exim stores the mail messages in the specified directory using a
# user and group, specifiy the correct info.
auth-ldap-mail-user: nobody
auth-ldap-mail-group: nobody

Hope this helps...  The tpop3d site also has some helpful documentation,
if this helps please let me know.  If not sorry for leading you the
wrong direction.


-----Original Message-----
From: tpop3d-discuss-admin@lists.beasts.org
[mailto:tpop3d-discuss-admin@lists.beasts.org] On Behalf Of jh
Sent: Sunday, April 27, 2003 1:39 AM
To: tpop3d-discuss@lists.beasts.org
Subject: [tpop3d-discuss] ldap auth problems

Hello all.
>> How do your users log in will depend on how you search.=A0 Can you
>> give me an example of how the users log in?
Login=A0 process
I'm trying to get users authenticated with only (uid=3Dusername)
nothing else, regardless anything else, not for examble john@domain.com.
Only=A0(uid=3D*) =A0is given when users login into mailserver.
Ldap is working because i authenticate exim users with ldap and
it works.=20
>> Can you manually do a search with this?
Ok, here is my ldapsearch result, manual search works fine.
ldapsearch -b ou=3Dusers,dc=3Ddomain,dc=3Dcom "(uid=3Djohn)"
search works with this too, of course.
ldapsearch -b dc=3Ddomain,dc=3Dcom "(uid=3Djohn)"
search result.

# extended LDIF
# LDAPv3
# base <ou=3Dusers,dc=3Ddomain,dc=3Dcom> with scope sub
# filter: (uid=3Djohn)
# requesting: ALL
# john, users, domain.com
dn: uid=3Djohn,ou=3Dusers,dc=3Ddomain,dc=3Dcom
uid: john
cn: john
objectClass: InetOrgPerson
objectClass: posixAccount
objectClass: top
loginShell: /bin/false
uidNumber: 502
gidNumber: 502
homeDirectory: /home/Domain/John
sn: Doe
mail: john@domain.com
userPassword:: 12345
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1