|
- # Authentication for LDAP users. Included from auth.conf.
- #
- # <https://doc.dovecot.org/latest/core/config/auth/databases/ldap.html>
-
- ## See <https://doc.dovecot.org/latest/core/config/dict.html#ldap>
-
- ldap_uris = ldap://${LDAP_SERVER_HOST}
- ldap_auth_dn = ${LDAP_BIND_DN}
- ldap_auth_dn_password = ${LDAP_BIND_PWD}
- ldap_base = ${LDAP_SEARCH_BASE}
- ldap_version = 3
-
- passdb ldap {
- filter = (&(objectClass=PostfixBookMailAccount)(|(uniqueIdentifier=%{user})(mail=%{user})))
- # ldap_bind = no
-
- fields {
- # user=%{ldap:uid}
- # password=%{ldap:userPassword}
- # userdb_home=%{ldap:homeDirectory}
- # userdb_uid=%{ldap:uidNumber}
- # userdb_gid=%{ldap:gidNumber}
- user=%{ldap:uniqueIdentifier}
- password=%{ldap:userPassword}
- }
- }
-
- # "prefetch" user database means that the passdb already provided the
- # needed information and there's no need to do a separate userdb lookup.
- # <https://doc.dovecot.org/latest/core/config/auth/databases/prefetch.html>
- #userdb prefetch {
- #}
-
- userdb ldap {
- filter = (&(objectClass=PostfixBookMailAccount)(|(uniqueIdentifier=%{user})(mail=%{user})))
-
- # Default fields can be used to specify defaults that LDAP may override
- fields {
- # home=/home/virtual/%{user}
- home=%{ldap:mailHomeDirectory}
- uid=%{ldap:mailUidNumber}
- gid=%{ldap:mailGidNumber}
- mail=%{ldap:mailStorageDirectory}
- }
- }
-
- # If you don't have any user-specific settings, you can avoid the userdb LDAP
- # lookup by using userdb static instead of userdb ldap, for example:
- # <https://doc.dovecot.org/latest/core/config/auth/databases/static.html>
- #userdb static {
- #fields {
- # uid = vmail
- # gid = vmail
- # home = /var/vmail/%{user}
- #}
- #}
|
