diff options
author | Guilhem Moulin <guilhem.moulin@fripost.org> | 2012-09-15 19:24:24 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem.moulin@fripost.org> | 2012-09-15 19:24:24 +0200 |
commit | 695e6662e46545d08213d3eec0c4f9956333a28e (patch) | |
tree | dd7bfb8e5d44932ad51e5f525fa018c8e4866806 /ldap/authz.ldif | |
parent | cb9479f3ecd194e70f75422cd2f1511e0d772058 (diff) |
SMTP service.
Diffstat (limited to 'ldap/authz.ldif')
-rw-r--r-- | ldap/authz.ldif | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/ldap/authz.ldif b/ldap/authz.ldif index 8f88d80..657d718 100644 --- a/ldap/authz.ldif +++ b/ldap/authz.ldif @@ -1,14 +1,18 @@ # Load this file with # -# ldapadd -Y EXTERNAL -H ldapi:/// -f authz.ldif +# ldapmodify -Y EXTERNAL -H ldapi:/// -f authz.ldif # # That will allow the SASL-authenticated user (service) to be # reformatted into a proper DN under our services directory. # # SASL authentication can be checked with: # -# ldapwhoami -W -Y PLAIN -U FPanel -H ldapi:// -# ldapwhoami -W -Y PLAIN -U FPanel -H ldapi:// -X "dn:fvu=user1,fvd=fripost.org,ou=virtual,o=mailHosting,dc=fripost,dc=dev" +# ldapwhoami -W -Y PLAIN -U AdminWebPanel@fripost.org -H ldapi:// +# ldapwhoami -W -Y PLAIN -U AdminWebPanel@fripost.org -H ldapi:// -X "dn:fvu=user1,fvd=fripost.org,ou=virtual,o=mailHosting,dc=fripost,dc=dev" +# +# WARNING: Beware that will also delete existing AuthzRegexp and +# AuthzPolicy. +# Note: you may have to restart slapd to flush the cache. # # References: # - http://www.openldap.org/doc/admin24/sasl.html#Direct%20Mapping @@ -18,7 +22,8 @@ dn: cn=config changetype: modify replace: olcAuthzRegexp -olcAuthzRegexp: uid=([^,]+),cn=[^,]+,cn=auth cn=$1,ou=services,o=mailHosting,dc=fripost,dc=dev +# TODO: force the mechanism here (GSSAPI) +olcAuthzRegexp: uid=(AdminWebPanel)@fripost\.org,cn=[^,]+,cn=auth cn=$1,ou=services,o=mailHosting,dc=fripost,dc=dev - replace: olcAuthzPolicy olcAuthzPolicy: to |