diff options
Diffstat (limited to 'ldap/authz.ldif')
-rw-r--r-- | ldap/authz.ldif | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/ldap/authz.ldif b/ldap/authz.ldif new file mode 100644 index 0000000..8f88d80 --- /dev/null +++ b/ldap/authz.ldif @@ -0,0 +1,24 @@ +# Load this file with +# +# ldapadd -Y EXTERNAL -H ldapi:/// -f authz.ldif +# +# That will allow the SASL-authenticated user (service) to be +# reformatted into a proper DN under our services directory. +# +# SASL authentication can be checked with: +# +# ldapwhoami -W -Y PLAIN -U FPanel -H ldapi:// +# ldapwhoami -W -Y PLAIN -U FPanel -H ldapi:// -X "dn:fvu=user1,fvd=fripost.org,ou=virtual,o=mailHosting,dc=fripost,dc=dev" +# +# References: +# - http://www.openldap.org/doc/admin24/sasl.html#Direct%20Mapping +# - man 5 slapd-config + + +dn: cn=config +changetype: modify +replace: olcAuthzRegexp +olcAuthzRegexp: uid=([^,]+),cn=[^,]+,cn=auth cn=$1,ou=services,o=mailHosting,dc=fripost,dc=dev +- +replace: olcAuthzPolicy +olcAuthzPolicy: to |