From 0bed9611730fc434dd55175bc947dc09fc430710 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem.moulin@fripost.org>
Date: Sun, 9 Sep 2012 23:26:26 +0200
Subject: SASL proxy authorization.

---
 ldap/constraint.ldif | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 ldap/constraint.ldif

(limited to 'ldap/constraint.ldif')

diff --git a/ldap/constraint.ldif b/ldap/constraint.ldif
new file mode 100644
index 0000000..555be85
--- /dev/null
+++ b/ldap/constraint.ldif
@@ -0,0 +1,28 @@
+# Load this file with
+#
+#   ldapadd -Y EXTERNAL -H ldapi:/// -f constraint.ldif
+#
+# It will load the "constraint" overlay configuration for the database #1.
+# Ensure that it's indeed the database #1 that you want to configure:
+#
+#   ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b "cn=config" "olcSuffix=o=mailHosting,dc=fripost,dc=dev" dn
+#
+#
+# References:
+# - http://www.openldap.org/doc/admin24/overlays.html#Constraints
+# - man 5 slapo-constraint
+
+
+dn: olcOverlay=constraint,olcDatabase={1}hdb,cn=config
+objectClass: olcOverlayConfig
+objectClass: olcConstraintConfig
+olcOverlay: constraint
+olcConstraintAttribute: fvd regex ^.+\..+$
+olcConstraintAttribute: fvu regex ^.+$
+olcConstraintAttribute: fva regex ^.+$
+olcConstraintAttribute: fvl regex ^.+$
+olcConstraintAttribute: fripostMaildrop regex ^.*@.+\..+$
+olcConstraintAttribute: fripostOptionalMaildrop regex ^.*@.+\..+$
+olcConstraintAttribute: fripostListCommand regex ^.+-.+$
+olcConstraintAttribute: fripostListManager regex ^(mailman|schleuder)$
+olcConstraintAttribute: userPassword count 1
-- 
cgit v1.2.3