summaryrefslogtreecommitdiffstats
path: root/roles/IMAP/files
diff options
context:
space:
mode:
Diffstat (limited to 'roles/IMAP/files')
-rw-r--r--roles/IMAP/files/etc/dovecot/conf.d/auth-ldap.conf.ext4
-rw-r--r--roles/IMAP/files/etc/dovecot/dovecot-ldap.conf.ext12
2 files changed, 9 insertions, 7 deletions
diff --git a/roles/IMAP/files/etc/dovecot/conf.d/auth-ldap.conf.ext b/roles/IMAP/files/etc/dovecot/conf.d/auth-ldap.conf.ext
index 15eb306..0b38f00 100644
--- a/roles/IMAP/files/etc/dovecot/conf.d/auth-ldap.conf.ext
+++ b/roles/IMAP/files/etc/dovecot/conf.d/auth-ldap.conf.ext
@@ -20,8 +20,9 @@ passdb {
# driver = ldap
# # This should be a different file from the passdb's, in order to perform
# # asynchronous requests.
+#
# args = /etc/dovecot/dovecot-ldap-userdb.conf.ext
-#
+#
# # Default fields can be used to specify defaults that LDAP may override
# default_fields = home=/home/mail/%d/%n
#}
@@ -31,6 +32,7 @@ passdb {
# <doc/wiki/UserDatabase.Static.txt>
userdb {
driver = static
+
# The MTA has already verified the existence of users when doing alias resolution,
# so we can skip the passdb lookup here.
args = home=/home/mail/%d/%n allow_all_users=yes
diff --git a/roles/IMAP/files/etc/dovecot/dovecot-ldap.conf.ext b/roles/IMAP/files/etc/dovecot/dovecot-ldap.conf.ext
index 1c504d3..77edba8 100644
--- a/roles/IMAP/files/etc/dovecot/dovecot-ldap.conf.ext
+++ b/roles/IMAP/files/etc/dovecot/dovecot-ldap.conf.ext
@@ -14,7 +14,7 @@
# by * none
# Space separated list of LDAP hosts to use. host:port is allowed too.
-hosts = localhost
+#hosts =
# LDAP URIs to use. You can use this instead of hosts list. Note that this
# setting isn't supported by all LDAP libraries.
@@ -22,10 +22,10 @@ uris = ldapi://
# Distinguished Name - the username used to login to the LDAP server.
# Leave it commented out to bind anonymously (useful with auth_bind=yes).
-#dn =
+#dn =
# Password for LDAP server, if dn is specified.
-#dnpass =
+#dnpass =
# Use SASL binding instead of the simple binding. Note that this changes
# ldap_version automatically to be 3 if it's lower. Also note that SASL binds
@@ -119,7 +119,7 @@ user_filter =
# password: Password, may optionally start with {type}, eg. {crypt}
# There are also other special fields which can be returned, see
# http://wiki2.dovecot.org/PasswordDatabase/ExtraFields
-pass_attrs = fvl=user
+pass_attrs =
# If you wish to avoid two LDAP lookups (passdb + userdb), you can use
# userdb prefetch instead of userdb ldap in dovecot.conf. In that case you'll
@@ -128,8 +128,8 @@ pass_attrs = fvl=user
#pass_attrs = uid=user,userPassword=password,\
# homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid
-# Filter for password lookups
-pass_filter = (&(objectClass=FripostVirtualUser)(fvl=%n)(isActive=TRUE))
+# Filter for password lookups (ignored for auth binds)
+pass_filter = (&(objectClass=FripostVirtualUser)(fvl=%n)(fripostIsStatusActive=TRUE))
# Attributes and filter to get a list of all users
#iterate_attrs = uid=user