From bd92a9f645f53da01c13d1411cef7fe20fdd4503 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Wed, 11 Dec 2013 01:03:42 +0100 Subject: wibble --- roles/IMAP/files/etc/dovecot/conf.d/auth-ldap.conf.ext | 4 +++- roles/IMAP/files/etc/dovecot/dovecot-ldap.conf.ext | 12 ++++++------ roles/IMAP/tasks/mda.yml | 2 +- 3 files changed, 10 insertions(+), 8 deletions(-) (limited to 'roles/IMAP') diff --git a/roles/IMAP/files/etc/dovecot/conf.d/auth-ldap.conf.ext b/roles/IMAP/files/etc/dovecot/conf.d/auth-ldap.conf.ext index 15eb306..0b38f00 100644 --- a/roles/IMAP/files/etc/dovecot/conf.d/auth-ldap.conf.ext +++ b/roles/IMAP/files/etc/dovecot/conf.d/auth-ldap.conf.ext @@ -20,8 +20,9 @@ passdb { # driver = ldap # # This should be a different file from the passdb's, in order to perform # # asynchronous requests. +# # args = /etc/dovecot/dovecot-ldap-userdb.conf.ext -# +# # # Default fields can be used to specify defaults that LDAP may override # default_fields = home=/home/mail/%d/%n #} @@ -31,6 +32,7 @@ passdb { # userdb { driver = static + # The MTA has already verified the existence of users when doing alias resolution, # so we can skip the passdb lookup here. args = home=/home/mail/%d/%n allow_all_users=yes diff --git a/roles/IMAP/files/etc/dovecot/dovecot-ldap.conf.ext b/roles/IMAP/files/etc/dovecot/dovecot-ldap.conf.ext index 1c504d3..77edba8 100644 --- a/roles/IMAP/files/etc/dovecot/dovecot-ldap.conf.ext +++ b/roles/IMAP/files/etc/dovecot/dovecot-ldap.conf.ext @@ -14,7 +14,7 @@ # by * none # Space separated list of LDAP hosts to use. host:port is allowed too. -hosts = localhost +#hosts = # LDAP URIs to use. You can use this instead of hosts list. Note that this # setting isn't supported by all LDAP libraries. @@ -22,10 +22,10 @@ uris = ldapi:// # Distinguished Name - the username used to login to the LDAP server. # Leave it commented out to bind anonymously (useful with auth_bind=yes). -#dn = +#dn = # Password for LDAP server, if dn is specified. -#dnpass = +#dnpass = # Use SASL binding instead of the simple binding. Note that this changes # ldap_version automatically to be 3 if it's lower. Also note that SASL binds @@ -119,7 +119,7 @@ user_filter = # password: Password, may optionally start with {type}, eg. {crypt} # There are also other special fields which can be returned, see # http://wiki2.dovecot.org/PasswordDatabase/ExtraFields -pass_attrs = fvl=user +pass_attrs = # If you wish to avoid two LDAP lookups (passdb + userdb), you can use # userdb prefetch instead of userdb ldap in dovecot.conf. In that case you'll @@ -128,8 +128,8 @@ pass_attrs = fvl=user #pass_attrs = uid=user,userPassword=password,\ # homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid -# Filter for password lookups -pass_filter = (&(objectClass=FripostVirtualUser)(fvl=%n)(isActive=TRUE)) +# Filter for password lookups (ignored for auth binds) +pass_filter = (&(objectClass=FripostVirtualUser)(fvl=%n)(fripostIsStatusActive=TRUE)) # Attributes and filter to get a list of all users #iterate_attrs = uid=user diff --git a/roles/IMAP/tasks/mda.yml b/roles/IMAP/tasks/mda.yml index 39938fd..0d41669 100644 --- a/roles/IMAP/tasks/mda.yml +++ b/roles/IMAP/tasks/mda.yml @@ -15,8 +15,8 @@ - name: Create directory /etc/postfix-.../virtual file: path=/etc/postfix-{{ postfix_instance[inst].name }}/virtual - owner=root group=root state=directory + owner=root group=root mode=0755 - name: Copy lookups tables -- cgit v1.2.3