Mercurial > dovecot > original-hg > dovecot-1.2

view doc/dovecot-ldap.conf @ 2810:74517c34a687 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Dovecot authentication protocol v1.0
author Timo Sirainen <tss@iki.fi>
date Fri, 22 Oct 2004 16:44:03 +0300
parents 611c552a518c
children 441759ac4f6a
line wrap: on
line source

# NOTE: We don't support "authentication binds", so you'll have to give
# dovecot-auth read access to userPassword field in LDAP server. With OpenLDAP
# this is done by modifying /etc/ldap/slapd.conf. There should already be
# something like this:

# access to attribute=userPassword
#        by dn="<dovecot's dn>" read # add this
#        by anonymous auth
#        by self write
#        by * none

# Space separated list of LDAP hosts to use. host:port is allowed too.
#hosts = localhost

# Distinguished Name - the username used to login to the LDAP server
#dn = 

# Password for LDAP server
#dnpass = 

# LDAP protocol version to use. Likely 2 or 3.
#ldap_version = 2

# LDAP base
base = uid=someone, dc=foo, dc=bar, dc=org

# Dereference: never, searching, finding, always
#deref = never

# Search scope: base, onelevel, subtree
#scope = subtree

# User attributes in order:
#  Virtual user name (user@domain)
#  Home directory
#  MAIL environment
#  System user name (for getting user's groups from /etc/group)
#    - For virtual users you don't want to use this, so this defaults to none.
#  System UID
#  System GID
#user_attrs = uid,homeDirectory,,,uidNumber,gidNumber

# Filter for user lookup. Some variables can be used:
#   %u - username
#   %n - user part in user@domain, same as %u if there's no domain
#   %d - domain part in user@domain, empty if user there's no domain
#user_filter = (&(objectClass=posixAccount)(uid=%u))

# Password checking attributes in order:
#  Virtual user name (user@domain)
#  Password, may optionally start with {type}, eg. {crypt}
#pass_attrs = uid,userPassword

# Filter for password lookups
#pass_filter = (&(objectClass=posixAccount)(uid=%u))

# Default password scheme. "{scheme}" before password overrides this.
# Currently supported schemes include PLAIN, PLAIN-MD5, DIGEST-MD5, CRYPT
#default_pass_scheme = CRYPT

# You can use same UID and GID for all user accounts if you really want to.
# If the UID/GID is still found from LDAP reply, it overrides these values.
#user_global_uid = 
#user_global_gid =