Re: [tpop3d-discuss] RE: LDAP Authentication

[prune]

Hi,

I have not been working with tpop3d since last year, but as I can remember,
try something like : 
auth-ldap-searchdn: dc=mye-znet.com,o=mye-znet
as the searchDN is the start of where you are looking for entries

auth-ldap-filter: is the attribut that is checked. if it matches with the
supplied login, the entry is considered good, so :

auth-ldap-filter: uid

finaly, the 
auth-ldap-username and auth-ldap-password shoud reflect to the user used
to bind to the ldap server and do the search :

auth-ldap-username: cn=mailadmin, dc=mye-znet.com,o=mye-znet
auth-ldap-password: secret

of course, the mailadmin user must have search privileges on the DN.

Have a look at the tpop3d doc. As far as I remember it is well maintained
and fully understandable if you take some time to read it, and read some
ldap stuffs.
I'll try (will be hard) to re-install latester tpop3d and see how I can provide
more documentation and examples in the doc (ok chris ?)

I don't remeber but check the doc also about append-domain problems....

Finaly, you should really check openldap's logs (debug set to 256 is good
I think, and see what filter is used and which entry are returned. also,
which user is used for binding to the server, if it works or not.....

Cheers,

Prune

Thai Tran wrote:
> Hello everyone,
> 	Here is a copy of my tpop3d.conf:
>
> mailbox: maildir:/home/mailspool/$(domain)/$(user)/
> append-domain: yes
> auth-ldap-enable: yes
> auth-ldap-url: ldap://localhost
> auth-ldap-searchdn: o=mye-znet
> auth-ldap-password:
> auth-ldap-filter: <need help with this portion>
> auth-ldap-mailbox-attr: mailMessageStore
> auth-ldap-mail-user: nobody
> auth-ldap-mail-group: nobody
>
> If it is possible for me to change my auth-ldap-filter to make the query
> result in this way, I am sure that it would work:
> 	ldap://localhost/dc=$(domain),o=mye-znet??sub?uid=$(local_part)
>
> Does anyone have any ideas?
>
> Thanks ahead,
> Thai Tran
>
> > -----Original Message-----
> > From: address@hidden
> > [mailto:address@hidden]On Behalf Of prune
> > Sent: Tuesday, September 17, 2002 2:41 AM
> > To: address@hidden
> > Cc: Dave Baker; tpop3d
> > Subject: Re: [tpop3d-discuss] RE: LDAP Authentication
> >
> >
> > Thai Tran wrote:
> >
> > > Dave,
> > > 	Sorry to bother you but I'm pretty knew at this and this
> > >     
> > might seem like a
> > > stupid question, but how would I go about editing the filter to my
> > > specifications?  I would like to log in with address@hidden for
> > > example.  The username portion is an attribute within the object which is
> > > 'uid'.  I'm quite new to all this and I've tried running through the
> > > auth_ldap.c and auth_ldap.h not knowing where to start.  I would
> > >     
> > understand
> > > how to use tpop3d more if the query was in a ldap URL format.  I am
> > > currently using this schema for Exim already and I was hoping I
> > >     
> > could keep
> > > it this simple.
> > >
> > > Here is a snip of one of my objects:
> > >
> > > dn: cn=t_tran99,dc=mye-znet.com,o=mye-znet
> > > objectClass: top
> > > objectClass: person
> > > objectClass: mailUser
> > > dc: mye=znet.com
> > > sn: Tran
> > > cn: Thai
> > > uid: t_tran99
> > > mailQuota: 5M
> > > userPassword:: e01ENX03NVVDQW9NZkRweE41ZDhKZXlwcVhBPT0=
> > > mailMessageStore: /home/mailspool/mye-znet.com/t_tran99/
> > >
> > > Thanks again,
> > > Thai Q. Tran
> > > Email address@hidden
> > >
> > >     
> > Hi,
> >
> > what you could try to do, is provide us wuth the openldap logs (check
> > syslog to find them out). As said dave, you are probably searching for
> > an attribute which does not exist in you schema.
> > Could you also send us the configuration file of tpop3d ???
> >
> > We'll then try to help you. I also suggest to have a look to
> > www.openldap.org, and learn some stuffs about ldap. It's very simple to
> > setup tpop3d with ldap, as long as you know how does Ldap work.
> >
> > Cheers,
> >
> > Prune
> >   
>
>
> _______________________________________________
> tpop3d-discuss mailing list
> address@hidden
> http://lists.beasts.org/mailman/listinfo/tpop3d-discuss