On 03/13/18 11:44 -0500, Nic Bernstein wrote:
I am trying for the first time to set up Cyrus (3.0.4 & 3.0.5) with ptloader, sasl auxprop, etc.  Even though I've used LDAP for many years, I've only ever used saslauthd with mech=ldap or mech=pam, and a fairly simple configuration.  For example:

  ldap_servers: ldapi://%2fvar%2frun%2fopenldap%2fldapi
  ldap_bind_dn: cn=proxyUser,ou=systems,dc=example,dc=com
  ldap_bind_pw: secret
  ldap_search_base: dc=example,dc=com

I was hoping to write up some comprehensive documentation on using LDAP with Cyrus, as there is currently nothing beyond the imapd.conf(5) man page.  Any help you could provide would be most welcome.  The only cogent examples I find online are all from you, but are many years old, so I have no frame of reference as to how accurate they still are.  If you would prefer to discuss this off-list, or via phone, please advise.

With regards to the sasl side of things, the options.html
(doc/legacy/options.html) page is the primary documentation, that I'm
familiar with, for ldapdb support. The saslauthd documentation mentioned
below would have referred to out of date documentation in the
LDAP_SASLAUTHD, which was the only place ldap saslauthd support was
documented at the time.

I don't recall if I've used ptloader, and I don't have any input on how
best to document or use it.

Specifically, I am trying to configure so that users may authenticate with either just UID (i.e. "nic") or email address (i.e. "n...@onlight.com").  The saslauthd example shown above does just this, but Cyrus still only works with the simple user ID, not the email address, which is what leads me to trying ptloader and auxprop.

There are two approaches I've used to allow for "nic" and "n...@onlight.com"
to refer to the same mailbox:

* Set online.com as the default domain

* Configure ldapdb as the canon_user plugin, and return the 'normalized'
 user using the configured ldapdb_canon_attr.

On 03/14/2016 02:52 AM, Phabricator wrote:
Dan White <dwh...@olp.net> committed rI0b8b7ab02b36: Documentated several saslauthd 
ldap options. (authored by Dan White <dwh...@olp.net>).
Herald added auditors: Documentation.

Documentated several saslauthd ldap options.

Dan White

Reply via email to