A NOTE has been added to this issue. ====================================================================== http://dbmail.org/mantis/view.php?id=785 ====================================================================== Reported By: doker Assigned To: ====================================================================== Project: DBMail Issue ID: 785 Category: Authentication layer Reproducibility: always Severity: minor Priority: normal Status: new target: ====================================================================== Date Submitted: 11-Jun-09 09:22 CEST Last Modified: 11-Jun-09 10:31 CEST ====================================================================== Summary: ignored QUERY_STRING parameter Description: MSLdap windows 2003 server , dbmail-2.3.5_2 ############ dbmail.conf [DBMAIL] authdriver=ldap [LDAP] PORT = 389 VERSION = 3 HOSTNAME = dc1.domen.ru BIND_DN = CN=dbmail,OU=Services,DC=domen,DC=ru BIND_PW = 1234567 SCOPE = SubTree BASE_DN = OU=Users,DC=domen,DC=ru QUERY_STRING=(memberOf=CN=GMU,CN=Users,DC=shipyard-yantar,DC=ru) USER_OBJECTCLASS = person FIELD_PASSWD = userPassword FIELD_UID = sAMAccountName FIELD_NID = uSNCreated FIELD_CID = gidNumber FIELD_MAIL = userPrincipalName FIELD_QUOTA = mailQuota ################### when I try to get userlist the QUERY_STRING parameter is being totally ignored ############################ debug.log dbmail/pop3d[45007]: [0x288202e0] Debug:[auth] __auth_get_config(+83): key "QUERY_STRING" section "LDAP" var _ldap_cfg.query_string value [(memberOf=CN=GMU,CN=Users,DC=domen,DC=ru)] ############# ======================================================================
---------------------------------------------------------------------- (0002822) doker (reporter) - 11-Jun-09 09:25 http://dbmail.org/mantis/view.php?id=785#c2822 ---------------------------------------------------------------------- * QUERY_STRING=(memberOf=CN=GMU,CN=Users,DC=domen,DC=ru) ---------------------------------------------------------------------- (0002823) paul (administrator) - 11-Jun-09 09:45 http://dbmail.org/mantis/view.php?id=785#c2823 ---------------------------------------------------------------------- This is not a bug, but a feature. The query_string parameter is not used for filtering the list of users/forwards. It's only used during delivery. In your case, if you want to limit email delivery to the group mentioned in the filter you should use something like: query_string=(&(userPrincipleName=%s)(memberOf=CN=GMU,CN=Users,DC=domen,DC=ru)) assuming userPrincipleName contains a valid email address ---------------------------------------------------------------------- (0002824) doker (reporter) - 11-Jun-09 10:31 http://dbmail.org/mantis/view.php?id=785#c2824 ---------------------------------------------------------------------- we have followed your recommendations, but invoking "dbmail-users -l" results in displaying the list of all users (no matter if user belongs to GMU group or not) and authorisation through e-mail client is always successful even after removal of that user from the GMU group for your information: there is truncated string in debug.log : dbmail/pop3d[8403]: [0x288202e0] Debug:[auth] __auth_get_config(+83): key "QUERY_STRING" section "LDAP" var _ldap_cfg.query_string val ue [(&(userPrincipleName=%s)(memberOf=CN=GMU,CN=Users,DC Issue History Date Modified Username Field Change ====================================================================== 11-Jun-09 09:22 doker New Issue 11-Jun-09 09:23 doker Issue Monitored: doker 11-Jun-09 09:24 doker Issue End Monitor: doker 11-Jun-09 09:25 doker Note Added: 0002822 11-Jun-09 09:38 doker Issue Monitored: doker 11-Jun-09 09:45 paul Note Added: 0002823 11-Jun-09 10:31 doker Note Added: 0002824 ====================================================================== _______________________________________________ Dbmail-dev mailing list Dbmail-dev@dbmail.org http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail-dev
