Hi On Tuesday 25 of June 2013 00:13:05 Timo Sirainen wrote: > On 25.6.2013, at 0.05, Pavel Herrmann <morpheus.i...@gmail.com> wrote: > >> Sounds like you need to do two LDAP lookups and merge them. That requires > >> Dovecot v2.2. > > > > Sure, I am open to upgrading, if it solves the issue. > > > > I would actually need more than 2 requests, as AD supports recursive > > groups (a group being member of another group), which I do use. > > > > One possible issue is that from what I can see on the wiki does not really > > work with how groups in LDAP usually work. What I would need is the > > opposite direction - locate a group that has "member=myUserDn" attribute, > > look whether it has quota attribute set, if not use the group DN as > > myUserDn and repeat the search. > > Granted, AD has a backlink "memberOf" attribute, but I am still left with > > recursively looking up whether the group has a quota attribute, and > > whether it is a member of another group (cyclic membership is not > > possible AFAIK). Is this possible with Dovecot 2.2? > > http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb -> "Subqueries and > pointers" does what you need I think. My head can't really follow LDAP > stuff well enough to say for sure.
Yeah, I figured that one out. the thing I dont see is how I set this up to work recursively (until the quota attribute is found). What I need is something similar to postfix "special_result_attribute" and "leaf_result_attribute" options (with the exception that I need to select one/closest of the attributes found, whereas postfix gets them all) thanks Pavel Herrmann