Re: Authenticate users using their firstname

Mon, 01 Oct 2018 09:28:33 -0700 


> On 01 October 2018 at 15:19 Steffen Kaiser <skdove...@inf.h-brs.de> wrote:
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Sat, 29 Sep 2018, Fady AL HAYALI wrote:
> 
> > I'm setting up a Postfic and Dovecot with LDAP email server. My users in 
> > LDAP is like this:
> >
> >    dn: uid=firstname,ou=People,dc=domain,dc=com
> >    uid: firstname
> >    uidNumber: 4025
> >    gidNumber: 4025
> >    givenName: firstname
> >    objectClass: top
> >    objectClass: person
> >    objectClass: posixAccount
> >    objectClass: shadowAccount
> >    objectClass: organizationalPerson
> >    objectClass: inetOrgPerson
> >    loginShell: /bin/bash
> >    homeDirectory: /home/firstname
> >    cn: firstname lastname
> >    mail: firstname.lastn...@domain.com<mailto:firstname.lastn...@domain.com>
> >
> > This is how I connect Dovecot with LDAP
> >
> >    hosts = ldapserver
> >    ldap_version = 3
> >    base = ou=People,dc=domain,dc=com
> >    deref = never
> >    scope = subtree
> >    user_attrs =
> >    user_filter = (&(objectclass=inetOrgPerson)(uid=%n)
> >    pass_attrs = uid=user,userPassword=password
> >    pass_filter = (&(objectclass=inetOrgPerson)(uid=%n))
> >    default_pass_scheme = SSHA
> >
> > When I enter a user's email address and password as the following:
> > email: firstname.lastn...@domain.com<mailto:firstname.lastn...@domain.com>
> > password: password
> >
> > and according to my setting which I used "%n" as you see above, the 
> > username used to authenticate is "firstname.lastname". I checked the 
> > Dovecot variables but I couldn't find something useful in this case to 
> > manipulate the "%n" variable.
> >
> > I would like to keep using email addresses as 
> > "firstname.lastn...@domain.com"<mailto:firstname.lastn...@domain.com> but 
> > authenticate users using their first name. I really hit a wall here and any 
> > help will be much appreciated.
> 
> Well, for me, this sounds strange, using firstname only. Why not let your 
> users enter the firstname only? Or:
> 
> pass_filter = (&(objectclass=inetOrgPerson)(|(uid=%n)(mail=%n@*)))
> 
> If firstname is unique, mail should be unique as well.
> 
> - -- 
> Steffen Kaiser


Steffen, I understood their mail addresses are like steffen.kai...@domain.com, 
but uid's are like uid=steffen

Aki

Reply via email to