Jan-Piet Mens wrote: >> I have clients that send in thier username and password as [email protected], >> but it can also be [email protected]... etc... I need to pass the username >> but change the baseDN according to the domain name. Can this be done? > > I'd recommend you take the presented username and *search* for the DN. > Something like this might do the trick. The inside ldapdn lookup > searches for the user's DN. The outer lookup performs the authentication > with that dn: > > ldap_plain: driver = plaintext > public_name = PLAIN > server_prompts = "LDAP Username:: : LDAP Password::" > server_condition = \ > ${\ > lookup ldap { \ > user="${lookup ldapdn > {ldaps:///BASEDN?dn?sub?(mail=${quote_ldap:$2})}}" \ > pass="$3" \ > ldaps:///BASEDN?uid?sub?(mail=${quote_ldap:$2}) \ > }{yes}fail \ > } > server_set_id = $2 > > You'll have to test this. > > -JP > > >
Works IF the 'presented username' is unique by itself. Wouldn't fly here. Same $local_part occurs on several $domain. Bill -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
