> Julien Vehent <[email protected]> writes: > >> Hello list, >> >> I am trying to authenticate my mail users against my ldap directory >> (slapd >> 2.4.17, debian squeeze). I have setup proxy authorization for user >> postfix >> as follow: >> >> in slapd.conf >> ---- >> # SASL proxy authorization rewrite rule >> authz-regexp "^uid=([^,]+).*,cn=[^,]*,cn=auth$" >> "ldap:///dc=linuxwall,dc=info??sub?(uid=$1)" > > This regexp requires a uid attribute type. >> >> authz-policy to >> ---- >> >> ldif of user postfix >> ---- >> dn: cn=Postfix Administrator,ou=infrastructure,dc=linuxwall,dc=info >> authzto: ldap:///dc=linuxwall,dc=info??sub?(objectClass=inetOrgPerson) >> cn: Postfix Administrator >> [...] > > unless you cut it, cn=Postfix Administrator has no uid attribute type,
This *should* have nothing to do, since binding as the Postfix administrator succeeds, according to the logging he produced. What's failing is the subsequent proxyauthz'ing (presumably as a user, but the original posting did not produce enough info). p.
