Hello Am 04.11.2016 um 17:16 schrieb "sg gs" (s...@mail.com): > hello, > all our active users (besides others) are members of group: > cn=enterpriseusers,dc=groups,o=example. > to restrict access to these memberes i added filters > (&(uid=%u)(memberof=cn=enterpriseusers,dc=groups,o=example)) > to dovecot and postfix. these filters work perfect for dovecot and postfix > (and > other systems outside of sogos's scope). > now i would like to add equivalent filters to sogo's login users and the > global > addresslist. so i tried to add the line > filter = "(memberof=cn=enterpriseusers,dc=groups,o=example)"; > to sogo's login-users configuration. the result was, that it was no longer > possible to log in for any user. so i removed the fiter and added it to the > definition of the global addresslist. the effekt was, that it was no longer > possible to search in the gal - no matter, what i typed into the search field > , > always all members of the gal were displayed. > after modification of the filter to something like > filter = "account-type = enterprise-user"; (which defines a subset of the > above > list) > only matching users were displayed in the gal and seraching worked fine. > what can i do implement the dovecot and postfix restrictions into sogo's > login > configuration and address list?
As far as I know, memberof functionality is not implemented in SOGo. Therefore it tries to match the attribute "memberof" of the users with "cn=enterpriseusers,dc=groups,o=example". This will never work, as no user has that attribute. I think there is an enhancement request in the bug tracker for this, but not sure. Kind regards, Christian Mack -- Christian Mack Universität Konstanz Kommunikations-, Informations-, Medienzentrum (KIM) Abteilung Basisdienste 78457 Konstanz +49 7531 88-4416
smime.p7s
Description: S/MIME Cryptographic Signature