Il 15/11/2016 13:56, Jeroen Beerstra ([email protected]) ha scritto:
> We also provide e-mail services to selected clients on request and here
> is where the problems begin. At the moment we use Mysql as
> authentication provider for SOGo only and because I don't want
> individual clients to find other clients contact data or possibly more
> we use a config section per domain and a seperate user table in the
> database. This works but is rather hard to maintain.
>
> For this reason and some others I'm looking into LDAP as authentication
> provider. Is it possible to use ldap in a simular way? That is by
> separating domains from each other so users can only find other users in
> their own organization or share with them.
>
> If I simply need to RTFM please let me know :) LDAP is rather
> complicated and my experience with it is limited, I did succeed in
> setting up a test environment with 389 server on CentOS 7 and letting it
> work with SOGo and Dovecot.
>
> PS in the end all of this should work with postfix/dovecot virtual
> users, but I guess that is off-topic and more a postfix/dovecot issue.
I have a similar installation.
I though have 1 table with all the users (my management interface
handles it this way),
so I setup 1 view for every "domain/customer" I need to manage.
Simply a select which filters by domain ...
I started using the mysql only setup and it worked well, though I
thought it would have been nice to have groups which is only supported
by the
LDAP implementation in SOGo.
So I configured an LDAP service with the mysql backend just to have
groups taken from the database.
[OT] Nobody uses them :-( so I could have left the mysql backend [/OT]
anyway then I simply configured the SOGO.conf with the separate domains
and it all works pretty well.
Of course it might become a bit complicated if you often need to
add/remove domains you manage,
but it could be scripted pretty easily IMHO.
...
domains = {
firstdomain = {
SOGoMailDomain = firstdomain.com;
SOGoUserSources = (
{
/* ldap o mysql configuration */
...
/* here I even have a different ldap address book which is a mapped
database table of a shared web address book */
}
);
};
seconddomain = { SOGoMailDomain = secondomain.com;
SOGoUserSources = (
{
...
}
);
};
};
...
Hope this helps,
Alessandro
--
[email protected]
https://inverse.ca/sogo/lists
