Re: Pass-though Authentication with Saslauthd and Kerberos

On 2012-01-06 22:10, Jeff B wrote: Upon more reflection It appears to be a row locking problem in BDB. In the example where I found the SASL pass though example their kerberos principal data was not stored in the user's ldap record. and the example where you could store your kerberos principal

Re: OpenLDAP SASL Passthrough

On 18/11/11 12:03, Raffael Sahli wrote: I'm pretty sure the problem is not kerberos! Hi, I just had virtually the same problem with virtually the same error messages and symptoms on an authentication server based on MIT Kerberos, OpenLDAP and SASL. I was banging my head against the wall because

Re: Strange behavior with TLS with self-signed certs

On Friday 07 January 2011 04:18:40 Michael Starling wrote: #TLS settings ssl start_tls ssl on That should be either ssl start_tls OR ssl on, not both. If you specify ssl start_tls then you should use the ldap:// URL schema, if you specify ssl on then you should use ldaps://. Andreas

ACLs to allow users to traverse DIT down to their own entry, lock down everything else

Hi list, I've been fighting with ACLs for quite a bit now and most things seems to work but I not quite everything I need. I am using OpenLDAP 2.4.21 (2.4.21-0ubuntu5.3) on Ubuntu 10.04. A DN for a typical user looks like this (horribly long):

Re: Recommended approach for LDAP as backend for virtual domain mail hosting?

On Tuesday 05 October 2010 10:19:37 Buchan Milne wrote: On Monday, 4 October 2010 19:47:16 Andreas Ntaflos wrote: So the requirements are basically: * Independent domains and users, i.e. john@example.org is completely different/distinct from john@example.net, even though

Re: Recommended approach for LDAP as backend for virtual domain mail hosting?

On Tuesday 05 October 2010 04:35:59 Quanah Gibson-Mount wrote: --On Tuesday, October 05, 2010 4:22 AM +0200 Andreas Ntaflos d...@pseudoterminal.org wrote: Hi Quanah, thank you too for your reply! Could you elaborate on using an empty base/suffix? The concept seems strange to me and I

Re: Recommended approach for LDAP as backend for virtual domain mail?hosting?

On Tuesday 05 October 2010 05:57:16 Dan White wrote: Postfix, as you probably already know, has LDAP support for looking up most tables, which is how I implement virtual domain lookups. I've asked this in another message as well but how would an LDAP query for Postfix's virtual_mailbox_domains

Recommended approach for LDAP as backend for virtual domain mail hosting?

Hi, I will probably also post this to the Postfix mailing list but it is fundamentally an (Open)LDAP question so here goes: Short version: What is a recommended way to set up virtual mail hosting based on OpenLDAP? I.e. providing mail and authentication services, like SMTP and IMAP, using