For our customers, I've set up a special OU just for mail accounts where the uid is their e-mail address. This is so that they can use one login / password for, so far, mail (pop3 / imap) and web (ftp). I can see expanding this to many other LDAP aware services. So far it's worked very well for us.
On Mon, Feb 25, 2002 at 08:50:13PM +0000, Dan Melomedman wrote: > Thomas -Balu- Walter writes: > > > Hey guys, > > > > are there any know problems/issues for using email-addresses > > as "uid" so that a user has to login to pop/imap using his email? > > > > I wonder if there are clients or other things that might make problems > > when using this kind of setup. > Yes, many problems! > > The "uid" attribute is used by many other LDAP-aware applications and > services, which cause clashes. Furthermore, "uid" is a very common naming > attribute, which again causes a conflict when naming LDAP entries. A good > idea is to compile qmail-ldap to use a different attribute for POP3 > authentication. > > I don't like "uid" as the chosen attribute for POP3 authentication, I wish > the developers went with a different attribute from the start of the > project, but "Oh Well". qmail-ldap already has a number of proprietary > attributes in its schema, so why not have an alternative for "uid" in the > shipped schema? Furthermore, why not make that alternative attribute the > standard in the future versions. "uid" is almost guaranteeing a conflict > with some other software. Would anyone like to respond to this? -- Brendon Colby Systems Administrator Midcontinent Communications
