Re: disable imap for ldap user
Hi steffen, my arg is telexNumber and I basically use it the wrong way here but I have to migrate some stuff and before I start to invent things I like to try to set it up like before. In courier you could define that a given arg from LDAP sets the option disableimap to 1 or 0 so I was looking for a way to do that in dovecot. Am 13.09.2017 um 14:49 schrieb Steffen Kaiser: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 9 Sep 2017, Markus Rosjat wrote: In general every user can use pop3 but only a few can use imap so what I want is: - permit pop3 by default - check if the attribute is 0 or 1 - depending on the result a user can login with imap protocol What's the name of the attribute? Maybe you can use %s in the the pass_filter string. If the name does not contain "imap", you need to change the logic, e.g. invent a general LDAP attribute deniedService and set deniedServer=imap Or AllowedService=imap allowedService=pop3 Or DeniedIMAP=1 Am 08.09.2017 um 17:59 schrieb Ralph Seichter: On 08.09.2017 17:11, Markus Rosjat wrote: I have a LDAP dir with an attribute set to 0 or 1 and in my old setup (a courier server) I used this attribute to map it to an authoption called disableimap. This prevent users to access the mailbox with imap protocol. So the question is what should I set in dovecot to get the same behaviour? You can configure 'pass_filter' to discount entries with your disable- flag. Affected users won't be able to authenticate with Dovecot, which I assume is what you are trying to achieve. -Ralph - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWbkpYHz1H7kL/d9rAQJ8kwgAo2PMSAmZ4fwld7Qw9Cw+2Htq42CbaRPK 8qtJTy61lF++VSGrsfy3ed4DGuaDrWM1IFo3/BifJusdjAgCxQqKQFV6J29HvyNa SCeF5BHTvgC4owMXt5HGrdIIU872oKI8vHCkmO3i8dwuWZTg5t+QO/iKLI3yGUa7 6D1pEqydGOU1KXYO/KxjHmYWvZ7Iv8Mt3eJ6yucC1xtxPVGRD+6gOZn12p3d/srb ZGYqXyaQ0UQXV+8skQTMCrr+YbNxjN6aSxZOIcDxLjCVeJrnBCe5KJaLp+MU35Z8 yiWmF+dVByX3RxzmPiuRLEoMpiTEOfr2jzSwzzdiTVt5ViGekIwZ6g== =rlq8 -END PGP SIGNATURE- -- Markus Rosjatfon: +49 351 8107223mail: ros...@ghweb.de G+H Webservice GbR Gorzolla, Herrmann Königsbrücker Str. 70, 01099 Dresden http://www.ghweb.de fon: +49 351 8107220 fax: +49 351 8107227 Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you print it, think about your responsibility and commitment to the ENVIRONMENT
Re: disable imap for ldap user
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, 9 Sep 2017, Markus Rosjat wrote: In general every user can use pop3 but only a few can use imap so what I want is: - permit pop3 by default - check if the attribute is 0 or 1 - depending on the result a user can login with imap protocol What's the name of the attribute? Maybe you can use %s in the the pass_filter string. If the name does not contain "imap", you need to change the logic, e.g. invent a general LDAP attribute deniedService and set deniedServer=imap Or AllowedService=imap allowedService=pop3 Or DeniedIMAP=1 Am 08.09.2017 um 17:59 schrieb Ralph Seichter: On 08.09.2017 17:11, Markus Rosjat wrote: I have a LDAP dir with an attribute set to 0 or 1 and in my old setup (a courier server) I used this attribute to map it to an authoption called disableimap. This prevent users to access the mailbox with imap protocol. So the question is what should I set in dovecot to get the same behaviour? You can configure 'pass_filter' to discount entries with your disable- flag. Affected users won't be able to authenticate with Dovecot, which I assume is what you are trying to achieve. -Ralph - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBWbkpYHz1H7kL/d9rAQJ8kwgAo2PMSAmZ4fwld7Qw9Cw+2Htq42CbaRPK 8qtJTy61lF++VSGrsfy3ed4DGuaDrWM1IFo3/BifJusdjAgCxQqKQFV6J29HvyNa SCeF5BHTvgC4owMXt5HGrdIIU872oKI8vHCkmO3i8dwuWZTg5t+QO/iKLI3yGUa7 6D1pEqydGOU1KXYO/KxjHmYWvZ7Iv8Mt3eJ6yucC1xtxPVGRD+6gOZn12p3d/srb ZGYqXyaQ0UQXV+8skQTMCrr+YbNxjN6aSxZOIcDxLjCVeJrnBCe5KJaLp+MU35Z8 yiWmF+dVByX3RxzmPiuRLEoMpiTEOfr2jzSwzzdiTVt5ViGekIwZ6g== =rlq8 -END PGP SIGNATURE-
Re: disable imap for ldap user
no this is not the intented behaviour for thsi attribute. In general every user can use pop3 but only a few can use imap so what I want is: - permit pop3 by default - check if the attribute is 0 or 1 - depending on the result a user can login with imap protocol regards Markus Am 08.09.2017 um 17:59 schrieb Ralph Seichter: On 08.09.2017 17:11, Markus Rosjat wrote: I have a LDAP dir with an attribute set to 0 or 1 and in my old setup (a courier server) I used this attribute to map it to an authoption called disableimap. This prevent users to access the mailbox with imap protocol. So the question is what should I set in dovecot to get the same behaviour? You can configure 'pass_filter' to discount entries with your disable- flag. Affected users won't be able to authenticate with Dovecot, which I assume is what you are trying to achieve. -Ralph -- Markus Rosjatfon: +49 351 8107223mail: ros...@ghweb.de G+H Webservice GbR Gorzolla, Herrmann Königsbrücker Str. 70, 01099 Dresden http://www.ghweb.de fon: +49 351 8107220 fax: +49 351 8107227 Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you print it, think about your responsibility and commitment to the ENVIRONMENT
Re: disable imap for ldap user
On 08.09.2017 17:11, Markus Rosjat wrote: > I have a LDAP dir with an attribute set to 0 or 1 and in my old setup > (a courier server) I used this attribute to map it to an authoption > called disableimap. This prevent users to access the mailbox with imap > protocol. > > So the question is what should I set in dovecot to get the same > behaviour? You can configure 'pass_filter' to discount entries with your disable- flag. Affected users won't be able to authenticate with Dovecot, which I assume is what you are trying to achieve. -Ralph