Hello Ludovic, hello SOGo users,
it took me a while to answer, we had a corrupt file system on a VMware
host (hosting amongst others an Active Directory DC *ouch*), so lots of
work recovering in the last days...
Am 11.02.2011 22:51, schrieb Ludovic Marcotte:
On 11-02-08 12:24 PM, Stefan Helms wrote:
+ using our LDAP as global addressbook and primary authentication
source (uid is the login name for the central IMAP server)
- members of one OU in LDAP should be allowed to authenticate, others
shouldn't (so far all are allowed)
Do you have multiple OU that contain users allowed to authenticate or
only one? If you only have one, just set the baseDN accordingly in
your SOGoUserSources entry.
Only users of one OU should be able to authenticate, but users of all
OUs should appear in the global addressbook, so just changing the baseDN
is not really a satisfactory solution.
I'm currently having one addressbook with canAuthenticate=NO for the
whole organization and one authentication source with isAddressbook=NO
for only the OU allowed to authenticate.
This seems to work fine, but somehow I'm uncomfortable about that
approach, as I feel it might perhaps call for problems with users
appearing in both user sources.
Would you recommend that solution?
+ an additional authentication source/addressbook for "resources"
with email addresses in a separate mail(sub)domain in SQL (because we
can't write to the central LDAP)
+ local SMTP server on the SOGo host intercepts mails for the
maildomain of those resources and pipes them to a script accepting
appointments via curl, hands over other mail to our central smtp for
delivery => no IMAP account for resources (mail tab in webinterface
is deactivated via defaults)
- both addressbooks (LDAP and SQL) should be used for autocompletion
in TB (so far only LDAP works)
Thunderbird can only have one "remote auto-completion source" defined.
Well, that's the answer I expected and feared to get. You just never get
it all... :(
Maybe one day it might be possible to combine several user sources into
one remote addressbook on the server...?
So SOGo fetches entries from several sources on the backend and presents
them to the client as one addressbook.
My biggest pain-in-the-%!# right now is, that free/busy in
Thunderbird only flashes appointments of LDAP users and then shows
them as free.
Try also setting IDFieldName = uidNumber;
That did the trick and made my day.
Thanks a lot!
--
Stefan Helms
Fachinformatiker für Systemintegration
(IT Specialist for Systems Integration)
Fachhochschule Köln (Cologne University of Applied Sciences)
Bibliothek IWZ 2021
Betzdorfer Str. 2
50679 Köln
GERMANY
Tel. : +49 221 / 8275-2721
Fax : +49 221 / 8275-72721
mailto:stefan.he...@fh-koeln.de
--
users@sogo.nu
https://inverse.ca/sogo/lists
