Hello, thanks for the fast and informative answers.
Based on the manual "You can set ACLs based on group membership" I thought, login via groups is possible, but as it seems, it isn't. I will try to use the solution in case 1 (case 2 seems to be more of a nightmare to maintain) and wait for improvements in SOGoUserSources. Markus Am 19.12.2012 10:22, schrieb Simon Walter: > On 12/19/2012 05:54 PM, Thibault Le Meur wrote: >> Le 19/12/2012 00:45, mho...@gmx.de a écrit : >>> Hello, >>> >>> I am trying to make SOGo work with LDAP group-authentication in a way >>> that allows only members of a certain group to log on to the web >>> interface. >> In the documentation I read "SOGo supports LDAP-based groups ... You can >> set ACLs based on group membership and invite a group to a meeting (and >> the group will be decomposed to its list of members upon save by SOGo). >> You can also control the visibility of the group from the list of shared >> address books or during mail autocompletion by setting the isAddressBook >> parameter to YES or NO." >> >> I am not sure if this means that an LDAP-group can be used to restrict >> authentication to a subset of users. >> >> Here is however how I would achieve your goals: I see 2 cases. >> * case1: in your user entry you've got a "memberOf"-like attribute that >> is refering to the list of groups this particular user is member of >> ==> in this case you use a simple SogoSources entry with a "filter" >> parameter: you filter users having the choosen group DN or name >> (depending on your setup) as a value for this "memberOf" attribute. >> > > Yes, which I would like to do as well. However, until the > SOGoUserSources filter is fixed, we can't do some nice things with it. > > Simon > -- users@sogo.nu https://inverse.ca/sogo/lists
