At this point I tried a bunch of things, like separate sogo domains for
each TLD and indirect binds using bindFields. However, as far as I can
see, there is no way to control which email should be used as the login
in the IMAP/SMTP server, since SOGo will use whatever is returned in the
LDAP record.
Is there any way to do variable substitution in Sogo.conf. Something like:
domains = {
example.com = {
SOGoMailDomain = example.com;
SOGoUserSources = (
type = ldap;
UIDFieldName = %{uid}'@example.com';
...
}
I am just checking if there are any alternatives, otherwise I will just
remodel the LDAP DIT so each record returns only mail attribute.
Thanks,
Andrei
On 13/09/2018 19:08, Andrei Goldchleger (agoldchle...@vbtec.com.br) wrote:
Hi,
My LDAP users records contain multiple email addresses. For example:
-----
dn: uid=john-doe,ou=people,dc=example,dc=net
objectClass: inetOrgPerson
uid: john-doe
sn: Doe
givenName: John
cn: John Doe
userPassword: <PASSWORD>
mail: john-...@example.net
mail: john-...@example.com
mail: john-...@example.org
-----
Each of those email addresses maps to a different mailbox. They are
handled by a single SMTP/IMAP server. This was tested with Thunderbird
and the mailbox isolation works fine.
I would like to achieve in SOGo the same kind of isolation:
1) User logs in with the email address
2) User only sees the mailbox that correspond to the address used to
log in SOGo
3) User can only send email with the login identity
My SogoUsersSources is like the following:
-----
SOGoUserSources = (
{
type = ldap;
CNFieldName = cn;
UIDFieldName = mail;
IDFieldName = uid; // first field of the DN for direct binds
bindFields = (mail); // array of fields to use for indirect binds
IMAPLoginFieldName = mail;
baseDN = "ou=people,dc=example,dc=net";
bindDN = "uid=sogo,ou=automation,dc=example,dc=net";
bindPassword = <PASSWORD>;
canAuthenticate = YES;
displayName = "Shared Addresses";
hostname = ldaps://ldap.example.net;
id = public;
isAddressBook = YES;
}
-----
With this configuration, the user logs in successfully with the email
address (thus objective 1 is achieved). However, the mailbox that is
loaded is always the mailbox listed in the first mail record in the
LDAP attribute (In this example, john-...@example.net). Also, when
composing email, the user can select the other accounts.
Is there any way to achieve what I want without having separate LDAP
records?
Thanks,
Andrei
--
users@sogo.nu
https://inverse.ca/sogo/lists