Skip to content

LDAP authentication using auth. bindings #273

New issue
New issue
Closed
Closed
LDAP authentication using auth. bindings#273
Assignees
foxcpp
Labels
authRelated to authentication providersnew featureNew feature.ready-for-releaseFeature is implemented and available for testing in dev branch. It will be included in the next rele
Milestone
0.5
@foxcpp

Description

@foxcpp
foxcpp
opened on Sep 24, 2020

Considerations

Search request params should be configurable, as well as initial bind credentials. "DN template" option as on https://wiki.dovecot.org/AuthDatabase/LDAP/AuthBinds may be used to improve performance at the cost of flexibility.

Authentication status cache would be useful to amortize load since this approach requires a new connection each time.

Possible config example

auth.ldap tls://ldap.rocks.example.org:636 {
  # DN lookup params.
  search_base_dn "dc=example,dc=com"
  search_filter "(&(objectClass=posixAccount)(uid={username}))"
  # ... alternatively, DN template.
  dn_template "uid={username},ou=people,o=org"
 
  # Credentials for initial read-only bind.
  bind_username "mailserver"
  bind_password "secret"
}

References

Metadata

Metadata

Assignees

Labels

authRelated to authentication providersnew featureNew feature.ready-for-releaseFeature is implemented and available for testing in dev branch. It will be included in the next rele

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions