Re: Postfix, SASL and LDAPDB [definitely solved]

From: Victor Duchovni (no email)
Date: Mon May 24 2010 - 14:04:45 EDT

  • Next message: Linux Addict: "Disable NDR"

    On Mon, May 24, 2010 at 07:30:56PM +0200, Julien Vehent wrote:

    > Final solution provided by the Openldap mailing list:
    > > Just change your authz-regexp line to
    > >
    > > authz-regexp "^uid=([^,]+).*,cn=[^,]*,cn=auth$"
    > > "ldap:///dc=linuxwall,dc=info??sub?(|(uid=$1)(mail=$1))"
    > And the authentication works.
    > I think it's worth a line in the sasl howto to explain that postfix will
    > use the email value to authenticate the user, and therefore the authz-regex
    > should take it into account...

    This looks wrong. As Patrick points out you are likely confusing
    authentication realms (user at realm principals) with email addresses.
    DON'T. Rather configure Postfix with an empty or other correct setting
    of the realm that will work correctly without matching user at mail again
    email addresses.

    P.S. Morgan Stanley is looking for a New York City based, Senior Unix
    system/email administrator to architect and sustain our perimeter email
    environment.  If you are interested, please drop me a note.

  • Next message: Linux Addict: "Disable NDR"

    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs

    Powered By FreeBSD   Powered By FreeBSD