[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Proxy authorization fail with cyrus-sasl and postfix

To: openldap-technical@openldap.org
Subject: Re: Proxy authorization fail with cyrus-sasl and postfix
From: "Dieter Kluenter" <dieter@dkluenter.de>
Date: Sun, 23 May 2010 20:04:31 +0200
In-reply-to: <eddade65fcbcb23e2ce269180c9608a2@localhost> (Julien Vehent's message of "Sun, 23 May 2010 13:00:27 +0200")
References: <eddade65fcbcb23e2ce269180c9608a2@localhost>
User-agent: Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.5-b29 (linux)

Julien Vehent <julien@linuxwall.info> writes:

> Hello list,
>
> I am trying to authenticate my mail users against my ldap directory (slapd
> 2.4.17, debian squeeze). I have setup proxy authorization for user postfix
> as follow:
>
> in slapd.conf
> ----
> # SASL proxy authorization rewrite rule
> authz-regexp "^uid=([^,]+).*,cn=[^,]*,cn=auth$"
>               "ldap:///dc=linuxwall,dc=info??sub?(uid=$1)"

This regexp requires a uid attribute type.
>
> authz-policy to
> ----
>
> ldif of user postfix
> ----
> dn: cn=Postfix Administrator,ou=infrastructure,dc=linuxwall,dc=info
> authzto: ldap:///dc=linuxwall,dc=info??sub?(objectClass=inetOrgPerson)
> cn: Postfix Administrator
> [...]

unless you cut it, cn=Postfix Administrator has no uid attribute type,

[...]

-Dieter

-- 
Dieter Klünter | Systemberatung
sip: +49.40.20932173
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6

Follow-Ups:
- Re: Proxy authorization fail with cyrus-sasl and postfix
  - From: masarati@aero.polimi.it

References:
- Proxy authorization fail with cyrus-sasl and postfix
  - From: Julien Vehent <julien@linuxwall.info>

Prev by Date: Re: Proxy authorization fail with cyrus-sasl and postfix
Next by Date: Re: dynlist and group membership (libnss-ldap, posixGroup, samba)
Index(es):
- Chronological
- Thread