]> Git — Sourcephile - sourcephile-nix.git/blob - servers/mermet/dovecot/ldap/sourcephile.fr.conf
openldap: use PR#79286
[sourcephile-nix.git] / servers / mermet / dovecot / ldap / sourcephile.fr.conf
1 debug_level = 0
2
3 # LDAP database
4 uris = ldapi://
5 base = ou=posix,dc=sourcephile,dc=fr
6 scope = subtree
7 #deref = never
8 # NOTE: sufficient for small systems and uses less resources.
9 blocking = no
10
11 # LDAP auth
12 sasl_bind = yes
13 sasl_mech = EXTERNAL
14 #dn = cn=admin,dc=sourcephile,dc=fr
15 #dnpass = useless with sasl_mech=EXTERNAL
16 # DOC: https://wiki.dovecot.org/AuthDatabase/LDAP/AuthBinds
17 # Using auth_bind is a bit more secure : dovecot does not need
18 # to have read acces to userPassword.
19 auth_bind = yes
20 auth_bind_userdn = uid=%n,ou=accounts,ou=posix,dc=sourcephile,dc=fr
21
22 ## dovecot passdb query
23 #pass_filter = (&(objectClass=posixAccount)(uid=%n)(mailEnabled=TRUE))
24 #pass_attrs = uidNumber=userdb_uid,\
25 # gidNumber=userdb_gid,\
26 # mailStorageDirectory=userdb_mail,\
27 # =userdb_mail_access_groups=sourcephile,\
28 # quotaBytes=userdb_quota_rule=*:bytes=%{ldap:quotaBytes},\
29 # =user=%n@%d
30 # #homeDirectory=userdb_home
31 #default_pass_scheme = SSHA
32
33 # dovecot userdb query
34 # For dovecot-lda
35 user_filter = (&(objectClass=posixAccount)(uid=%n)(mailEnabled=TRUE))
36 user_attrs = mailStorageDirectory=mail,\
37 uidNumber=uid,\
38 gidNumber=gid,\
39 mailStorageDirectory=mail,\
40 =mail_access_groups=sourcephile,\
41 quotaBytes=quota_rule=*:bytes=%{ldap:quotaBytes}
42
43 # doveadm user query
44 iterate_attrs = =user=%{ldap:uid}@sourcephile.fr
45 iterate_filter = (&(objectClass=posixAccount)(mailEnabled=TRUE))