Hi Michael, Just noticed you are using auth_bind_userdn which we don't. I think you may need to use pass_filter rather than user_filter??
Best Regards Martin On 2017-06-07 10:59, Martin Wheldon wrote:
Hi Michael, We do exactly that see example below: user_filter = (&(&(objectClass=ukFirmGhITPerson)(ukFirmGhITAccSubSrvcs=Email)(ukFirmGhITAccLocked=Email-FALSE))(|(uidNumber=%u)(mail=%u)(ukFirmGhITAccMailAlias=%u))) pass_filter = (&(&(objectClass=ukFirmGhITPerson)(ukFirmGhITAccSubSrvcs=Email)(ukFirmGhITAccLocked=Email-FALSE))(|(uidNumber=%u)(mail=%u))) Does it work without the AllowUser section of the search? Do you get any records back when you do a ldapsearch with your user_filter search? Best Regards Martin On 2017-06-07 09:48, Michael JOIGNY wrote:Hi all, I'd like to know if it's possible to add a custom field when the authentification is made by users. My boolean custom field will be for example "AllowUser" (false/true). I'm trying to do something like that but it's not working : /user_filter = (&(objectClass=posixAccount)(uid=%u)(objectClass=myclass)(AllowUser=TRUE))/ This is my dovecot/ldap configuration below : /*# dovecot.conf* / /passdb {// // driver = ldap// // args = /etc/dovecot/dovecot-ldap.conf// //}/ *# dovecot-ldap.conf* /hosts = myurl:myport// //dn = cn=myuser,dc=mydomain,dc=com// //dnpass = ********// //a//uth_bind = yes// //auth_bind_userdn = uid=%u,ou=users,dc=mydomain,dc=com// //ldap_version = 3// //base = ou=Users,dc=mydomain,dc=com// //scope = base// //default_pass_scheme = SSHA512 / Do you have an idead ? Kind regards. -- Michael
