Greets. In the next few weeks I plan to start build a new cyrus 2.1.x imap server. Ones of the things I would like to do is use our existing corporate ldap directory for user authentication. Because it is a corporate ldap directory changing the scheme is out of the question for me.
I think our ldap directory is a bit different from the norm. :) For one, the userid is a persons email address. ([EMAIL PROTECTED], for example). So a typical auth session with the ldap server is as expected: 1) Anonymous bind, filter on [EMAIL PROTECTED] to get DN 2) Authenticated bind using DN and user supplied passwd 3) Return results of bind. My concerns revolve around the userid being an email address. I'm not sure that cyrus 2.1.x will deal with this well. I'm also not very sure that postifx will deal with it during lmtp delivery into cyrus either. My initial thoughts are to have cyrus mailboxes named by employee number and use some mapping in postfix to get the delivery right. Here's some example data to work with: Email Address: [EMAIL PROTECTED] (This is where mail is sent) Cyrus Mailbox: user.123456837 Cyrus Userid: [EMAIL PROTECTED] (No mail is delivered here!) The big questions I have about using this setup would be on the cyrus / sieve side of things. How do I setup the permissions so that the userid "[EMAIL PROTECTED]" only has access to the "userid.123456837" mailbox? What kinda trouble can I expect out of sieve vacation and such when it tries to send email? Is anyone in a similar situation? Any hints, tips, or revelations would be welcome. As I said, I'm into the research phase of this project and just looking to bounce ideas around on how to handle this situation. Thanks for the help. -- Regards, Scott Russell ([EMAIL PROTECTED]) Linux Technology Center, System Admin, RHCE. T/L 441-9289 / External 919-543-9289 http://bzimage.raleigh.ibm.com/webcam
