I completely forget where I originally got this. I'm pretty sure it was
after some annoying late-night Googling. This is supposedly referenced in
one of the pam_ldap mailing list archive posts... somewhere, in some
galaxy, at some time. :)
(random FYI, objectClass hostObject, below, is if you were
Scott,
I was just browsing my LDAP schema. Where should if find
authorizedService?
--Ez
On Mon, 2005-04-04 at 09:33, Scott Balmos wrote:
> Use pam_ldap in conjunction with the pam_check_service_attr option in
> its config file. Then add authorizedService attributes for every PAM
> service you
On Mon, 4 Apr 2005, Ezsra McDonald wrote:
My current system is SuSe 8.1. This version of saslauthd was not
compiled with LDAP support. It currently hands off authentication to
pam_ldap. I have looked for the cyrus_sasl src RPM for the version I am
running. I would rebuild it but apparently it is no
Use pam_ldap in conjunction with the pam_check_service_attr option in
its config file. Then add authorizedService attributes for every PAM
service you want. Cyrus can get especially fine-grained, because it has
four separate PAM services (one each for POP3, IMAP, NNTP, and Sieve).
See below for
My current system is SuSe 8.1. This version of saslauthd was not
compiled with LDAP support. It currently hands off authentication to
pam_ldap. I have looked for the cyrus_sasl src RPM for the version I am
running. I would rebuild it but apparently it is not available. It looks
like I will have to
Not that I am aware off. We use the presence of a matching email
address in LDAP, (combined with a filter is salsauthd) to prevent
this. For student mail, it also depends on other attributes, (i.e.
whether or not they are an active student.)The filter feature is
very powerful as long as you
It's not task for IMAP server, but for SASL auth daemon. You have to
construct LDAP query in sasl so it allow only users which have mail to
login. Either create some special flag in LDAP.
F.E.: "ldap_filter: (&(uid=%u)(allowCyrusLogin=true))" or something
similar.
Ondrej
On Fri, 2005-04-01 at
Greetings,
I have been running Cyrus for a couple years now and
just discovered that any user in my LDAP db can login
to imap even if I have not created an IMAP account for
them.
Is there a setting to tell IMAP not to allow
authenticated users who don't have cyrus accounts?
I am using IMAP4 v2.1
