search

tiredofit / docker-fusiondirectory

Dockerized web based LDAP manager
MIT License
47 stars 18 forks source link

use fusiondirectory with a mailserver solution for authentication #38

Open mamiapatrick opened 3 years ago

mamiapatrick commented 3 years ago

I find these maill server that allow a backend authentication with LDAP so i wanted to use my LDAP based on fusiondirectory to use that mailserver. SO i wanted to know is there some plugins to activate to use fusiondirectory with postfix and dovecot? What are the attributes on fusiondirectory schema for email?

To setup the mail server https://github.com/docker-mailserver/docker-mailserver/wiki/Configure-LDAP i have to setup these parameter and that are the param i put in my config but

DOVECOT_PASS_ATTRS: uid=user,userPassword=password DOVECOT_PASS_FILTER: (&(objectClass=inetOrgPerson)(mail=%s)) DOVECOT_USER_ATTR: DOVECOT_USER_ATTRS=homeDirectory=home,gidNumber=gid,uidNumber=uid,mailMessageStore=mail DOVECOT_USER_FILTER: (&(objectClass=inetOrgPerson)(mail=%s)) LDAP_QUERY_FILTER_ALIAS: (&(objectClass=user)(otherMailbox=%s)) LDAP_QUERY_FILTER_DOMAIN: (|(mail=@%s)(mailalias=@%s)(mailGroupMember=*@%s)) LDAP_QUERY_FILTER_GROUP: (&(|(memberof=cn=it,ou=groups,dc=mydomain,dc=ext,dc=ext)(memberof=cn=designers,ou=groups,dc=mydomain,dc=ext,dc=ext))(mail=%s)) LDAP_QUERY_FILTER_USER: (&(objectclass=gosaMailAccount)(mail=%s))

And unfortunately the example in their wiki illustrates this for a directory that has the qmail-schema installed and that uses uid so i'm looking for a setup with your solution

hanneshier commented 2 years ago

Hello @mamiapatrick, have you found a working solution for this setup?

mamiapatrick commented 2 years ago

Hello @hanneshier no I didn't. Let me know if you find one solution

hanneshier commented 2 years ago

@mamiapatrick With a lot of trial an error, I found a working solution for me! Let me know if its working for you too, or if you have any questions concerning my FusionDirectory setup.

# -----------------------------------------------
# --- LDAP Section ------------------------------
# -----------------------------------------------

ENABLE_LDAP=1
LDAP_START_TLS=
LDAP_SERVER_HOST=openldap
LDAP_SEARCH_BASE=dc=example,dc=org
LDAP_BIND_DN=cn=mailserver,ou=dsa,dc=example,dc=org # you can also use your admin DN here
LDAP_BIND_PW=supersecretpassword

# https://github.com/docker-mailserver/docker-mailserver/issues/1828

LDAP_QUERY_FILTER_DOMAIN=(|(mail=*@%s)(gosaMailAlternateAddress=*@%s)(mailGroupMember=*@%s))
LDAP_QUERY_FILTER_USER=(&(objectClass=gosaMailAccount)(mail=%s))
LDAP_QUERY_FILTER_ALIAS=(&(objectClass=gosaMailAccount)(gosaMailAlternateAddress=%s))
LDAP_QUERY_FILTER_GROUP=(|) # I have no solution for groups yet, but didnt need so did not really try

# -----------------------------------------------
# --- Dovecot Section ---------------------------
# -----------------------------------------------

DOVECOT_AUTH_BIND=yes
DOVECOT_PASS_ATTRS=mail=user,userPassword=password
DOVECOT_USER_ATTRS==home=/var/mail/%d/%u,=uid=5000,=gid=5000,
DOVECOT_PASS_FILTER=(&(objectClass=gosaMailAccount)(mail=%u))
DOVECOT_USER_FILTER=(&(objectClass=gosaMailAccount)(mail=%u))

DOVECOT_TLS=no
DOVECOT_MAILBOX_FORMAT=maildir

# -----------------------------------------------
# --- SASL Section ------------------------------
# -----------------------------------------------

ENABLE_SASLAUTHD=1
SASLAUTHD_MECHANISMS=rimap
SASLAUTHD_MECH_OPTIONS=127.0.0.1