Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LDAP authentication using auth. bindings #273

Closed
foxcpp opened this issue Sep 24, 2020 · 0 comments
Closed

LDAP authentication using auth. bindings #273

foxcpp opened this issue Sep 24, 2020 · 0 comments
Assignees
@foxcpp
Labels
auth Related to authentication providers new feature New feature. ready-for-release Feature is implemented and available for testing in dev branch. It will be included in the next rele
Milestone
0.5

Comments

@foxcpp
Copy link
Owner

foxcpp commented Sep 24, 2020

Considerations

Search request params should be configurable, as well as initial bind credentials. "DN template" option as on https://wiki.dovecot.org/AuthDatabase/LDAP/AuthBinds may be used to improve performance at the cost of flexibility.

Authentication status cache would be useful to amortize load since this approach requires a new connection each time.

Possible config example

auth.ldap tls://ldap.rocks.example.org:636 {
  # DN lookup params.
  search_base_dn "dc=example,dc=com"
  search_filter "(&(objectClass=posixAccount)(uid={username}))"
  # ... alternatively, DN template.
  dn_template "uid={username},ou=people,o=org"
 
  # Credentials for initial read-only bind.
  bind_username "mailserver"
  bind_password "secret"
}

References
@foxcpp foxcpp added new feature New feature. help wanted We need your help with this one. auth Related to authentication providers labels Sep 24, 2020
@foxcpp foxcpp self-assigned this Jul 14, 2021
@foxcpp foxcpp added this to the 0.5 milestone Jul 14, 2021
@foxcpp foxcpp added ready-for-release Feature is implemented and available for testing in dev branch. It will be included in the next rele and removed help wanted We need your help with this one. labels Jul 14, 2021
@foxcpp foxcpp closed this as completed in e0792c2 Aug 9, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@foxcpp foxcpp

Labels
auth Related to authentication providers new feature New feature. ready-for-release Feature is implemented and available for testing in dev branch. It will be included in the next rele
Projects
None yet
Milestone
0.5
Development

No branches or pull requests
1 participant
@foxcpp