Topic: Dovecot LDAP multiple queries
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.7.4 OPENLDAP edition.
- Deployed with iRedMail Easy or the downloadable installer: downloadable installer
- Linux/BSD distribution name and version: Debian 12 (bookworm)
- Store mail accounts in which backend: LDAP
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro: No
====
Hello. I'm looking for clarification regarding multiple LDAP queries \ sub-queries in Dovecot user DB (version 2.3).
The doc says there is such a thing, but the rest is unclear (doc.dovecot.org/2.3/configuration_manual/authentication/ldap_userdb/#authentication-ldap-userdb)
I would like to use user's primary group name in home path when setting it in user_attrs.
Here is my current dovecot-ldap.conf:
iterate_attrs = userPrincipalName=user
iterate_filter = (&(userPrincipalName=*)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
user_filter = (&(userPrincipalName=%u)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
pass_filter = (&(userPrincipalName=%u)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
pass_attrs = userPassword=password
default_pass_scheme = CRYPT
user_attrs = \
# mail=master_user,mail=user, \
=home=/var/vmail/vmail1/%{if;%{ldap:department};~;(^$)|[^a-zA-Z0-9\_-];%{user};%L{ldap:department}}, \ #Check if department field is set and not containing unsafe characters
=mail=maildir:~/Maildir:INDEXPVT=~/Index/%{user},
I'm currently using user's department field, but I would really like to use name of user's primary group.
The problem is that a user has only primaryGroupID. Is it possible to use multiple queries or a sub-query to retrieve user's primaryGroupID and then retrieve the name of the group with this ID?
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.