1

Topic: just authentication at external ldap

i understand what iredmail have a got  own ldap schema, and i want to keep using it, but i have an external ldap and i want to validate  iredmail passwords in this external ldap.

i see in /etc/dovecot/dovecot.conf this section:

auth default {
    mechanisms = plain login
    user = vmail
    passdb ldap {
        args = /etc/dovecot/dovecot-ldap.conf
    }

i just must create a new file with my external ldap configuration and edit this section with te new path to my file?

My external ldap is a openldap server.

it is not comfortable having two ldap, but I intend to keep accounts synchronized with a script, the script in tools create_mail_user_OpenLDAP.sh can greatly help to create them, so that when creating a new account on my external ldap add this automatically iredmail ldap do not know if this is efficient, but I think it is a bad idea, if someone suggests a better way to welcome it.

Any suggestions will be appreciated, thanks.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: just authentication at external ldap

How about store mail accounts on your existing OpenLDAP server?

What you need to do on EXISTING OpenLDAP server:

- Add iredmail ldap scheme file.
- Add Amavisd ldap scheme file.
- [OPTIONAL] Create a new root dn to store mail accounts.

On iRedMail server:

- Update config files which need to connect LDAP server. New ldap server address, base dn, bind dn, bind password.

3

Re: just authentication at external ldap

Actually I do that, I made the settings are of course doing some ldap filter cheating, because of my ldap uid uid=user  instead the %u leaving it to the dovecot in the format user@domain.com.

The idea is to keep the same password for all user that are already created

I do tests in the coming days regardless of the schemes  ireadmin to test ldap, I'll keep this thread alive as well