>> Michael Ströder<michael(a)stroeder.com> schrieb am
13.04.2015 um 22:27 in
Ulrich Windl wrote:
>>>> Michael Ströder<michael(a)stroeder.com> schrieb am 10.04.2015 um
> Nachricht <552836EC.3020402(a)stroeder.com>:
>> Poul Etto wrote:
>>> Thank you for answers...
>>> Michael: We didn't know about it... We need such a structure as each of
>>> employees has an account but does not always have access to all our
>>> services (and there really are many), so we prefered spliting everything
>>> different OUs.
>> You should use group entries for authorization. I'm also using
>> which automatically adds back link attribute 'memberOf' to group member
>> entries. This gives you best flexibility with most LDAP enabled
> So if you use that approach, can you enable specific groups for saslauthd
> application (configuration file)? That sounds interesting, but I don't know
> to do it.
I don't understand your question. What does "enable [..] for saslauthd"
I mean: You create a file like /etc/sasl2/smtpd.conf that contains:
# cat smtpd.conf
mech_list: plain login
If saslauthd is configured to use PAM (-a pam), all users that the PAM module
finds are valid users for smptd. My question was whether (and how) one can
restrict the possible users from the saslauthd configuration file (like