Julien Vehent julien@linuxwall.info writes:
Hello list,
I am trying to authenticate my mail users against my ldap directory (slapd 2.4.17, debian squeeze). I have setup proxy authorization for user postfix as follow:
in slapd.conf
# SASL proxy authorization rewrite rule authz-regexp "^uid=([^,]+).*,cn=[^,]*,cn=auth$" "ldap:///dc=linuxwall,dc=info??sub?(uid=$1)"
This regexp requires a uid attribute type.
authz-policy to
ldif of user postfix
dn: cn=Postfix Administrator,ou=infrastructure,dc=linuxwall,dc=info authzto: ldap:///dc=linuxwall,dc=info??sub?(objectClass=inetOrgPerson) cn: Postfix Administrator [...]
unless you cut it, cn=Postfix Administrator has no uid attribute type,
This *should* have nothing to do, since binding as the Postfix administrator succeeds, according to the logging he produced. What's failing is the subsequent proxyauthz'ing (presumably as a user, but the original posting did not produce enough info).
p.