General discussion on installation and configuration of SOGo

Text archives Help

Re: [SOGo] Constraints based on group membership

Chronological Thread 
  • From: James Andrewartha < >
  • To:
  • Subject: Re: [SOGo] Constraints based on group membership
  • Date: Mon, 09 Aug 2010 16:32:32 +0800
  • Organization: Data Analysis Australia

On 6/08/2010 9:42 PM, Daniel Berteaud wrote:
> Hi.
> We're using SOGo on our server for a few users (less than 10 "beta
> testers" for now but we plan to deploy it on bigger installations soon).
> We use OpenLDAP as authentication backend, and I'd like to restrict the
> access to SOGo based on group membership. The problem is that I use
> inetOrgPerson objectClass for users and posixGroup for groups, so,
> there's no group membership informations in user's object, only in
> groups (memberUid). So AFAIK, there's no way to restrict access with a
> simple LDAP filter (ModulesConstraints or filter).
> Anyone in the same situation ? I'd really apreciate if someone has a
> solution.

I'm in a similar position, except I wanted to not list certain users in the
address book. I just moved the SOGo users into a new ou=calstaff located
inside ou=People, and told SOGo to use ou=calstaff,ou=People as the search
base. By relying on the DIT structure it is a gross hack, but it works.
Other LDAP things still work fine because they default to search scope=sub.

James Andrewartha | Sysadmin
97 Broadway, Nedlands, Western Australia, 6009
PO Box 3258, Broadway Nedlands, WA, 6009
T: +61 8 9386 3304 | F: +61 8 9386 3202 | I:

Archive powered by MHonArc 2.6.16.

Top of page