General discussion on installation and configuration of SOGo

Text archives Help


Re: [SOGo] Multi-domain LDAP authentication. Problem


Chronological Thread 
  • From:
  • To:
  • Subject: Re: [SOGo] Multi-domain LDAP authentication. Problem
  • Date: Tue, 31 Jul 2012 20:50:38 +1000
  • Importance: Normal

> Hi Petr,
>
> Depending on your LDAP backend, you can use LDAP ACLs, a single actual
> domain config block, and use BindAsCurrentUser to isolate users to what
> they can see in LDAP only (usually their own domain).
>
> The option was implemented for exactly that scenario :)
> However - I have no idea how it interacts with the Openchange parts. If
> you're not using that or feel like beta testing them with this option
> (as a SOGo2 user you're already beta testing anyway), no problem :)
>

Ok, ive set it up using BindAsCurrentUser and it's working fine.

If anyone's doing the same here is the LDAP ACL:

access to dn.base="ou=emails,dc=webgate,dc=net,dc=au"
by * read

access to dn.regex="^uid=[^,]+@([^,]+),ou=emails,dc=webgate,dc=net,dc=au$"
by dn.regex="^uid=[^,]+@$1,ou=emails,dc=webgate,dc=net,dc=au$" read
by * break

Adjust to your needs as you wish.

Im going to tackle openchange stuff another day and report back.

Thanks!
Petr





Archive powered by MHonArc 2.6.18.

Top of page