Hi to all admins,
I am an administrator from germany. Sorry for my not so perfect English
I have a problem regarding dovecot & postfix.
I am using dovecot for MS Active Directory NTLM authenticiation with postfix on port 25 and 587, which works very well. Users are able to authenticate and send emails:
I used this recipe to configure postfix,dovecot and samba & kerberos client: http://www.tummy.com/software/vpostmaster/recipes/dovecotsasl.html
My problem is: I have to limit authenticated users to a specified AD group, let's say group "mail".
for example:
[email protected] uses NTLM authentication succesfull ,is member of AD group "mail" and therefore is allowed to send mails.
[email protected] uses NTLM authentication as well, but is NOT member of "mail" - this should lead to an "access denied" by dovecot / postfix.
How can I combine those 2 rules without touching the AD ?
Checking AD membership of a user can be solved by using an LDAP query like (memberOf=cn=mail) or by a script, which writes a db file for using in dovecot / postfix. The problem is to combine those query in dovecot / postfix with a succesful NTLM authentication.
If you need any further information like code snipets etc. please let me know.
thanks in advance for answers.
I am an administrator from germany. Sorry for my not so perfect English
I have a problem regarding dovecot & postfix.
I am using dovecot for MS Active Directory NTLM authenticiation with postfix on port 25 and 587, which works very well. Users are able to authenticate and send emails:
Code:
Oct 14 12:14:49 postfix-test2 dovecot: auth(default): new auth connection: pid=28786
Oct 14 12:14:49 postfix-test2 dovecot: auth(default): client in: AUTH 1 NTLM service=smtp nologin lip=1.2.3.4 rip=1.2.3.4 resp=<hidden>
Oct 14 12:14:49 postfix-test2 dovecot: auth(default): client out: CONT 1 zAHQAMgAuAHMAbQBhAHMAbwAuAGQAYgAuAGQAZQAAAAAA
Oct 14 12:14:49 postfix-test2 dovecot: auth(default): client in: CONT<hidden>
Oct 14 12:14:49 postfix-test2 dovecot: auth(default): client out: OK 1 user=testuserI used this recipe to configure postfix,dovecot and samba & kerberos client: http://www.tummy.com/software/vpostmaster/recipes/dovecotsasl.html
My problem is: I have to limit authenticated users to a specified AD group, let's say group "mail".
for example:
[email protected] uses NTLM authentication succesfull ,is member of AD group "mail" and therefore is allowed to send mails.
[email protected] uses NTLM authentication as well, but is NOT member of "mail" - this should lead to an "access denied" by dovecot / postfix.
How can I combine those 2 rules without touching the AD ?
Checking AD membership of a user can be solved by using an LDAP query like (memberOf=cn=mail) or by a script, which writes a db file for using in dovecot / postfix. The problem is to combine those query in dovecot / postfix with a succesful NTLM authentication.
If you need any further information like code snipets etc. please let me know.
thanks in advance for answers.