Enable LDAP

templates/dovecot-ldap.conf.ext.j2

@@ -0,0 +1,49 @@
+{% if dovecot.ldap.enable %}
+## Debug everything
+# debug_level = -1
+
+uris = {{ dovecot.ldap.uris }}
+
+# Use TLS to connect to the LDAP server.
+# Set to no because we use LDAPS and dovecot tells you this is not possible together
+tls = no
+
+dn = {{ dovecot.ldap.bind_dn }}
+dnpass = {{ dovecot.ldap.bind_pw }}
+
+# TLS options, currently supported only with OpenLDAP:
+tls_ca_cert_file = {{ dovecot.ldap.tls.ca }}
+#tls_ca_cert_dir =
+#tls_cipher_suite =
+
+# TLS cert/key. This must be set only if LDAP server requires a client certificate.
+# If you set it in other cases, the LDAP connection will fail.
+# tls_cert_file =
+# tls_key_file =
+
+# Valid values: never, hard, demand, allow, try
+tls_require_cert = hard
+
+auth_bind = yes
+ldap_version = 3
+base = {{ dovecot.ldap.base }}
+deref = never
+scope = subtree
+
+user_attrs = \
+{% for attr in dovecot.ldap.user_attrs %}
+={{ attr.attr }}={{ attr.value }}{% if not loop.last %}, \
+{% endif %}
+{% endfor %}
+
+user_filter = {{ dovecot.ldap.filter }}
+pass_filter = {{ dovecot.ldap.filter }}
+
+default_pass_scheme = {{ dovecot.ldap.default_pass_scheme }}
+
+# iterate_attrs = mail=user # Wird vor allem von "doveadm" benötigt, um Benutzer zu finden
+# iterate_filter = (objectClass=person)
+{% else %}
+# LDAP is not configured for this instance.
+{% endif %}
+