50 lines
1.3 KiB
Django/Jinja
50 lines
1.3 KiB
Django/Jinja
{% if dovecot.ldap.enable %}
|
|
## Debug everything
|
|
# debug_level = -1
|
|
|
|
uris = {{ dovecot.ldap.uris }}
|
|
|
|
# Use TLS to connect to the LDAP server.
|
|
# Set to no because we use LDAPS and dovecot tells you this is not possible together
|
|
tls = no
|
|
|
|
dn = {{ dovecot.ldap.bind_dn }}
|
|
dnpass = {{ dovecot.ldap.bind_pw }}
|
|
|
|
# TLS options, currently supported only with OpenLDAP:
|
|
tls_ca_cert_file = {{ dovecot.ldap.tls.ca }}
|
|
#tls_ca_cert_dir =
|
|
#tls_cipher_suite =
|
|
|
|
# TLS cert/key. This must be set only if LDAP server requires a client certificate.
|
|
# If you set it in other cases, the LDAP connection will fail.
|
|
# tls_cert_file =
|
|
# tls_key_file =
|
|
|
|
# Valid values: never, hard, demand, allow, try
|
|
tls_require_cert = hard
|
|
|
|
auth_bind = yes
|
|
auth_bind_userdn = uid=%n,{{ dovecot.ldap.base }}
|
|
|
|
ldap_version = 3
|
|
base = {{ dovecot.ldap.base }}
|
|
deref = never
|
|
scope = subtree
|
|
|
|
user_attrs = \
|
|
{% for attr in dovecot.ldap.user_attrs %}
|
|
={{ attr.attr }}={{ attr.value }}{% if not loop.last %}, \
|
|
{% endif %}
|
|
{% endfor %}
|
|
|
|
user_filter = {{ dovecot.ldap.filter }}
|
|
|
|
default_pass_scheme = {{ dovecot.ldap.default_pass_scheme }}
|
|
|
|
# iterate_attrs = mail=user # Wird vor allem von "doveadm" benötigt, um Benutzer zu finden
|
|
# iterate_filter = (objectClass=person)
|
|
{% else %}
|
|
# LDAP is not configured for this instance.
|
|
{% endif %}
|
|
|