From 42c03f1cedac1411345e1537b759c096b153f94d Mon Sep 17 00:00:00 2001 From: mbettini-ox Date: Thu, 19 Dec 2024 15:29:59 +0000 Subject: [PATCH 1/2] Update dictionary check-spelling run (push) for DOV-7280 Signed-off-by: check-spelling-bot on-behalf-of: @check-spelling --- .github/actions/spelling/expect.txt | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/.github/actions/spelling/expect.txt b/.github/actions/spelling/expect.txt index 2b08491a7..a487423c1 100644 --- a/.github/actions/spelling/expect.txt +++ b/.github/actions/spelling/expect.txt @@ -270,12 +270,10 @@ hdr hendrik hexblob hexlify -hexuc hhmm highestmodseq HIGHESTPVTMODSEQ Hopmann -hostaddr hostdomain hostip howto @@ -532,7 +530,6 @@ NOCHILDREN nodelay nodeps NOINFERIORS -noiv nolock nologin nonindexable @@ -580,8 +577,8 @@ opie opsec optboolean optname -orcpt OR'ing +orcpt ORing OSFILE otherinstance @@ -642,7 +639,6 @@ qmail qmgr QQACg qresync -qwerty rampup randkey randomfail @@ -666,7 +662,6 @@ resolv restorecon resyncing rfcs -RHu Roskakori roundcube roundrobin @@ -731,7 +726,6 @@ socketpath solib solrcloud solrconfig -somedict sourceforge sourceuser sourceware @@ -799,6 +793,7 @@ tempdisabled tempfail tempfailing terabyte +testadmin testdomain testmbox testpass @@ -856,7 +851,6 @@ unsubscribable unsubscriptions uoff Uou -upn uppercased uppercasing upperfirst @@ -913,11 +907,9 @@ wikis winbind wso xapian -XBAR xchange xclient Xes -XFOO xfs xoauth XRCPTFORWARD From 04af3f25c25b43965dc643ddaf6ef209a4795183 Mon Sep 17 00:00:00 2001 From: Marco Bettini Date: Thu, 19 Dec 2024 14:55:39 +0100 Subject: [PATCH 2/2] config: dict.md - Update to config-rewrite --- data/settings.js | 32 ++++++++++++++++++++++------- docs/core/config/dict.md | 44 ++++++++++++++++++++++------------------ 2 files changed, 49 insertions(+), 27 deletions(-) diff --git a/data/settings.js b/data/settings.js index a6c772221..66d68ced0 100644 --- a/data/settings.js +++ b/data/settings.js @@ -4803,7 +4803,7 @@ How long to wait for answer before aborting request.` }, dict_map: { - tags: [ 'dict', 'dict-sql' ], + tags: [ 'dict', 'dict-sql', 'dict-ldap' ], values: setting_types.NAMED_LIST_FILTER, seealso: [ 'dict_map_pattern' ], text: ` @@ -4812,7 +4812,7 @@ Creates a new dict mapping. The filter name refers to the }, dict_map_pattern: { - tags: [ 'dict', 'dict-sql' ], + tags: [ 'dict', 'dict-sql', 'dict-ldap' ], values: setting_types.STRING, text: ` Pattern that is matched to the accessed dict keys. The [[setting,dict_map]] @@ -4845,13 +4845,15 @@ optional if no expiration is used by the code accessing the dict map.` }, dict_map_value: { - tags: [ 'dict', 'dict-sql' ], + tags: [ 'dict', 'dict-sql', 'dict-ldap' ], values: setting_types.NAMED_LIST_FILTER, seealso: [ 'dict_map_value_name' ], text: ` -Creates a new value for the dict map. The filter name refers to the +- sql: Creates a new value for the dict map. The filter name refers to the [[setting,dict_map_value_name]] setting. Dict supports reading/writing multiple -values for the same key.` +values for the same key. + +- ldap: Value to be returned from an ldap search, as a [[link,settings_variables,variable-expression]]` }, dict_map_field: { @@ -10970,7 +10972,7 @@ SASL realm to use.` }, ldap_base: { - tags: [ 'auth-ldap' ], + tags: [ 'auth-ldap', 'dict-ldap' ], values: setting_types.STRING, text: ` LDAP base. @@ -11010,8 +11012,24 @@ You may need to recompile OpenLDAP with debugging enabled to get enough output.` Specify dereference which is set as an LDAP option.` }, + dict_map_ldap_filter: { + tags: [ 'dict-ldap' ], + values: setting_types.STRING, + text: ` +The ldap filter to use to find the ldap entry. + +This setting is required for ldap [[setting,dict_map]]` + }, + + ldap_max_idle_time: { + tags: [ 'dict-ldap' ], + values: setting_types.TIME, + text: ` +Disconnect from LDAP server after connection has been idle for this many seconds.` + }, + ldap_scope: { - tags: [ 'auth-ldap' ], + tags: [ 'auth-ldap', 'dict-ldap' ], default: 'subtree', values: setting_types.ENUM, values_enum: [ 'base', 'onelevel', 'subtree' ], diff --git a/docs/core/config/dict.md b/docs/core/config/dict.md index 4d5739c30..22c118401 100644 --- a/docs/core/config/dict.md +++ b/docs/core/config/dict.md @@ -81,8 +81,22 @@ See [[link,auth_ldap]]. ::: code-group ```[dovecot.conf] -dict_legacy { - somedict = ldap:/path/to/dovecot-ldap-dict.conf.ext +dict_server { + dict ldap { + driver = ldap + ldap_uris = ldap://{{LDAPHOST}} + ldap_auth_dn = uid=testadmin,cn=users,dc=dovecot,dc=net + ldap_auth_dn_password = testadmin + ldap_timeout_secs = 5 + ldap_base = dc=dovecot,dc=net + ldap_starttls = no + ssl_client_require_valid_cert = no + + dict_map priv/test/home { + ldap_filter = (&(homeDirectory=*)(uid=%{user})) + value = %{ldap:homeDirectory} + } + } } ``` ::: @@ -95,30 +109,20 @@ dict_legacy { #### Examples To map a key to a search: - ``` -map { - pattern = priv/test/mail - filter = (mail=*) # the () is required - base_dn = ou=container,dc=domain - username_attribute = uid # default is cn - value_attribute = mail +dict_map priv/test/mail { + ldap_filter = (&(uid=%{user})(mail=*)) + ldap_base = ou=container,dc=domain + value = %{ldap:mail} } ``` To do a more complex search: - ``` -map { - pattern = priv/test/mail/$location - filter = (&(mail=*)(location=%{location}) # the () is required - base_dn = ou=container,dc=domain - username_attribute = uid # default is cn - value_attribute = mail - - fields { - location=$location - } +dict_map priv/test/mail/$location { + ldap_filter = (&(uid=%{user})(mail=*)(uid=%{pattern:location})) + ldap_base = ou=container,dc=domain + value = %{ldap:mail} } ```