Skip to content

lib-ldap documentation changes #1099

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
sirainen merged 2 commits into from
Dec 20, 2024
Merged

lib-ldap documentation changes #1099

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
42c03f1
Update dictionary
mbettini-ox Dec 19, 2024
04af3f2
config: dict.md - Update to config-rewrite
mbettini-ox Dec 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 2 additions & 10 deletions .github/actions/spelling/expect.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -270,12 +270,10 @@ hdr
hendrik
hexblob
hexlify
hexuc
hhmm
highestmodseq
HIGHESTPVTMODSEQ
Hopmann
hostaddr
hostdomain
hostip
howto
Expand Down Expand Up @@ -532,7 +530,6 @@ NOCHILDREN
nodelay
nodeps
NOINFERIORS
noiv
nolock
nologin
nonindexable
Expand Down Expand Up @@ -580,8 +577,8 @@ opie
opsec
optboolean
optname
orcpt
OR'ing
orcpt
ORing
OSFILE
otherinstance
Expand Down Expand Up @@ -642,7 +639,6 @@ qmail
qmgr
QQACg
qresync
qwerty
rampup
randkey
randomfail
Expand All @@ -666,7 +662,6 @@ resolv
restorecon
resyncing
rfcs
RHu
Roskakori
roundcube
roundrobin
Expand Down Expand Up @@ -731,7 +726,6 @@ socketpath
solib
solrcloud
solrconfig
somedict
sourceforge
sourceuser
sourceware
Expand Down Expand Up @@ -799,6 +793,7 @@ tempdisabled
tempfail
tempfailing
terabyte
testadmin
testdomain
testmbox
testpass
Expand Down Expand Up @@ -856,7 +851,6 @@ unsubscribable
unsubscriptions
uoff
Uou
upn
uppercased
uppercasing
upperfirst
Expand Down Expand Up @@ -913,11 +907,9 @@ wikis
winbind
wso
xapian
XBAR
xchange
xclient
Xes
XFOO
xfs
xoauth
XRCPTFORWARD
Expand Down
32 changes: 25 additions & 7 deletions data/settings.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4803,7 +4803,7 @@ How long to wait for answer before aborting request.`
},

dict_map: {
tags: [ 'dict', 'dict-sql' ],
tags: [ 'dict', 'dict-sql', 'dict-ldap' ],
values: setting_types.NAMED_LIST_FILTER,
seealso: [ 'dict_map_pattern' ],
text: `
Expand All @@ -4812,7 +4812,7 @@ Creates a new dict mapping. The filter name refers to the
},

dict_map_pattern: {
tags: [ 'dict', 'dict-sql' ],
tags: [ 'dict', 'dict-sql', 'dict-ldap' ],
values: setting_types.STRING,
text: `
Pattern that is matched to the accessed dict keys. The [[setting,dict_map]]
Expand Down Expand Up @@ -4845,13 +4845,15 @@ optional if no expiration is used by the code accessing the dict map.`
},

dict_map_value: {
tags: [ 'dict', 'dict-sql' ],
tags: [ 'dict', 'dict-sql', 'dict-ldap' ],
values: setting_types.NAMED_LIST_FILTER,
seealso: [ 'dict_map_value_name' ],
text: `
Creates a new value for the dict map. The filter name refers to the
- sql: Creates a new value for the dict map. The filter name refers to the
[[setting,dict_map_value_name]] setting. Dict supports reading/writing multiple
values for the same key.`
values for the same key.

- ldap: Value to be returned from an ldap search, as a [[link,settings_variables,variable-expression]]`
},

dict_map_field: {
Expand Down Expand Up @@ -10970,7 +10972,7 @@ SASL realm to use.`
},

ldap_base: {
tags: [ 'auth-ldap' ],
tags: [ 'auth-ldap', 'dict-ldap' ],
values: setting_types.STRING,
text: `
LDAP base.
Expand Down Expand Up @@ -11010,8 +11012,24 @@ You may need to recompile OpenLDAP with debugging enabled to get enough output.`
Specify dereference which is set as an LDAP option.`
},

dict_map_ldap_filter: {
tags: [ 'dict-ldap' ],
values: setting_types.STRING,
text: `
The ldap filter to use to find the ldap entry.

This setting is required for ldap [[setting,dict_map]]`
},

ldap_max_idle_time: {
tags: [ 'dict-ldap' ],
values: setting_types.TIME,
text: `
Disconnect from LDAP server after connection has been idle for this many seconds.`
},

ldap_scope: {
tags: [ 'auth-ldap' ],
tags: [ 'auth-ldap', 'dict-ldap' ],
default: 'subtree',
values: setting_types.ENUM,
values_enum: [ 'base', 'onelevel', 'subtree' ],
Expand Down
44 changes: 24 additions & 20 deletions docs/core/config/dict.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,8 +81,22 @@ See [[link,auth_ldap]].

::: code-group
```[dovecot.conf]
dict_legacy {
somedict = ldap:/path/to/dovecot-ldap-dict.conf.ext
dict_server {
dict ldap {
driver = ldap
ldap_uris = ldap://{{LDAPHOST}}
ldap_auth_dn = uid=testadmin,cn=users,dc=dovecot,dc=net
ldap_auth_dn_password = testadmin
ldap_timeout_secs = 5
ldap_base = dc=dovecot,dc=net
ldap_starttls = no
ssl_client_require_valid_cert = no

dict_map priv/test/home {
ldap_filter = (&(homeDirectory=*)(uid=%{user}))
value = %{ldap:homeDirectory}
}
}
}
```
:::
Expand All @@ -95,30 +109,20 @@ dict_legacy {
#### Examples

To map a key to a search:

```
map {
pattern = priv/test/mail
filter = (mail=*) # the () is required
base_dn = ou=container,dc=domain
username_attribute = uid # default is cn
value_attribute = mail
dict_map priv/test/mail {
ldap_filter = (&(uid=%{user})(mail=*))
ldap_base = ou=container,dc=domain
value = %{ldap:mail}
}
```

To do a more complex search:

```
map {
pattern = priv/test/mail/$location
filter = (&(mail=*)(location=%{location}) # the () is required
base_dn = ou=container,dc=domain
username_attribute = uid # default is cn
value_attribute = mail

fields {
location=$location
}
dict_map priv/test/mail/$location {
ldap_filter = (&(uid=%{user})(mail=*)(uid=%{pattern:location}))
ldap_base = ou=container,dc=domain
value = %{ldap:mail}
}
```

Expand Down
Loading