1. Janos SUTO Avatar Janos SUTO
  2. Piler
  3. piler
  4. Issues

Openldap not selectable Ldap server types

Issue #233 resolved
Darryl Sutherland created an issue

I'm looking into mailpiler as a replacement solution to MailArchiva as a multi tenanted archive server. Critical to this is being able to configure multiple authentication backends to service logins for client domains.

I see you have Zimbra, AD, Lotus and iredmail which is great. but why is there no option for OpenLdap? Alternatively, in the SaaS configuration, is it not preferable to read the search filter from the piler sql db than from config? That way, we could at least override Zimbra's search filter with a custom search filter where we are pointing to a generic OpenLdap auth server.

Regards

Comments (7)

  1. Janos SUTO repo owner

    Well, I tried to cover the mostly used cases. The reason for the absence of openldap is that nobody has asked for it so far :-)

    Can you show me an example of this custom search filter? And do you really have search filter1 for client1, filter2 for client2? I mean it seems to be possible to have a single filter for a single piler installation. However if you need more, then we can find a way. Anyway I'm curious to see a few examples.

    Btw. what type of mail servers do you have with openldap?

  2. Darryl Sutherland reporter

    Thanks for your quick reply! We are a Zimbra reseller and on occasion we have had need to point to an external Openldap server for authentication so that clients can use their own authentication sources. However, we are not archiving just our Zimbra platform, there are cases where we have clients who use OpenLdap authentication for their own open source email platforms. Because openldap schemas can change from one organisation to another, it is for these edge cases that we need the ability to define and lookup custom filters.

  3. Janos SUTO repo owner

    Thanks for the explanation. So to sum it up you want to override the following variables (besides base_dn, helper_dn and password):

    $config['LDAP_MAIL_ATTR']
$config['LDAP_ACCOUNT_OBJECTCLASS']
$config['LDAP_DISTRIBUTIONLIST_OBJECTCLASS']
$config['LDAP_DISTRIBUTIONLIST_ATTR']

    Is that correct?

  4. Darryl Sutherland reporter

    That's correct. Maybe provide ldap ui options to add overrides, otherwise leave blank to use piler's default settings? Call this option "Generic" and I would suggest it should allow users to adapt it to most ldap implementations out there, not just OpenLdap, Zimbra, AD, etc.

  6. Janos SUTO repo owner

    Just committed to the master branch. Make sure to check util/db-upgrade-0.1.24-0.1.25.sql as it contains some schema modifications required by this feature.

    So please try it, and let me know if it works.

  7. Darryl Sutherland reporter

    Wow, Janos! Thanks for the super fast response! I'll give it a try and get back to you on that. I see, you only patched the db and no ui changes. Does Piler automatically check the db first for configuration variables?

  8. Log in to comment
Assignee
Type
proposal
Priority
minor
Status
resolved
Votes
0
Watchers
2
Jira: the preferred issue tracker for Bitbucket. Join the team!