aither/simple-nixos-mailserver
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

dovecot: reintroduce LDAP bind auth for passdb

Browse Source 
LDAP bind auth used to be enabled by default (and not configurable)
before the dovecot 2.4 migration.

I changed the default option value to match the old Dovecot 2.3
behavior.

The use of authentication bind is required for LDAP servers that simply
do not have such LDAP attribute like Kanidm, or in cases where the
password scheme used is not supported by Dovecot.
This commit is contained in:
emilylange
2026-05-24 01:41:13 +02:00
parent 57bfae2d7e
commit eea473ea12
3 changed files with 58 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
mail-server/dovecot.nix
+2 -1
View File
@@ -437,8 +437,9 @@ in
"passdb ldap" = {
driver = "ldap";
filter = cfg.ldap.dovecot.passFilter;
bind = cfg.ldap.attributes.password == null;
fields = {
password = "%{ldap:${cfg.ldap.attributes.password}}";
password = mkIf (cfg.ldap.attributes.password != null) "%{ldap:${cfg.ldap.attributes.password}}";
};
ldap_connection_group = "ldap-passdb-conn";
};