mirrors/lldap
1
0
Fork 0
mirror of https://github.com/lldap/lldap.git synced 2024-11-25 09:06:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added maddy example config

Browse source 
Updated README.md for Maddy

i
This commit is contained in:
elmodor 2024-01-18 19:09:21 +01:00 committed by nitnelave
parent bd0a58b476
commit 1f2f034a48
2 changed files with 84 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
README.md
View file

@ -374,6 +374,7 @@ folder for help with:
- [Kasm](example_configs/kasm.md)
- [KeyCloak](example_configs/keycloak.md)
- [LibreNMS](example_configs/librenms.md)
- [Maddy](example_configs/maddy.md)
- [Mastodon](example_configs/mastodon.env.example)
- [Matrix](example_configs/matrix_synapse.yml)
- [Mealie](example_configs/mealie.md)

83
example_configs/maddy.md Normal file
View file

@ -0,0 +1,83 @@
# Configuration for Maddy Mail Server
Documentation for maddy LDAP can be found [here](https://maddy.email/reference/auth/ldap/).
Maddy will automatically create an imap-acct if a new user connects via LDAP.
Replace `dc=example,dc=com` with your LLDAP configured domain.
## Simple Setup
Depending on the mail client(s) the simple setup can work for you. However, if this does not work for you, follow the instructions in the `Advanced Setup` section.
### DN Template
You only have to specify the dn template:
```
dn_template "cn={username},ou=people,dc=example,dc=com"
```
### Config Example with Docker
Example maddy configuration with LLDAP running in docker.
You can replace `local_authdb` with another name if you want to use multiple auth backends.
If you only want to use one storage backend make sure to disable `auth.pass_table local_authdb` in your config if it is still active.
```
auth.ldap local_authdb {
urls ldap://lldap:3890
dn_template "cn={username},ou=people,dc=example,dc=com"
starttls off
debug off
connect_timeout 1m
}
```
## Advanced Setup
If the simple setup does not work for you, you can use a proper lookup.
### Bind Credentials
If you have a service account in LLDAP with restricted rights (e.g. `lldap_strict_readonly`), replace `admin` with your LLDAP service account.
Replace `admin_password` with the password of either the admin or service account.
```
bind plain "cn=admin,ou=people,dc=example,dc=com" "admin_password"
```
If you do not want to use plain auth check the [maddy LDAP page](https://maddy.email/reference/auth/ldap/) for other options.
### Base DN
```
base_dn "dc=example,dc=com"
```
### Filter
Depending on the mail client, maddy receives and sends either the username or the full E-Mail address as username (even if the username is not an E-Mail).
For the username use:
```
filter "(&(objectClass=person)(uid={username}))"
```
For mapping the username (as E-Mail):
```
filter "(&(objectClass=person)(mail={username}))"
```
For allowing both, username and username as E-Mail use:
```
filter "(&(|(uid={username})(mail={username}))(objectClass=person))"
```
### Config Example with Docker
Example maddy configuration with LLDAP running in docker.
You can replace `local_authdb` with another name if you want to use multiple auth backends.
If you only want to use one storage backend make sure to disable `auth.pass_table local_authdb` in your config if it is still active.
```
auth.ldap local_authdb {
urls ldap://lldap:3890
bind plain "cn=admin,ou=people,dc=example,dc=com" "admin_password"
base_dn "dc=example,dc=com"
filter "(&(|(uid={username})(mail={username}))(objectClass=person))"
starttls off
debug off
connect_timeout 1m
}
```