login to imapd with local username is killing me
Gavin McCullagh
gavin.mccullagh at gcd.ie
Sun Aug 1 12:35:51 CEST 2010
Hi,
On Sun, 01 Aug 2010, Gavin McCullagh wrote:
> having finally migrated to our new kolab setup and had to change everyone's
> username from <username> to <username>@<domain>, I'm not getting lots of
> confused users who are not following instructions and persisting with the
> old <username>.
>
> They _should_ be unable to login. Instead, they login, see no email and
> presume we've lost all of their email in the transition. This is described
> in issue2869:
> https://issues.kolab.org/issue2869
>
> Can anyone think of a workaround to block people from logging in with the
> local username? This is really causing us a lot of problems.
Okay, I've found what appears to be a reasonable workaround. I've modified
/kolab/etc/kolab/templates/saslauthd.conf.template, as follows:
# Avoid the "Domain/Realm not available" error message
# ldap_default_realm: @@@postfix-mydomain@@@
ldap_default_realm: xxx.ie
so that the ldap_default_realm is not set to any of our domains. The
result of this seems to be what I want, people must use the full username
including domain _or_ they get a failed login.
Is there something that I'm missing here? Will this have some nasty side
effect that I don't yet see?
Would this suggest a solution to issue2869?
Gavin
More information about the users
mailing list