login to imapd with local username is killing me

[Gunnar Wrobel]

Zitat von Gavin McCullagh <gavin.mccullagh at gcd.ie>:

> Hi,
>
> On Sun, 01 Aug 2010, Gavin McCullagh wrote:
>
>> having finally migrated to our new kolab setup and had to change everyone's
>> username from <username> to <username>@<domain>, I'm not getting lots of
>> confused users who are not following instructions and persisting with the
>> old <username>.
>>
>> They _should_ be unable to login.  Instead, they login, see no email and
>> presume we've lost all of their email in the transition.  This is described
>> in issue2869:
>> 	https://issues.kolab.org/issue2869
>>
>> Can anyone think of a workaround to block people from logging in with the
>> local username?  This is really causing us a lot of problems.
>
> Okay, I've found what appears to be a reasonable workaround.  I've modified
> /kolab/etc/kolab/templates/saslauthd.conf.template, as follows:
>
>   # Avoid the "Domain/Realm not available" error message
>   # ldap_default_realm: @@@postfix-mydomain@@@
>   ldap_default_realm: xxx.ie
>
> so that the ldap_default_realm is not set to any of our domains.  The
> result of this seems to be what I want, people must use the full username
> including domain _or_ they get a failed login.
>
> Is there something that I'm missing here?  Will this have some nasty side
> effect that I don't yet see?

Hm, this should also have an effect on the postfix login. It might  
have implications for other subsystems. But I can only judge this  
after a detailed analysis. We should continue the discussion in the  
issue. I pinged Thomas there.

Cheers,

Gunnar

>
> Would this suggest a solution to issue2869?
>
> Gavin
>
>
> _______________________________________________
> Kolab-users mailing list
> Kolab-users at kolab.org
> https://kolab.org/mailman/listinfo/kolab-users
>



----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.