From 6a466427b630fc885871f4618852b0def6690dac Mon Sep 17 00:00:00 2001
From: rinkp <rink@pietershgv.nl>
Date: Sun, 20 Dec 2020 11:26:57 +0100
Subject: [PATCH] userPrincipalName should be mail attribute

Our userprincipalnames do not match with mail attribute. TODO: Fix auth with other applications
---
 syncer.py                          | 6 ++++--
 templates/dovecot/ldap/passdb.conf | 1 +
 templates/sogo/plist_ldap          | 4 ++--
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/syncer.py b/syncer.py
index a1fd1e7..a87d75c 100644
--- a/syncer.py
+++ b/syncer.py
@@ -40,10 +40,10 @@ def sync():
 
     ldap_results = ldap_connector.search_s(config['LDAP_BASE_DN'], ldap.SCOPE_SUBTREE, 
                 config['LDAP_FILTER'], 
-                ['userPrincipalName', 'cn', 'userAccountControl'])
+                ['mail', 'cn', 'userAccountControl'])
 
     ldap_results = map(lambda x: (
-        x[1]['userPrincipalName'][0].decode(),
+        x[1]['mail'][0].decode(),
         x[1]['cn'][0].decode(),
         False if int(x[1]['userAccountControl'][0].decode()) & 0b10 else True), ldap_results)
 
@@ -123,6 +123,7 @@ def apply_config(config_file, config_data):
 def read_config():
     required_config_keys = [
         'LDAP-MAILCOW_LDAP_URI', 
+        'LDAP-MAILCOW_LDAP_DOMAIN', 
         'LDAP-MAILCOW_LDAP_BASE_DN',
         'LDAP-MAILCOW_LDAP_BIND_DN', 
         'LDAP-MAILCOW_LDAP_BIND_DN_PASSWORD',
@@ -156,6 +157,7 @@ def read_dovecot_passdb_conf_template():
 
     return data.substitute(
         ldap_uri=config['LDAP_URI'], 
+        ldap_domain=config['LDAP_DOMAIN'], 
         ldap_base_dn=config['LDAP_BASE_DN']
         )
 
diff --git a/templates/dovecot/ldap/passdb.conf b/templates/dovecot/ldap/passdb.conf
index 48739b2..90e595c 100644
--- a/templates/dovecot/ldap/passdb.conf
+++ b/templates/dovecot/ldap/passdb.conf
@@ -3,3 +3,4 @@ ldap_version = 3
 base = $ldap_base_dn
 auth_bind = yes
 auth_bind_userdn = %u
+auth_default_realm = $ldap_domain
\ No newline at end of file
diff --git a/templates/sogo/plist_ldap b/templates/sogo/plist_ldap
index cf39ee5..d9f3a46 100644
--- a/templates/sogo/plist_ldap
+++ b/templates/sogo/plist_ldap
@@ -10,7 +10,7 @@
     <key>IDFieldName</key>
     <string>cn</string>
     <key>UIDFieldName</key>
-    <string>userPrincipalName</string>
+    <string>mail</string>
 
     <key>baseDN</key>
     <string>$ldap_base_dn</string>
@@ -21,7 +21,7 @@
     <string>$ldap_bind_dn_password</string>
     <key>bindFields</key>
     <array>
-        <string>userPrincipalName</string>
+        <string>mail</string>
     </array>
 
     <key>bindAsCurrentUser</key>