From dda9d5529f7a359d5ad1e8727894bc15a8cc31aa Mon Sep 17 00:00:00 2001
From: Bereich Administration Rechentechnik <admin@stura.htw-dresden.de>
Date: Fri, 14 Feb 2025 16:56:28 +0100
Subject: [PATCH] fix ldap options for authentik looking up correct cn

---
 configuration.nix | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/configuration.nix b/configuration.nix
index fba0123..cc60c5c 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -74,12 +74,17 @@
     ldap = {
       enable = true;
       bind = {
-        dn = "cn=dovecot,ou=users,dc=auth,dc=htw,dc=stura-dresden,dc=de";
+        dn = "cn=ldapservice,ou=users,dc=auth,dc=htw,dc=stura-dresden,dc=de";
         passwordFile = "/var/lib/dovecot_ldap_passwd";
       };
-      dovecot = { };
+      dovecot = {
+      	userFilter = "(&(objectClass=posixAccount)(cn=%u))";
+      	passFilter = "(&(objectClass=posixAccount)(cn=%u))";
+      };
+      postfix = {
+      	filter = "(&(objectClass=posixUser)(cn=%s))";
+      };
       searchBase = "dc=auth,dc=htw,dc=stura-dresden,dc=de";
-      searchScope = "sub";
       uris = [
         "ldap://localhost:389"
       ];