It's reasonable that you want to use OpenLDAP server running on iRedMail server as a central identity management database. If you have other software/services, and need to restrict some users to use these software/services, the easiest and most elegent soluion is adding extra service name in LDAP database, and update your software to use a proper LDAP filter to query users.
We assume you have a GitLab server and Jabber (XMPP) server running on internal
servers, and allow different users to use them.
In this tutorial, we use service name
gitlab for GitLab service, and
With iRedAdmin-Pro, please open its config file
, add a new parameter
ADDITIONAL_ENABLED_USER_SERVICES = ['gitlab', 'jabber']
Newly created mail user will have these 2 services enabled by default, but for existing users, you have to add them either manually or do it with some scripting/programming.
You can find these 2 custom service names after logged in to iRedAdmin-Pro,
in user profile page, under tab
Advanced. Screenshot attached.
In OpenLDAP, mail user with these 2 services enabled will have 2 new LDAP attribute/value pairs:
For GitLab, the LDAP filter used to query user should look like this:
For Jabber, the LDAP filter used to query user should look like this: