LDAP auth & role mapping

[getcom]

Hello all,

today I installed the first time the pmg and there are some questions left.

I have an UCS backend and configured the LDAP settings in pmg.
pgm found all users with all configured email addresses and it found all groups.
For what reason are the groups?
I searched for a possibility to get a LDAP group mapping for the preconfigured roles. Is it possible or is login only working for the quarantine URL?
There is no way to create new roles or modify the access rights for existing roles. Is it not possible?
What is the normal way to integrate a letsencrypt certificate for TLS/SSL plus additional listening ports for authenticated users?

regards
Ralf

 

[aaron]

The LDAP integration is meant to be used for the quarantine login and to create filter rules [0].

There is no way to create new roles or modify the access rights for existing roles. Is it not possible?
What is the normal way to integrate a letsencrypt certificate for TLS/SSL plus additional listening ports for authenticated users?

The PMG is meant to be between the internet and your mail server. Users should send their email via the mail server and not via the PMG directly.

Should you really want to do that you can modify the postfix configuration. In order to make it update-safe you should use the provided configuration templates [1].

I hope this helps.


[0] https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#_ldap_integration
[1] https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmgconfig_template_engine