config: dict.md - Update to config-rewrite

Author: mbettini-ox

data/settings.js

@@ -4803,7 +4803,7 @@ How long to wait for answer before aborting request.`
 	},
 
 	dict_map: {
-		tags: [ 'dict', 'dict-sql' ],
+		tags: [ 'dict', 'dict-sql', 'dict-ldap' ],
 		values: setting_types.NAMED_LIST_FILTER,
 		seealso: [ 'dict_map_pattern' ],
 		text: `
@@ -4812,7 +4812,7 @@ Creates a new dict mapping. The filter name refers to the
 	},
 
 	dict_map_pattern: {
-		tags: [ 'dict', 'dict-sql' ],
+		tags: [ 'dict', 'dict-sql', 'dict-ldap' ],
 		values: setting_types.STRING,
 		text: `
 Pattern that is matched to the accessed dict keys. The [[setting,dict_map]]
@@ -4845,13 +4845,15 @@ optional if no expiration is used by the code accessing the dict map.`
 	},
 
 	dict_map_value: {
-		tags: [ 'dict', 'dict-sql' ],
+		tags: [ 'dict', 'dict-sql', 'dict-ldap' ],
 		values: setting_types.NAMED_LIST_FILTER,
 		seealso: [ 'dict_map_value_name' ],
 		text: `
-Creates a new value for the dict map. The filter name refers to the
+- sql: Creates a new value for the dict map. The filter name refers to the
 [[setting,dict_map_value_name]] setting. Dict supports reading/writing multiple
-values for the same key.`
+values for the same key.
+
+- ldap: Value to be returned from an ldap search, as a [[link,settings_variables,variable-expression]]`
 	},
 
 	dict_map_field: {
@@ -10983,7 +10985,7 @@ SASL realm to use.`
 	},
 
 	ldap_base: {
-		tags: [ 'auth-ldap' ],
+		tags: [ 'auth-ldap', 'dict-ldap' ],
 		values: setting_types.STRING,
 		text: `
 LDAP base.
@@ -11023,8 +11025,24 @@ You may need to recompile OpenLDAP with debugging enabled to get enough output.`
 Specify dereference which is set as an LDAP option.`
 	},
 
+	dict_map_ldap_filter: {
+		tags: [ 'dict-ldap' ],
+		values: setting_types.STRING,
+		text: `
+The ldap filter to use to find the ldap entry.
+
+This setting is required for ldap [[setting,dict_map]]`
+	},
+
+	ldap_max_idle_time: {
+		tags: [ 'dict-ldap' ],
+		values: setting_types.TIME,
+		text: `
+Disconnect from LDAP server after connection has been idle for this many seconds.`
+	},
+
 	ldap_scope: {
-		tags: [ 'auth-ldap' ],
+		tags: [ 'auth-ldap', 'dict-ldap' ],
 		default: 'subtree',
 		values: setting_types.ENUM,
 		values_enum: [ 'base', 'onelevel', 'subtree' ],

docs/core/config/dict.md

@@ -81,8 +81,22 @@ See [[link,auth_ldap]].
 
 ::: code-group
 ```[dovecot.conf]
-dict_legacy {
-  somedict = ldap:/path/to/dovecot-ldap-dict.conf.ext
+dict_server {
+  dict ldap {
+    driver = ldap
+    ldap_uris = ldap://{{LDAPHOST}}
+    ldap_auth_dn = uid=testadmin,cn=users,dc=dovecot,dc=net
+    ldap_auth_dn_password = testadmin
+    ldap_timeout_secs = 5
+    ldap_base = dc=dovecot,dc=net
+    ldap_starttls = no
+    ssl_client_require_valid_cert = no
+
+    dict_map priv/test/home {
+      ldap_filter = (&(homeDirectory=*)(uid=%{user}))
+      value = %{ldap:homeDirectory}
+    }
+  }
 }
 ```
 :::
@@ -95,30 +109,20 @@ dict_legacy {
 #### Examples
 
 To map a key to a search:
-
 ```
-map {
-  pattern = priv/test/mail
-  filter = (mail=*)  # the () is required
-  base_dn = ou=container,dc=domain
-  username_attribute = uid # default is cn
-  value_attribute = mail
+dict_map priv/test/mail {
+  ldap_filter = (&(uid=%{user})(mail=*))
+  ldap_base = ou=container,dc=domain
+  value = %{ldap:mail}
 }
 ```
 
 To do a more complex search:
-
 ```
-map {
-  pattern = priv/test/mail/$location
-  filter = (&(mail=*)(location=%{location}) # the () is required
-  base_dn = ou=container,dc=domain
-  username_attribute = uid # default is cn
-  value_attribute = mail
-
-  fields {
-    location=$location
-  }
+dict_map priv/test/mail/$location {
+  ldap_filter = (&(uid=%{user})(mail=*)(uid=%{pattern:location}))
+  ldap_base = ou=container,dc=domain
+  value = %{ldap:mail}
 }
 ```