Wesley Craig wrote: > On 27 Feb 2008, at 09:13, Tobias Franzén wrote: >> I will be migrating the few mail accounts from the MySQL >> database to LDAP for my new server, and I'm looking around to see what >> kind of schema I should use. > > Any authN LDAP schema is going to be much less complex & interesting > that the LDAP schema for mail delivery. > >> Part two of my question is, which schema is easily adopted for a LDAP >> structure that will have real user accounts as children to >> ou=People,dc=example,dc=com, and multiple virtual domains (as well as >> the example.com as main recipient). Also, aliases for these users should >> be able to point to local mailboxes as well as be redirected to external >> mail accounts (gmail and such). > > First, I'd be looking for an MTA & IMAP server that can do the things > you're interested in. Once I had that, I'd ask on the admin lists for > the target programs what was popular. Honestly, it's pretty easy to > cosign-enable just about any open source application. And the kind of > requirements that cosign puts on an LDAP schema for doing authN are > pretty minimal. From what I've found, Dovecot and Postfix support Kerberos/GSSAPI, so they seemed like good choices for use with Cosign. And I don't want to setup some local proxy to allow passwordless logins. Can I supply some webmail with single sign-on using Cosign (or anything else), without Kerberos tickets or some passwordless login proxy?
Regarding authN, are you suggesting I keep using something like postfixadmin (and it's MySQL storage) for the mail lookups and authZ, and some link to LDAP (or Kerberos) for authN? This is new ground for me. Any more help is appreciated. /Tobias ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
