Re: Postfix Dovecot LDAP setup
... Silly me ... turns out I had a newline in my LDIF that's why it
ignored all the attributes below.
wasted 1.5 days on this flippn thing. Crap ;(
Anyway .. happy to move on now ;)
Am 22.01.15 um 22:19 schrieb Leander Schäfer:
[EDIT]: Sorry about the second mail. ignore the first one - it had try
and error mistakes in. Problem is still the very same as explaned
below. Thanks a lot.
Hi,
since days I'm trying to substitude my SQL based Postfix/Dovecot mail
server by a LDAP based setup. Everything seems to go smooth so far -
thanks to the many how to and Dovecot wiki. Unfortunately I'm
struggeling, since I have to create individual a LDAP schema which
suits the currently used LDAP structure. The current tructure looks
like this:
= dc=MyDomain,dc=TLD
== ou=People
=== uid=User-1
ou=mail
=== uid=User-2
ou=mail
... and so on ...
Within ou=mail should be the individual mail account(s) information of
a user. So in the end I want to add a(nother) mail account by
something like this:
cat EOF ./newUser.ldif
dn:
mailAddress=t...@domain.tld,ou=mail,uid=User-1,ou=people,dc=MyDomain,dc=TLD
objectclass: top
objectclass: mailAccount
mailAddress: t...@domain.tld
MailPassword: {SSHA}SomePassword
MailAccountStatus: active
[...]
EOF
Therefore I setup a LDAP schema like the following, but it seems to
ignore the attributes MailPassword and noMailAccountStatus. Why? I
don't understand what I'm missing here on my objectclass? ;/
# == LDAP schema === #
#
# OID Macros (10001 should be IANA-registered)
#
objectidentifier nameSpace 1.3.6.1.4.1.10001
objectidentifier mail nameSpace:1
objectidentifier objectClassAccount mail:1
objectidentifier objectClassAccountInfo mail:2
#
# Attributes: objectClass[NAME]:1.[SERIAL]
#
attributetype ( objectClassAccount:1.1
NAME 'mailAddress'
DESC 'The hosted mail addresses'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
SINGLE-VALUE )
attributetype ( objectClassAccount:1.2
NAME 'MailPassword'
DESC 'The hosted mail password'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
attributetype ( objectClassAccount:1.3
NAME 'MailAccountStatus'
DESC 'The status of a user account: active, noaccess, disabled,
deleted'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
[...]
#
# Objects: objectClass[NAME]:2.[SERIAL]
#
objectclass ( objectClassAccount:2.1
NAME 'mailAccount'
SUP ( top )
STRUCTURAL
DESC 'Mail account'
MUST ( mailAddress )
MAY ( MailPassword $ MailAccountStatus ) )
# == #
Thanks
Best Regards,
Leander
Postfix Dovecot LDAP setup
Hi,
since days I'm trying to substitude my SQL based Postfix/Dovecot mail
server by a LDAP based setup. Everything seems to go smooth so far -
thanks to the many how to and Dovecot wiki. Unfortunately I'm
struggeling, since I have to create individual a LDAP schema which suits
the currently used LDAP structure. The current tructure looks like this:
= dc=MyDomain,dc=TLD
== ou=People
=== uid=User-1
ou=mail
=== uid=User-2
ou=mail
... and so on ...
Within ou=mail should be the individual mail account(s) information of a
user. So in the end I want to add a(nother) mail account by something
like this:
cat EOF ./newUser.ldif
dn:
mailAddress=t...@domain.tld,ou=mail,uid=User-1,ou=people,dc=MyDomain,dc=TLD
objectclass: top
objectclass: mailAccount
mailAddress: t...@domain.tld
noMailPassword: {SSHA}SomePassword
noMailAccountStatus: active
[...]
EOF
Therefore I setup a LDAP schema like the following, but it seems to
ignore the attributes MailPassword and noMailAccountStatus. Why? I
don't understand what I'm missing here on my objectclass? ;/
# == LDAP schema === #
#
# OID Macros (10001 should be IANA-registered)
#
objectidentifier nameSpace 1.3.6.1.4.1.10001
objectidentifier mail nameSpace:1
objectidentifier objectClassAccount mail:1
objectidentifier objectClassAccountInfo mail:2
#
# Attributes: objectClass[NAME]:1.[SERIAL]
#
attributetype ( objectClassAccount:1.1
NAME 'mailAddress'
DESC 'The hosted mail addresses'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
SINGLE-VALUE )
attributetype ( objectClassAccount:1.2
NAME 'MailPassword'
DESC 'The hosted mail password'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
attributetype ( objectClassAccount:1.3
NAME 'MailAccountStatus'
DESC 'The status of a user account: active, noaccess, disabled,
deleted'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
[...]
#
# Objects: objectClass[NAME]:2.[SERIAL]
#
objectclass ( objectClassAccount:2.1
NAME 'mailAccount'
SUP ( top )
STRUCTURAL
DESC 'Mail account'
MUST ( mailAddress )
MAY ( MailPassword $ MailAccountStatus ) )
# == #
Thanks
Best Regards,
Leander
Postfix Dovecot LDAP setup
[EDIT]: Sorry about the second mail. ignore the first one - it had try
and error mistakes in. Problem is still the very same as explaned below.
Thanks a lot.
Hi,
since days I'm trying to substitude my SQL based Postfix/Dovecot mail
server by a LDAP based setup. Everything seems to go smooth so far -
thanks to the many how to and Dovecot wiki. Unfortunately I'm
struggeling, since I have to create individual a LDAP schema which suits
the currently used LDAP structure. The current tructure looks like this:
= dc=MyDomain,dc=TLD
== ou=People
=== uid=User-1
ou=mail
=== uid=User-2
ou=mail
... and so on ...
Within ou=mail should be the individual mail account(s) information of a
user. So in the end I want to add a(nother) mail account by something
like this:
cat EOF ./newUser.ldif
dn:
mailAddress=t...@domain.tld,ou=mail,uid=User-1,ou=people,dc=MyDomain,dc=TLD
objectclass: top
objectclass: mailAccount
mailAddress: t...@domain.tld
MailPassword: {SSHA}SomePassword
MailAccountStatus: active
[...]
EOF
Therefore I setup a LDAP schema like the following, but it seems to
ignore the attributes MailPassword and noMailAccountStatus. Why? I
don't understand what I'm missing here on my objectclass? ;/
# == LDAP schema === #
#
# OID Macros (10001 should be IANA-registered)
#
objectidentifier nameSpace 1.3.6.1.4.1.10001
objectidentifier mail nameSpace:1
objectidentifier objectClassAccount mail:1
objectidentifier objectClassAccountInfo mail:2
#
# Attributes: objectClass[NAME]:1.[SERIAL]
#
attributetype ( objectClassAccount:1.1
NAME 'mailAddress'
DESC 'The hosted mail addresses'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
SINGLE-VALUE )
attributetype ( objectClassAccount:1.2
NAME 'MailPassword'
DESC 'The hosted mail password'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
attributetype ( objectClassAccount:1.3
NAME 'MailAccountStatus'
DESC 'The status of a user account: active, noaccess, disabled,
deleted'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
[...]
#
# Objects: objectClass[NAME]:2.[SERIAL]
#
objectclass ( objectClassAccount:2.1
NAME 'mailAccount'
SUP ( top )
STRUCTURAL
DESC 'Mail account'
MUST ( mailAddress )
MAY ( MailPassword $ MailAccountStatus ) )
# == #
Thanks
Best Regards,
Leander
