Zitat von lixiang <[EMAIL PROTECTED]>:

Hi lixiang,

>     i have installed vpopmail-5.2.1,qmail-1.0.3, qmail-ldap, openldap-2.0.27,
> qmailadmin-1.0.6 in my Redhat 7.3 box.

Please do not mix qmail-ldap and vpopmail-ldap. These are totally different 
programms that both try to do the same. !!

I 'll give you a short step by step way to use vpopmail-ldap:


1) Edit qmailUser.schema

--- snip
attributetype ( 1.3.6.1.4.1.8868.3.1.2
        NAME 'qmailGID'
        DESC 'qmail group id'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{100}
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.8868.3.1.3
        NAME 'qmailUID'
        DESC 'qmail userid'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{100}
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.8868.3.1.4
        NAME 'qmaildomain'
        DESC 'qmail Domain'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{100}
        SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.8868.3.1.6
        NAME 'mailQuota'
        DESC 'qmail quota'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{100}
        SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.8868.3.1.7
        NAME 'mailMessageStore'
        DESC 'qmail Store'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{100}
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.8868.3.1.8
        NAME 'clearPassword'
        DESC 'qmail Clear Password for APOP'
        EQUALITY octetStringMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128}
        SINGLE-VALUE )

objectclass ( 1.3.6.1.4.1.8868.3.1
        NAME 'qmailUser'
        DESC 'qmail local mail recipient'
        SUP ( top $ person $ organizationalPerson )
        MAY ( qmailGID $ qmailUID $ qmaildomain $
                mailQuota $ mailMessageStore $ clearPassword $
                uid $ name $ sn $ cn ) )

--- snap

2) Modify the definition of  "person" in core.schema to :

--- snip

 objectclass ( 2.5.6.6 NAME 'person'
         DESC 'RFC2256: a person'
         SUP top STRUCTURAL
         MAY ( sn $ cn $ userPassword $ telephoneNumber $ seeAlso $ description 
 $ mail $
                 workphonenumber $ cellphonenumber $ postalAddress $
                 title $ telexNumber $street $givenName $registeredAddress 
 $cellphone) )
 
--- snap
 



3) Edit vldap.h

vldap.h

--- snip

#define VLDAP_SERVER "localhost"
#define VLDAP_PORT LDAP_PORT
#define VLDAP_USER "cn=root,dc=xxxxxx,dc=net"
#define VLDAP_PASSWORD "xxxxxx"
#define MAX_BUFF 500

#define VLDAP_BASEDN "ou=people,dc=xxxxxxx,dc=net"

--- snap


4) Recompile vpopmail --with-ldap
Do not use both mysql and ldap !!!


5)
Setup slapd.conf 

slapd.conf
----snip
include   /vmail/etc/openldap/schema/core.schema
include   /vmail/etc/openldap/schema/qmailUser.schema
......
access to attr=userPassword
       by  *  auth

database          bdb
suffix         "dc=xxx,dc=cn"
rootdn         "dc=admin,dc=xxxx,dc=net"
rootpw        secret
directory     /var/openldap
index          objectclass               pres,eq
index          cn,sn,uid                  eq,


6)
Start slapd

7)

Edit dn.ldif
----snip
dn: dc=xxx,dc=net
objectclass: organization
o: ynst

dn:ou=people,dc=xxxx,dc=cn
objectclass: organizationalUnit
ou:people
----snip

8) Add base DN
-------------------------------------------------------------------------
ldapadd -x -w admin -D 'cn=admin,dc=xxxx,dc=cn' -f  /tmp/dn.ldif
   adding new entry  "dc=xxxx,dc=cn"

   adding new entry "ou=people,dc=xxxx,dc=cn"
--------------------------------------------------------------------------

9) Test it 
ldapsearch -x -w admin -D 'cn=admin,dc=xxxx,dc=cn' -b 'dc=xxxx,dc=cn'

10)

Now you should be able to add domains and users using either qmailadmin oder 
commandline.


Note: LDAP support does work !!! And is stable !!! 
Some patches from me are still not included for any reason I do not know, so if 
you have any problems feel free to ask !!! I will do my best ;-)

On first glance this looks a little bit tricky, but when you go ahead living 
with LDAP all steps are getting more and more reasonable to you. After you have 
discovered the advantages of LDAP you do not want to miss it anymore, I 
promise ;-))

And if any error still occur please send the LDAP error message. I included 
this into vldap.c to have much more debugging informations.

Best regards Jens

-- 
Jens Jahr


Reply via email to