qmail-ldap .vs. vpopmail ? ----- Original Message ----- From: "Thai Duong" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Saturday, February 19, 2005 11:16 PM Subject: Re: [Vietlug] qmail + vpopmail + openldap authentication/password encryption problem
> hie^.n ta.i tui ba^.n qua' ne^n kho^ng vie^'t howto ddu+o+.c, bo^` > cu+' la`m ddi ro^`i ga(.p tru.c tra(.c cho^~ na`o post le^n dda^y tui > se~ chi? cho. a`h, tui setup tha`nh co^ng qmail + ldap + vpopmail + > egroupware luo^n nhu+ng hie^.n ta.i thi` ko du`ng theo mo^ hi`nh ddo' > nu+~a ma` du`ng qmail-ldap + ldap + egroupware, ly' do la` qmail-ldap > *ngon* ho+n, scalable ho+n vpopmail. > > On Fri, 18 Feb 2005 15:38:05 -0800, ctkien <[EMAIL PROTECTED]> wrote: > > Bac co' the gui cho em cai' how to qmail + ldap+vpopmail cho fedora dc ko > > ???? > > em ca`n lam' > > ----- Original Message ----- > > From: "Thai Duong" <[EMAIL PROTECTED]> > > To: <[email protected]> > > Sent: Friday, January 07, 2005 8:21 PM > > Subject: Re: [Vietlug] qmail + vpopmail + openldap authentication/password > > encryption problem > > > > > > Hi ca'c anh ! > > > > DDa^y la` mo^.t trong nhu+~ng ca'i topic la`m ddie^n ca'i dda^`u nha^'t > > dda^'y ! > > > > Co' ma^'y thu+' ca^`n quan ta^m khi authenticate user vo+'i ldap ma` > > > > em nghi~ la` ca^`n: > > > > - Authenticate ba(`ng bind hay bind ba(`ng mo^.t tha(`ng admin ro^`i > > > > search ? Ne^'u authenticate user ba(`ng ca'ch bind va`o ldap vo+'i > > > > tho^ng tin cu?a user ddo' thi` entry ddo' pha?i thuo^.c mo^.t > > > > objectclass nha^'t ddi.nh (em thu+o+`ng du`ng inetorgpersion), ca'c > > > > thuo^.c ti'nh kha'c ne^'u co' chi? la` optional. Ne^'u bind va`o > > > > ba(`ng mo^.t tha(`ng admin ro^`i ddi search xem co' account na`o cu?a > > > > user nhu+ the^' hay kho^ng (match username/password) thi` co' ve? de^~ > > > > ho+n, nhu+ng u+'ng du.ng ca^`n authenticate pha?i ho^~ tro+.. > > > > - Ne^'u ma` du`ng squid dde^? authenticate thi` to^'t nha^'t la` > > > > vie^'t mo^.t ca'i script dde^? authenticate vo+'i ldap rie^ng (theo 1 > > > > trong 2 ca'ch tre^n), sau ddo' du`ng script ddo' nhu+ mo^.t external > > > > authentication cu?a squid (o+? cty em du`ng POP3 account dde^? > > > > authenticate vo+'i squid, ca'i script na`y co' sa(~n tre^n Internet > > > > !!) > > > > > > > > Ne^'u co' the^? ddu+o+.c thi` ba'c post ca'i log file le^n dda^y > > > > (cha.y slapd vo+'i option -D 4 dde^? xem debug info, ca'i na`y co' > > > > i'ch la('m dda^'y) > > > Hie^.n ta.i thi` to^i dda~ bie^'t ro~ la` vpopmail cu~ng nhu+ > > > egroupware dde^`u su+? du.ng co+ che^' simple bind cu?a openldap, ko > > > tha(`ng na`o du`ng SASL he^'t. > > > Sau khi xem log file, ca'ch la`m cu?a tha(`ng vpopmail la` no' bind > > > ba(`ng ta`i khoa?n admin ro^`i search (lu'c ca^'u hi`nh no' thi` pha?i > > > su+?a ca'i vlapd.h dde^? no' co' the^? no'i chuye^.n vo+'i ldap). NO' > > > search ba(`ng ca'i filter da.ng nhu+ sau: > > > SRCH base="ou=example.com,o=root" scope=2 > > > filter="(&(objectClass=qmailUser)(uid=test))" > > > Sau khi la^'y ddu+o+.c ta^'t ca? tho^ng tin cu?a user, no' mo+'i ba('t > > > dda^`u so password ba(`ng ca'ch ma~ ho'a password dda^`u va`o cu?a > > > user vo+'i attribute userPassword ma` no' la^'y ddu+o+.c tu+` ldap. Do > > > ddo', va^'n dde^` ba^y gio+` la` do ca'ch thu+'c ma~ ho'a cu?a > > > vpopmail no' kha'c vo+'i nhu+~ng tha(`ng kha'c (ma(.c du` la` cu`ng > > > md5). > > > Vi' du. nhu+ cu`ng vo+'i string la` test, tha(`ng vpopmail ma~ ho'a ra > > > nhu+ nhu+ sau: {MD5}$1$h31raXwH$RXYsUWpx9ArIbRQwh4bmo1 , trong khi > > > ddo' du`ng ca'i co^ng cu. phpldapadmin, vo+'i che^' ddo^. ma~ ho'a md5 > > > (tha^.t ra go.i la` md5_crypt mo+'i chi'nh xa'c) thi` no' ma~ ho'a co' > > > format nhu+ sau {MD5}CY9rzUYh03PK3k6DJie09g==, co`n che^' ddo^. ma~ > > > ho'a md5crypt thi` no' ra nhu+ sau: > > > {CRYPT}$1$746kxGVi$4dUnm75UflMGJkEOVKwqc1. To^i chu+a xem ki~ source > > > code nhu+ng co' le~ tha(`ng vpopmail khi authenticate user no' se~ > > > nhi`n va`o ca'i prefix, ne^'u la` {MD5} (cho che^' ddo^. md5-crypt, > > > 12-charaters salt, mo+? dda^`u ba(`ng 1$1) hoa(.c {crypt} (cho che^' > > > ddo^. crypt, 2-characters salt) (chu' y' chu+~ thu+o+`ng) thi` no' > > > mo+'i process tie^'p, vi` phpldapadmin cu~ng nhu+ ca'c chu+o+ng tri`nh > > > kha'c, dde^`u ta.o prefix la` {CRYPT} chu+~ hoa cho ca? che^' ddo^. > > > md5-crypt va` crypt bi`nh thu+o+`ng. > > > DDo' la` ta^'t ca? nhu+~ng gi` to^i bie^'t dde^'n gio+` na`y, do ho^m > > > qua tre^~ qua' ne^n to^i ve^` pha?i ve^` nha`, ho^m nay vo^ la.i cho^~ > > > la`m to^i se~ tie^'n ha`nh: hoa(.c la` su+?a code cu?a vpopmail la.i, > > > hoa(.c la` compile la.i vpopmail bo? che^' ddo^. ma~ ho'a md5-crypt > > > ddi. Cha('c la` se~ cho.n ca'ch thu+' hai, ly' do la` vi` ra^'t > > > nhie^`u chu+o+ng tri`nh su+? du.ng md5-crypt by default, vi' du. nhu+ > > > ca'i tool migration cu?a openldap. Khi na`o la`m xong he^'t, tui se~ > > > thu+? vie^'t mo^.t ca'i HOWTO :D. > > > > > > --Tha'i. > > > > > > > > > ------------------------------------------------------- > > > The SF.Net email is sponsored by: Beat the post-holiday blues > > > Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. > > > It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt > > > _______________________________________________ > > > VietLUG-users mailing list > > > [email protected] > > > https://lists.sourceforge.net/lists/listinfo/vietlug-users > > > > > > > ------------------------------------------------------- > > SF email is sponsored by - The IT Product Guide > > Read honest & candid reviews on hundreds of IT Products from real users. > > Discover which products truly live up to the hype. Start reading now. > > http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click > > _______________________________________________ > > VietLUG-users mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/vietlug-users > > > > > ------------------------------------------------------- > SF email is sponsored by - The IT Product Guide > Read honest & candid reviews on hundreds of IT Products from real users. > Discover which products truly live up to the hype. Start reading now. > http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click > _______________________________________________ > VietLUG-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/vietlug-users > ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ VietLUG-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/vietlug-users
