Is anyone using LDAP along with Dovecot where mail is being accessed
in the form of /var/vmail/${domain}/${user}? I have not figured out
how to extract the domain from LDAP in order to make this work. I
know this is sparse information but maybe there is an easy fix. If
not, I can post more information.
Bryan
<quote who="Bryan Vyhmeister">> Is anyone using LDAP along with Dovecot where mail is being accessed > in the form of /var/vmail/${domain}/${user}? I have not figured out > how to extract the domain from LDAP in order to make this work. I > know this is sparse information but maybe there is an easy fix. If > not, I can post more information. > > Bryan >What config have you tried? -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghenry at suretecsystems.com Open Source. Open Solutions(tm). http://www.suretecsystems.com/
On Thursday 17 May 2007 04:06:52 Bryan Vyhmeister wrote:> Is anyone using LDAP along with Dovecot where mail is being accessed > in the form of /var/vmail/${domain}/${user}? I have not figured out > how to extract the domain from LDAP in order to make this work. I > know this is sparse information but maybe there is an easy fix. If > not, I can post more information. > > BryanThe attachments contain my configuration. Maybe you could document some more on the wiki? dn: dc=mail,dc=quies,dc=net objectClass: top objectClass: dcObject objectClass: organizationalRole dc: mail cn: Quies Net mail division dn: cn=dovecot,dc=mail,dc=quies,dc=net objectClass: top objectClass: organizationalRole objectClass: simpleSecurityObject cn: dovecot description: Dovecot daemon userPassword: not public dn: ou=accounts,dc=mail,dc=quies,dc=net objectClass: top objectClass: organizationalUnit ou: accounts dn: cn=quies.net,ou=accounts,dc=mail,dc=quies,dc=net objectClass: top objectClass: posixGroup cn: quies.net gidNumber: 10000 dn: uid=pascal at quies.net,cn=quies.net,ou=accounts,dc=mail,dc=quies,dc=net objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount uid: pascal at quies.net uidNumber: 10000 gidNumber: 10000 homeDirectory: /var/spool/imap/net.quies/pascal userPassword: not public cn: Pascal de Kloe givenName: Pascal sn: de Kloe etc. -------------- next part -------------- protocols = imap shutdown_clients = no log_timestamp = "%y-%m-%d %H:%M:%S " login_greeting = Quies Net IMAP service. mail_location = maildir:~/Maildir mmap_no_write = yes first_valid_uid = 10000 last_valid_uid = 99999 first_valid_gid = 10000 last_valid_gid = 99999 ssl_cert_file = /etc/ssl/lib/cert.pem ssl_key_file = /etc/ssl/private/key.pem ssl_cipher_list = TLSv1+HIGH:TLSv1+MEDIUM auth default { user = dovecot-auth mechanisms = plain passdb ldap { args = /etc/dovecot-ldap.conf } userdb ldap { args = /etc/dovecot-ldap.conf } socket listen { client { path = /var/postfix/private/auth mode = 0660 user = postfix group = postfix } master { path = /var/run/dovecot/auth-master mode = 0660 user = dovecot group = dovecot } } } protocol lda { postmaster_address = postmaster at quies.net sendmail_path = /usr/local/sbin/sendmail mail_plugins = cmusieve quota } protocol imap { mail_plugins = quota imap_quota } plugin { quota = maildir:storage=2097152:messages=100000 } -------------- next part -------------- hosts = localhost ldap_version = 3 dn = cn=dovecot,dc=mail,dc=quies,dc=net dnpass = not public deref = never base = ou=accounts,dc=mail,dc=quies,dc=net scope = subtree user_filter = (&(objectClass=posixAccount)(uid=%u)) user_attrs = uid,homeDirectory,,uid,uidNumber,gidNumber pass_attrs = uid,userPassword pass_filter = (&(objectClass=posixAccount)(uid=%u)) default_pass_scheme = PLAIN -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 827 bytes Desc: This is a digitally signed message part. URL: <http://dovecot.org/pipermail/dovecot/attachments/20070517/7ef40995/attachment.bin>
On May 16, 2007, at 10:29 PM, razor wrote:> 17.05.07 ? 05:06 Bryan Vyhmeister ? ????? ?????? > ?????(?): > >> Is anyone using LDAP along with Dovecot where mail is being >> accessed in the form of /var/vmail/${domain}/${user}? I have not >> figured out how to extract the domain from LDAP in order to make >> this work. I know this is sparse information but maybe there is an >> easy fix. If not, I can post more information. >> >> Bryan > > i am using exim+dovecot+lda+openldapThank you for the info. Bryan
On May 17, 2007, at 4:44 AM, Pascal S. de Kloe wrote:> The attachments contain my configuration. Maybe you could document > some > more on the wiki?If I understand your config correctly, you set your home directory in LDAP and then just deliver to ~/Maildir/ which goes to the correct / var/spool/imap/domain/user like I mentioned. In that case, do additional folders get created inside your Maildir or in the home folder itself? Thank you for the response. Bryan
Bryan Vyhmeister wrote:> Is anyone using LDAP along with Dovecot where mail is being accessed > in the form of /var/vmail/${domain}/${user}? I have not figured out > how to extract the domain from LDAP in order to make this work. I know > this is sparse information but maybe there is an easy fix. If not, I > can post more information. > > Bryan >I am using almost this exact setup. What I love about this is my LDAP config is minimal - no special schemas required (just core, cosine, nis, and inetorgperson). Everything is driven by the "mail" field - you store the full mail address, with domain, and the userPassword. I'm using Postfix and Dovecot. ## Dovecot.conf ... default_mail_env = maildir:/var/mail/%d/%n valid_chroot_dirs = /var/mail passdb ldap { args = /etc/dovecot/dovecot-ldap.conf } userdb passwd { args = /etc/dovecot/dovecot-ldap.conf } userdb ldap { args = /etc/dovecot/dovecot-ldap.conf } ... ## EOF ## Dovecot-ldap.conf hosts = localhost auth_bind = no auth_bind_userdn = uid=%n, ou=People, dc=amfeslan, dc=local ldap_version = 3 base = ou=People, dc=amfeslan, dc=local ## here's your magic lines user_attrs = %d/%n=mail user_filter = (mail=%u) pass_attrs = (&userPassword=password)(mail=%u)) user_global_uid = 5000 user_global_gid = 8 ## EOF -- Daniel
On May 18, 2007, at 11:33 PM, Daniel L. Miller wrote:>> Thank you for that info. Do you mind posting the relevant portions >> of your Postfix config? > main.cf: > .... > virtual_mailbox_base = /var/mail > virtual_mailbox_domains = <all your external / internal domains here> > virtual_mailbox_maps = ldap:/etc/postfix/maps/ldap-virtual.cf > virtual_uid_maps = static:5000 > virtual_gid_maps = static:8 > virtual_alias_maps = hash:/etc/postfix/maps/virtual-aliases > .... > ##EOF > > ldap-virtual.cf: > server_host = localhost > search_base = ou=People,dc=amfeslan,dc=local > query_filter = (&(mail=%s)) > result_attribute = mail > result_format = /%d/%u/ > version = 3 > > The ldap-virtual settings look a little odd - but I'm rather proud > of my gimmick. You look for the mail address matching the sender > (mail = %s). Return that same address - but format it as domain/ > user. Append it to /var/mail and there it is! > > virtual-aliases is a simple file for me - I haven't settled on an > LDAP implentation for aliases yet I'm satisfied with. I'm using > ldap-account-manager for adminstration, and there's no explicit > provision for aliases within LAM or the base schemas used.Thank you. I'll try this out. Bryan
On May 17, 2007, at 4:44 AM, Pascal S. de Kloe wrote:> The attachments contain my configuration. Maybe you could document > some > more on the wiki? > > > dn: dc=mail,dc=quies,dc=net > objectClass: top > objectClass: dcObject > objectClass: organizationalRole > dc: mail > cn: Quies Net mail division > > dn: cn=dovecot,dc=mail,dc=quies,dc=net > objectClass: top > objectClass: organizationalRole > objectClass: simpleSecurityObject > cn: dovecot > description: Dovecot daemon > userPassword: not public > > dn: ou=accounts,dc=mail,dc=quies,dc=net > objectClass: top > objectClass: organizationalUnit > ou: accounts > > dn: cn=quies.net,ou=accounts,dc=mail,dc=quies,dc=net > objectClass: top > objectClass: posixGroup > cn: quies.net > gidNumber: 10000 > > dn: > uid=pascal at quies.net,cn=quies.net,ou=accounts,dc=mail,dc=quies,dc=net > objectClass: top > objectClass: person > objectClass: organizationalPerson > objectClass: inetOrgPerson > objectClass: posixAccount > uid: pascal at quies.net > uidNumber: 10000 > gidNumber: 10000 > homeDirectory: /var/spool/imap/net.quies/pascal > userPassword: not public > cn: Pascal de Kloe > givenName: Pascal > sn: de Kloe > etc. > <dovecot.conf> > <dovecot-ldap.conf>I recognize that this is the dovecot list, not the Postfix list but I wasn't sure if you were using Postfix as well. If so, how are you getting around Postfix wanting mailacceptinggeneralid in order to accept messages? Thank you. Bryan
On May 18, 2007, at 11:33 PM, Daniel L. Miller wrote:>> Thank you for that info. Do you mind posting the relevant portions >> of your Postfix config? > main.cf: > .... > virtual_mailbox_base = /var/mail > virtual_mailbox_domains = <all your external / internal domains here> > virtual_mailbox_maps = ldap:/etc/postfix/maps/ldap-virtual.cf > virtual_uid_maps = static:5000 > virtual_gid_maps = static:8 > virtual_alias_maps = hash:/etc/postfix/maps/virtual-aliases > .... > ##EOF > > ldap-virtual.cf: > server_host = localhost > search_base = ou=People,dc=amfeslan,dc=local > query_filter = (&(mail=%s)) > result_attribute = mail > result_format = /%d/%u/ > version = 3 > > The ldap-virtual settings look a little odd - but I'm rather proud > of my gimmick. You look for the mail address matching the sender > (mail = %s). Return that same address - but format it as domain/ > user. Append it to /var/mail and there it is! > > virtual-aliases is a simple file for me - I haven't settled on an > LDAP implentation for aliases yet I'm satisfied with. I'm using > ldap-account-manager for adminstration, and there's no explicit > provision for aliases within LAM or the base schemas used.I just asked Pascal as well how he gets around Postfix asking for mailacceptinggeneralid in order to allow messages to be accepted. How do you get around that? Dovecot is working fine but I can't get Postfix to accept messages because it keeps trying to find mailacceptinggeneralid. Bryan
20.05.2007 23:00 Bryan Vyhmeister:>> query_filter = (&(mail=%s))mailacceptinggeneralid=%s ist the default value for query_filter. maybe the &-operator ANDs your expression to the default. anyway, if you just want to filter for the mail address, the &- operator is unneccessary. try query_filter = (mail=%s) instead. Marc