 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
5 messages in net.sourceforge.lists.courier-maildrop[maildropl] Trouble with maildrop and...| From | Sent On | Attachments |
|---|---|---|
| Tiemuzhen Khan | Apr 15, 2007 2:24 pm | |
| Sam Varshavchik | Apr 15, 2007 3:35 pm | |
| Tiemuzhen Khan | Apr 15, 2007 4:41 pm | |
| Sam Varshavchik | Apr 15, 2007 6:50 pm | |
| Tiemuzhen Khan | Apr 15, 2007 7:22 pm |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | [maildropl] Trouble with maildrop and LDAP | Actions... |
|---|---|---|
| From: | Tiemuzhen Khan (tiem...@gmail.com) | |
| Date: | Apr 15, 2007 2:24:42 pm | |
| List: | net.sourceforge.lists.courier-maildrop | |
I am trying to set up a mail server with postfix, openldap, maildrop and courier-imap. I need to handle multiple domains for users who may or may not have login accounts. So mail to test...@example.com, testuser@example2.comand test...@example3.com need to all go to the maildir for the LDAP user testuser. My thinking is that in postfix I can map all these accounts to just one account, test...@example.com, and have maildrop deliver it to testuser.
However, I seem to be having an issue with maildrop and LDAP before postfix is involved. I say that because I can get this to work: su - vmail -c "maildrop -d testuser"
But this fails: su - vmail -c "maildrop -d test...@example.com"
The error message is "Invalid user specified."
I can see that the LDAP query is this:
Apr 15 15:45:57 mail02 slapd[1313]: conn=5745 op=2 SRCH base="dc=example,dc=com" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=test...@example.com))"
When I do 'su - vmail -c "maildrop -d testuser"' it will query on a uid of testuser, which works.
(Would creating an LDAP account for "test...@example.com" be a reasonable workaround? They wouldn't be able to log in then, athough I guess I could have a testuser account with the same home directory, uid and gid.)
Here is the LDAP info for testuser. Domain names have been changed to protect the innocent and user names to protect the guilty. There may be a typo or two down below where I changed one or the other.
dn: uid=testuser,ou=people,dc=example,dc=com cn: Test User gidNumber: 100 givenName:: TWljaGFlbCA= homeDirectory: /home/testuser loginShell: /bin/bash objectClass: top objectClass: posixAccount objectClass: shadowAccount objectClass: inetOrgPerson shadowInactive: -1 shadowLastChange: 13607 shadowMax: 99999 shadowMin: 0 shadowWarning: 7 sn: Test uid: testuser uidNumber: 1000 mail: test...@example.com
This is maildrop 2.03, built from source and configured with these options:
./configure --enable-restrict-trusted=1 --enable-trusted-users=root vmail --enable-maildir-quota --with-trashquota --enable-maildropldap
Permissions on maildrop:
-rwsr-xr-x 1 root mail 693550 Apr 6 19:46 /usr/local/bin/maildrop
I've got courier-authlib 0.59.2 running, configured without any options and also built from source.
My /usr/local/etc/authlib/authldaprc (stripped of comments and blank lines):
LDAP_URI ldap://localhost LDAP_PROTOCOL_VERSION 3 LDAP_BASEDN ou=people,dc=example,dc=com LDAP_BINDDN cn=administrator,dc=example,dc=com LDAP_BINDPW password LDAP_TIMEOUT 5 LDAP_MAIL mail LDAP_DOMAIN example.com LDAP_HOMEDIR homeDirectory LDAP_MAILDIR Maildir/ LDAP_DEFAULTDELIVERY defaultDelivery LDAP_FULLNAME cn LDAP_CLEARPW clearPassword LDAP_CRYPTPW userPassword LDAP_UID uidNumber LDAP_GID gidNumber LDAP_DEREF never LDAP_TLS 1
My /usr/local/etc/authlib/authdaemonrc:
authmodulelist="authuserdb authldap authcustom authpipe" authmodulelistorig="authuserdb authldap authcustom authpipe" daemons=5 authdaemonvar=/usr/local/var/spool/authdaemon DEBUG_LOGIN=1 DEFAULTOPTIONS="" LOGGEROPTS=""