 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
5 messages in net.sourceforge.lists.courier-usersRe: [courier-users] LDAP usernames an...| From | Sent On | Attachments |
|---|---|---|
| Thorne Lawler | Apr 7, 2004 10:07 pm | |
| Jay Lee | Apr 8, 2004 7:53 am | |
| Gordon Messmer | Apr 8, 2004 12:48 pm | |
| Thorne Lawler | Apr 15, 2004 9:01 pm | |
| Thorne Lawler | Apr 15, 2004 9:10 pm |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | Re: [courier-users] LDAP usernames and mail addresses | Actions... |
|---|---|---|
| From: | Jay Lee (jl...@pbu.edu) | |
| Date: | Apr 8, 2004 7:53:45 am | |
| List: | net.sourceforge.lists.courier-users | |
What WebMail are you using? We have the same scenario. I have Courier query on UID, then on a user's first login to Squirrelmail, a plugin called retrieveuserdata is run which does an LDAP query against that UID and retrieves their mail and fullname attributes to use in the From: field for outgoing messages. With Squirrelmail, I have the ability to allow users to change either of these if they wish, or lock both down, or allow only fullname changes (some user's don't like their mail coming from William T. Smith, they'd prefer Billy, they can change that but not the email address). So anyways, your webmail should be more flexible in allowing you to at least modify the From: address if not automatically query the LDAP for the proper address.
Jay
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Jay Lee Network / Systems Administrator Information Technology Dept. Philadelphia Biblical University Langhorne, PA ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thorne Lawler said:
Hi again folks,
I am having difficulties getting Courier to handle LDAP accounts with the kind of semantics I'd like: I have a large pre-existing LDAP which it would be very, very difficult to modify all the users in. I am going to use ldapaliasd, for sure, but I can'treally change the user data at this point.
The user data for a typical user looks like the following:
dn: uid=wendys, ou=People, dc=microlistics,dc=com,dc=au mobile: 0412 521 181 o: Dawson Consulting sn: Smith telephoneNumber: 03 8329 2011 userPassword: [crypted string here] loginShell: /bin/ksh uidNumber: 1080 gidNumber: 120 mail: wend...@dawsonconsulting.com.au shadowFlag: 0 uid: wendys objectClass: posixAccount objectClass: shadowAccount objectClass: account objectClass: top objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person gecos: Wendy Smith,,, shadowLastChange: 0 cn: Wendy Smith homeDirectory: /export/home/wendys
For added information, my default domain is currently set to "microlistics.com.au". We have one set of users here, all with unique uids, but we have half a dozen domains.
The difficulty that I'm having is as follows:
If I configure authldaprc to use "mail" as the search token, then try to use basic UNIX tools like 'mail', courier fails to send the message because "wen...@microlistics.com.au" doesn't exist. It also fails to deliver local email sent by things like cron. I also get a lot fo grief from the users I've trialled on webmail so far because they don't want to enter their whole email address into the webmail login page, which is fair enough: they have a userid already for logging into things.
If I configure authldaprc to use "uid" as the search token, webmail assumes that everyone's email address is "user...@microlistics.com.au" (which is incorrect), and it can't find any of the real email addresses we typically use, which are all of the form firstname.secondname@domainname.
I have come up with several partial solutions which involve entering very large tables of extra aliases to tell courier how to map mail addresses to uids or vice versa, but none of them solve all of the problems listed above, and they all break the basic poin of having an LDAP, anmely that it should be the only store you need for per-user directory information.
What I would like to wind up with should be fairly obvious: Users log in to webmail and IMAP with their username (uid). Webmail gets the correct value for a users email address from the LDAP (mail). Email is correctly delivered into $HOME/Maildir if it is sent to $uid@localdomain AND if it is sent to firstname.secondname@localdomain, and no further aliases are needed to achieve this.
Can anyone suggest how this might be possible? If not, how about a good compromise?
Thanks in advance for any suggestions.
_________________________________ Thorne Lawler Senior Systems Administrator
t: +61 3 8329 2026 f: +61 3 9326 7588 e: thor...@microlistics.com.au
Microlistics A Dawson Group Company www.microlistics.com.au
_________________________________
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________ courier-users mailing list cour...@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users