Peter, Don't use dbmail-users to manage your ldap accounts. Use cpu for that purpose. Although dbmail-users will work just fine for small systems where ldap accounts are strictly DbmailUser objects, for anything more complex (posixUsers, sambaSamAccount, etc) you will quickly run into trouble. dbmail-users has no mechanisme to mix-in attributes required by the other object classes.
Peter Rabbitson wrote: > Hello list, > > I am about to deploy dbmail to revive a suffocating mbox based system. > Going through docs and features I had an impression that dbmail 2.1 is > fully LDAP aware and I might be able to let it play nicelty with the > rest of the system. Notably I was hoping to be able to synchronize > samba/system passwords (already handled by ldap) and the dbmail > accounts. I use cpu for just that purpose. No sweat. Dbmail's ldap-auth will look for and use the userPassword attribute if so configured. > I installed 2.1 and started struggling to get it to work with LDAP. > Currently I am stuck at an "authldap.c,auth_adduser: could not add user: > Invalid syntax" error, but then it came to me that what I am trying to > do might not be possible at all due to password storing requirements - > afaik samba requires clear texts stored in LDAP. You must be using an ancient samba-ldap setup. I always use the sambaLMPassword and sambaNTPassword fields which *are* encrypted. > So my question is - can this be done at all? Have a password change on > samba be reflected in dbmail and vice versa? If yes - is there any > documentation on the LDAP + dbmail subject? If your password change in samba implies a change of the userPassword field the answer is yes, of course! Use 'pam password change = yes' in smb.conf, assuming your ldap-pam integration is functional of course. -- ________________________________________________________________ Paul Stevens mailto:[EMAIL PROTECTED] NET FACILITIES GROUP PGP: finger [EMAIL PROTECTED] The Netherlands________________________________http://www.nfg.nl
