On 05-11-13 12:15, Matt . wrote:
> Hi Guys,
>
> My first install is running great and now I', setting up my second but
> want to add Ldap authentication.
>
> I have seen the variables I can set for that but there are a lot and I
> wonder what is really needed in a "simple setup".
# used to find dbmail users
user_objectclass = top,account,dbmailUser
# used to find dbmail forwarding addresses
forw_objectclass = top,account,dbmailForwardingAddress
# equivalent of the 'userid' for a forwarding address
cn_string = uid
# only used if you use dbmail-users to manage ldap users
field_passwd = userPassword
# equivalent of the 'userid' for a user: the login name
field_uid = uid
# necessary for database integrity.
field_nid = uidNumber
# the following only required if you use dbmail-users
min_nid = 10000
max_nid = 15000
field_cid = gidNumber
min_cid = 10000
max_cid = 15000
# a comma-separated list of attributes to match when searching
# for users or forwards that match a delivery address. A match
# on any of them is a hit.
field_mail = mail
# field that holds the mail-quota size for a user.
field_quota = mailQuota
# field that holds the forwarding address.
field_fwdtarget = mailForwardingAddress
Any field that is only used by dbmail-users is *not* required for
authentication.
> My other quesion is how the mailboxes will be fetched with the user, I
> see that there is an ldap schema but I already have my ldap server
> running and other apps authing to it.
Mailboxes are only recorded and stored in the relational database. Not
in LDAP. DBMail maintains 'shadow' records in SQL for LDAP users, which
is why field_nid is absolutely required.
Please note:
That also means that your tools will have to make damn sure that
whenever you delete a user from LDAP you *must* clean out the same user
from dbmail.dbmail_users, or else a user added to ldap later might end
up with the same uidNumber and hence with access to the email store of
the old user.
It is quite trivial to mix in the schema provided by dbmail with
existing users and only use those fields from it that are not already
provided by your current schema.
--
________________________________________________________________
Paul J Stevens pjstevns @ gmail, twitter, github, linkedin
* Premium Hosting Services and Web Application Consultancy *
www.nfg.nl/[email protected]/+31.85.877.99.97
________________________________________________________________
_______________________________________________
DBmail mailing list
[email protected]
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
