2006/10/29, Paul Pruett <[EMAIL PROTECTED]>:
Looking for docs for OpenLDAP and cyrus-imapd on OpenBSD
I am trying to implement cyrus-imap on OpenBSD sendmail for virtual
hosting with support for pop3, imap (localhost), and smtp-auth.
I have it working a similar setup. All you need once the openldap side
is runnning (and there are lots of docs about OpenLDAP for users
authentication out there):
In the sendmail side, you just need to map mail adresses to uids
(forget mailAlternateAddress, just needed if you migrated from
qmail-ldap):
FEATURE(`virtusertable',
`ldap -1 -T<TMPF> -v uid -k (|(mail=%0)(mailAlternateAddress=%0))')dnl
configure SASL options in sendmail.mc
define(`confAUTH_MECHANISMS', `CRAM-MD5 DIGEST-MD5 LOGIN PLAIN')dnl
TRUST_AUTH_MECH(`CRAM-MD5 DIGEST-MD5 LOGIN PLAIN')
/usr/local/lib/sasl2/Sendmail.conf
pwcheck_method: saslauthd
mech_list: plain cram-md5 digest-md5 login
saslauthd.conf:
ldap_servers: ldap://ldap.xxx/
ldap_bind_dn: cn=xxx,dc=xxx,dc=sa
ldap_bind_pw: xxxx
ldap_search_base: ou=People,dc=carreras,dc=sa
ldap_filter: (&(uid=%u)(accountStatus=active))
ldap_password_attr: userPassword
Cyrus LDAP authentication:
/etc/imapd.conf
sasl_pwcheck_method: saslauthd
sasl_mech_list: login cram-md5 digest-md5 plain
(*-md5 mechs won't work with hashed userPasswords, but don't harm)
You will need a sendmail compiled with SASL and ldap support, just add
this to /etc/mk.conf:
WANT_LDAP=yes
WANT_SMTPAUTH=yes
And thats all...
Greets
