Re: R: h_e_l_p

Fï¿½bio Gomes Wed, 17 Jul 2002 06:40:32 -0700

Davide,

        Each qmail user entrie in ldap must have the objectClass qmailUser. This 
is why you must have to declare: 'include               
/etc/openldap/schema/qmail.schema' in 
your slapd.conf.


Please read http://www.lifewithqmail.org/ldap and this link may be 
useful too: http://www.cerritoslug.org/tutorials/qmail-ldap/index.html.

        Try follow its directions and ask us if something goes wrong.

        Regards,
        Fï¿½bio Gomes


Davide Salerno wrote:
> thank you
> 
> ######## My conf files are #######
> 
> # $OpenLDAP: pkg/ldap/libraries/libldap/ldap.conf,v 1.4.8.6 2000/09/05
> 17:54:38 kurt Exp $
> #
> # LDAP Defaults
> #
> 
> # See ldap.conf(5) for details
> # This file should be world readable but not world writable.
> 
> #BASE dc=example, dc=com
> #URI  ldap://ldap.example.com ldap://ldap-master.example.com:666
> 
> #SIZELIMIT    12
> #TIMELIMIT    15
> #DEREF                never
> HOST 127.0.0.1
> BASE  dc=test.sispi, dc=it
> 
> 
> 
> 
> # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27 20:00:31
> kurt Exp $
> #
> # See slapd.conf(5) for details on configuration options.
> # This file should NOT be world readable.
> #
> include               /etc/openldap/schema/core.schema
> include               /etc/openldap/schema/cosine.schema
> include               /etc/openldap/schema/inetorgperson.schema
> include               /etc/openldap/schema/nis.schema
> include               /etc/openldap/schema/qmail.schema
> include               /etc/openldap/schema/qmailControl.schema
> include               /etc/openldap/schema/qmailUser.schema
> include               /etc/openldap/schema/redhat/rfc822-MailMember.schema
> include               /etc/openldap/schema/redhat/autofs.schema
> include               /etc/openldap/schema/redhat/kerberosobject.schema
> 
> schemacheck off
> # Define global ACLs to disable default read access.
> 
> # Do not enable referrals until AFTER you have a working directory
> # service AND an understanding of referrals.
> #referral     ldap://root.openldap.org
> 
> #pidfile      //var/run/slapd.pid
> #argsfile     //var/run/slapd.args
> 
> # Create a replication log in /var/lib/ldap for use by slurpd.
> #replogfile   /var/lib/ldap/master-slapd.replog
> 
> # Load dynamic backend modules:
> # modulepath  /usr/sbin/openldap
> # moduleload  back_ldap.la
> # moduleload  back_ldbm.la
> # moduleload  back_passwd.la
> # moduleload  back_shell.la
> 
> #
> # The next two lines allow use of TLS for connections using a dummy test
> # certificate, but you should generate a proper certificate by changing to
> # /usr/share/ssl/certs, running "make slapd.pem", and fixing permissions on
> # slapd.pem so that the ldap user or group can read it.
> # TLSCertificateFile /usr/share/ssl/certs/slapd.pem
> # TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem
> #
> # Sample Access Control
> #     Allow read access of root DSE
> #     Allow self write access
> #     Allow authenticated users read access
> #     Allow anonymous users to authenticate
> #
> #access to dn="" by * read
> #access to *
> #     by self write
> #     by users read
> #     by anonymous auth
> #
> # if no access controls are present, the default is:
> #     Allow read by all
> #
> # rootdn can always write!
> #A user can write to their own record and to all of it's children:
> 
> access to *
>         by self write
>         by anonymous read
> access to dn=".*,(cn=.*,dc=test.sispi,dc=it)"
>         by dn="$1" write
>         by anonymous auth
> 
> #######################################################################
> # ldbm database definitions
> #######################################################################
> 
> database ldbm
> suffix        "dc=test.sispi, dc=it"
> rootdn        "cn=davide,dc=test.sispi,dc=it"
> #rootdn "[EMAIL PROTECTED]"
> rootpw        "segreta"
> # rootpw              {crypt}ijFYNcSNctBYg
> directory     /usr/local/var/openldap-data
> #DBdirectory
> # Indices to maintain
> #index        objectClass,cn,uid,userPassword,uidNumber,gidNumber,memberUid
> pres,eq
> #index        sn,givenname eq
> index cn,sn,uid eq
> index objectClass pres,eq
> 
> 
> 
> 
> # $OpenLDAP: pkg/ldap/servers/slapd/slapd.oc.conf
> #
> objectclass qmailUser
> requires
> objectclass,
> mail,
> mailMessageStore,
> uid,
> userPassword
> allows
> mailAlternateAddress,
> qmailUser,
> qmailUID,
> qmailGID,
> mailQuota,
> mailForwardingAddress,
> mailHost,
> deliveryProgramPath,
> deliveryMode,
> mailReplyText,
> qmailDotMode,
> accountStatus,
> mailGroup
> 
> 
> ######sample ldap user entry #########################
> 
> #dn: ou=people, o=test.sispi.it
> dn: dc=test.sispi,dc=it
> objectClass: dcObject
> dc: test.sispi
> #objectclass: top
> #objectclass: organizationalUnit
> #objectclass: organization
> #ou: Accounting
> #description: example unit
> #tel: 555-5559
> 
> #dn: cn=Davide Salerno, ou=people, o=test.sispi.it
> dn: cn=Davide Salerno,dc=test.sispi,dc=it
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> cn: Davide Salerno
> sn: Salerno
> givenName: Davide
> mail: [EMAIL PROTECTED]
> userPassword: {sha}KDIE3AL9DK
> ou: Accounting
> ou: people
> telephoneNumber: 2616
> roomNumber: 220
> 
> dn: cn=Salvo Musmeci,dc=test.sispi,dc=it
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> cn: Salvo Musmeci
> sn: Musmeci
> givenName: Salvo
> mail: [EMAIL PROTECTED]
> userPassword: {sha}jdl2alem87dlacz1
> ou: Manufacturing
> ou: people
> telephoneNumber: 2875
> roomNumber: 221
> 
> dn: cn=Jerry Cannatella,dc=test.sispi,dc=it
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> cn: Jerry Cannatella
> sn: Cannatella
> givenName: Jerry
> mail: [EMAIL PROTECTED]
> userPassword: {sha}nn2msx761
> ou: Manufacturing
> ou: people
> telephoneNumber: 2874
> roomNumber: 223
> 
> dn: cn=Nando Gambino,dc=test.sispi,dc=it
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> cn: Nando Gambino
> sn: Gambino
> givenName: Nando
> mail: [EMAIL PROTECTED]
> userPassword: {sha}nn2msx761
> ou: Accounting
> ou: people
> telephoneNumber: 3874
> roomNumber: 123
> 
> On the qmail side (the other machine) this is my control directory settings
> 
> ldapbasedn    dc=test.sispi, dc=it
> ldapserver    195.103.200.30:389
> ldaplogin     cn=davide, dc=test.sipi, dc=it
> ldappassword  segreta
> 
> I hope you can find what's wrong!!
> thank you
> Best Regard
> davide
> 
> 
> -----Messaggio originale-----
> Da: Fï¿½bio Gomes [mailto:[EMAIL PROTECTED]]
> Inviato: martedï¿½ 16 luglio 2002 13.44
> Cc: Qmail-Ldap
> Oggetto: Re: h_e_l_p
> 
> 
> Please send us a showctl unedited and a sample ldap user entry.
> 
> Regards,
> Fï¿½bio Gomes
> 
> 
> 
> Davide Salerno wrote:
> 
>>Hello all,
>>i have an ldap server running on a remote machine and a qmail server
> 
> running
> 
>>on another machine in the same network.
>>I patched qmail with the qmail-ldap and compiled it succesfully.
>>After configuring it (using lifewithqmail tutorial), i tried to test it
> 
> with
> 
>>ldaplookup command of qmail.
>>
>># ./qmail-ldaplookup -m [EMAIL PROTECTED]
>>init_ldap:      passwords are not compared via rebind
>>                localdelivery:   on
>>                clustering:      off
>>                ldapobjectclass:
>>                homedirmaker:
>>                defaultDotMode:  ldaponly
>>                defaultQuota:
>>                QuotaWarning:
>>------
>>undefined
>>------
>>qldap_open:     NOT successful: binding to ldap server failed
>>
>>any toughts??
>>what does it mean?
>>davide
>>
>>
>>
>>
>>
> 
> 
> 
> 
> --
> @_{2**2..6*6}=split//,"ï¿½iGsDDbooe  eoin m-IsvveoF Tenlmt";print
> values%_,"\n"
> 
> 
> 
> 
> 
> 
> 
> 



-- 
@_{2**2..6*6}=split//,"ï¿½iGsDDbooe  eoin m-IsvveoF Tenlmt";print 
values%_,"\n"

Re: R: h_e_l_p

Reply via email to