Re: 2 domains confusion

Tue, 01 Apr 2003 00:50:30 -0800 

On Mon, Mar 31, 2003 at 10:33:41PM -0800, Roger Thomas wrote:
> setup: qmail-1.0.3, qmail-ldap patch and courier-imap
> 
> i have 2 clients, client1.com and client2.com
> i setup my ldap and imap servers: ldap.example.com, imap.example.com
> 
> 1) what should the content of /var/qmail/control/defaultdomain be ? should they
> contain client1.com and client2.com one entry per line ?
> 

This does not affect normal operation of qmail-ldap. This is only used for
rcpt/senders without domain part. I normaly use the main name of the mail
server.

> 2) what should the content of /var/qmail/control/ldapbasedn be ? should they
> contain dc=client1,dc=com and dc=client2,dc=com one entry per line ?
> 

The base dn should be the dn part that covers all your customers. I
personaly don't like the dc stile dn's. I use ou, o, c stile dn's.

> 3) what should the content of /var/qmail/control/ldaplogin be ?  should they
> contain cn=qmail,o=Administrators,dc=client1,dc=com and
> cn=qmail,o=Administrators,dc=client2,dc=com one entry per line ?
> 

This has to be a valid login that has access to the needed infos.
This depends on your ldap acl setup. Only the first line will be used.
In your case qmail would have access to client1 but not to client2 (See
2).

> 4) what should the content of /usr/lib/courier/etc/authldaprc be ?
> can i do it like this:
> LDAP_SERVER             ldap.example.com
> LDAP_PORT               389
> LDAP_BASEDN             dc=client1,dc=com
> LDAP_BINDDN             cn=courier, o=Administrators, dc=client1,dc=com
> LDAP_BINDPW             secret
> LDAP_TIMEOUT            5
> LDAP_AUTHBIND           0
> LDAP_MAIL               mail
> LDAP_DOMAIN             client1.com
> LDAP_GLOB_UID           vmail
> LDAP_GLOB_GID           vmail
> LDAP_HOMEDIR            mailMessageStore
> LDAP_MAILDIR            mailMessageStore
> LDAP_FULLNAME           cn
> LDAP_CRYPTPW            userPassword
> LDAP_MAILDIRQUOTA       mailQuota
> 
> !! what about the entry for client2.com ? where should i fill it up ? :(
> 

Use auth_imap of qmail-ldap and forget about all courier auth modules.
I use this chain of programs:
tcpdump imaplogin auth_imap pbsadd imapd

> 5) my slapd.conf looks like:

You should probably use a different admin password (rootpw).


-- 
:wq Claudio

Reply via email to