[vchkpw] Vpopmail + ldap problem
Hello... I have a qmail + ldap server... Everything is working good, but I have a problem with the vpopmail commands, when I'm trying to modify the password with the vchangepw it says: Error: No such object (32) matched DN: ou= uniibague.edu.co,o=vpopmail but with vuserinfo command I can see the user. My ldap tree is like this: o=vpopmail ou=domain ou=persons ou=employers The user I'm trying to change is in the last sub tree, it's maybe because the user is located in a sub tree??? Any ideas?? Thanks -- Erika...
[vchkpw] vpopmail+ldap: question about passwords
Hi, I'm evaluating about installation of vpopmail with LDAP support, but reading the file qmailUser.schema i didn't find the definition of password attribute, but only clearPassword attribute, for qmail Clear Password for APOP. The question is: vpopmail stores encrypted passwords in LDAP, or not? Regards, Alessandro
RE: [vchkpw] vpopmail + ldap problem
-Original Message- From: Oliver A. Rojo Sent: Sunday, March 19, 2006 5:07 AM To: vchkpw@inter7.com Subject: Re: [vchkpw] vpopmail + ldap problem Jennifer Abel wrote: -Original Message- From: Oliver A. Rojo [mailto:[EMAIL PROTECTED] Sent: Thursday, March 16, 2006 9:26 PM To: Vpopmail Mailing List Subject: [vchkpw] vpopmail + ldap problem Im having a problem with integrating vpopmail with ldap. I've already installed everything... What I did: 1. I set these options on vldap.h before compile #define VLDAP_SERVER localhost #define VLDAP_PORT LDAP_PORT #define VLDAP_USER cn=vpopmailuser, o=vpopmail #define VLDAP_PASSWORD vpoppasswd #define VLDAP_BASEDN o=vpopmail 2. My compile options --enable-auth-module=ldap 3. Copied the file slapd.conf and qmailUser.schema from the vpopmail ldap directory to ldap etc/ and schema/ directory 4. Successful creation of vpopmail database ldapadd -f vpopmail.ldif -x -w vpoppasswd -D'cn=vpopmailuser,o=vpopmail' The problem is when I add a virtual domain /home/vpopmail/bin/vadddomain mydomain.com I get an error saying: Error: Object class violation (65) additional info: object class 'qmailUser' requires attribute 'sn' Failed while attempting to add user to auth backend Error: (vadduser) no auth connection What seems to be the problem here? Did I missed something? Please help! Thanks! -- Oliver A. Rojo __ This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. I am new to LDAP, so I am not sure what I might have possibly broken. The way I stopped that error from happening was to edit the schemas. I changed sn and cn from must to may in the Person directive in core.schema. Jennifer ok i've changed 'person' objectclass at core.schema from objectclass ( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person' SUP top STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) ) TO objectclass ( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person' SUP top STRUCTURAL MAY ( sn $ cn ) MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) ) but when I start slapd it failed and says: Duplicate option before ( userPassword $ telephoneNumber $ seeAlso $ description ) ) -- Oliver A. Rojo __ This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. Oliver A. Rojo, My person in core.schema looks like this: objectclass ( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person' SUP top STRUCTURAL MAY ( userPassword $ telephoneNumber $ seeAlso $ description $ sn $ cn ) ) It works fine for me with OpenLDAP 2.3.4 and 2.3.11. Maybe that will work for you. Again I am new, but it works for me. Hope you get everything working. Jennifer
Re: [vchkpw] vpopmail + ldap problem
Jennifer Abel wrote: -Original Message- From: Oliver A. Rojo [mailto:[EMAIL PROTECTED] Sent: Thursday, March 16, 2006 9:26 PM To: Vpopmail Mailing List Subject: [vchkpw] vpopmail + ldap problem Im having a problem with integrating vpopmail with ldap. I've already installed everything... What I did: 1. I set these options on vldap.h before compile #define VLDAP_SERVER localhost #define VLDAP_PORT LDAP_PORT #define VLDAP_USER cn=vpopmailuser, o=vpopmail #define VLDAP_PASSWORD vpoppasswd #define VLDAP_BASEDN o=vpopmail 2. My compile options --enable-auth-module=ldap 3. Copied the file slapd.conf and qmailUser.schema from the vpopmail ldap directory to ldap etc/ and schema/ directory 4. Successful creation of vpopmail database ldapadd -f vpopmail.ldif -x -w vpoppasswd -D'cn=vpopmailuser,o=vpopmail' The problem is when I add a virtual domain /home/vpopmail/bin/vadddomain mydomain.com I get an error saying: Error: Object class violation (65) additional info: object class 'qmailUser' requires attribute 'sn' Failed while attempting to add user to auth backend Error: (vadduser) no auth connection What seems to be the problem here? Did I missed something? Please help! Thanks! -- Oliver A. Rojo __ This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. I am new to LDAP, so I am not sure what I might have possibly broken. The way I stopped that error from happening was to edit the schemas. I changed sn and cn from must to may in the Person directive in core.schema. Jennifer ok i've changed 'person' objectclass at core.schema from objectclass ( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person' SUP top STRUCTURAL MUST ( sn $ cn ) MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) ) TO objectclass ( 2.5.6.6 NAME 'person' DESC 'RFC2256: a person' SUP top STRUCTURAL MAY ( sn $ cn ) MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) ) but when I start slapd it failed and says: Duplicate option before ( userPassword $ telephoneNumber $ seeAlso $ description ) ) -- Oliver A. Rojo __ This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.
Re: [vchkpw] vpopmail + ldap problem
Edy Sulai wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 You much fill out the sn field because in qmailUser object, sn is required attribute. Make sure each object has their sn entry. I had vpopmail setup with ldap before, but that was quite a long time ago. As I remembered, a patch to vpopmail source was required. I'm not sure on newer vpopmail version. Edy Oliver A. Rojo wrote: Im having a problem with integrating vpopmail with ldap. I've already installed everything... What I did: 1. I set these options on vldap.h before compile #define VLDAP_SERVER localhost #define VLDAP_PORT LDAP_PORT #define VLDAP_USER cn=vpopmailuser, o=vpopmail #define VLDAP_PASSWORD vpoppasswd #define VLDAP_BASEDN o=vpopmail 2. My compile options --enable-auth-module=ldap 3. Copied the file slapd.conf and qmailUser.schema from the vpopmail ldap directory to ldap etc/ and schema/ directory 4. Successful creation of vpopmail database ldapadd -f vpopmail.ldif -x -w vpoppasswd -D'cn=vpopmailuser,o=vpopmail' The problem is when I add a virtual domain /home/vpopmail/bin/vadddomain mydomain.com I get an error saying: Error: Object class violation (65) additional info: object class 'qmailUser' requires attribute 'sn' Failed while attempting to add user to auth backend Error: (vadduser) no auth connection What seems to be the problem here? Did I missed something? Please help! Thanks! -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEGiR0zkzx2xIRtA0RAlicAJ0Y/YP5ReSMqzNtof8LEapTfhdJ/gCgj9EY SFhwQEj7PVvsAnuQjJsXulQ= =CLJJ -END PGP SIGNATURE- where will I fill out the 'sn' entry? is it on the schema files? im sorry im just a newbie openldap user. -- Oliver A. Rojo __ This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.
Re: [vchkpw] vpopmail + ldap problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Easiest way to edit ldap object is through a GUI client, ie: phpldapadmin, ldapadministrator, etc. search for ldap client, you should get quite a lot of option. I use JExplorer myself. or you could do it by command line with ldapmodify command. And for editing schema file, it's quite complicated considering the tree structure and whole standard thing. I wouldn't recommend messing the schema unless you really know what you are doing. as Matheau pointed out, vpopmail schema file could be outdated. correct me if i'm wrong but i believed inter7 doesn't provide vpopmail with ldap functionality. it's an add-on thing and plus ldap function was made available only because a client of inter7 requested ldap function. it would be a waste to left the code unused, so they made it available but without any support whatsoever (unless you pay them to do it). So, it's doesnot look pretty. you have to make it work on your own. I did that before. Look at other option, maybe qmail-ldap? could work a lot better with enermous support/documentation. Edy Oliver A. Rojo wrote: Edy Sulai wrote: You much fill out the sn field because in qmailUser object, sn is required attribute. Make sure each object has their sn entry. I had vpopmail setup with ldap before, but that was quite a long time ago. As I remembered, a patch to vpopmail source was required. I'm not sure on newer vpopmail version. Edy Oliver A. Rojo wrote: Im having a problem with integrating vpopmail with ldap. I've already installed everything... What I did: 1. I set these options on vldap.h before compile #define VLDAP_SERVER localhost #define VLDAP_PORT LDAP_PORT #define VLDAP_USER cn=vpopmailuser, o=vpopmail #define VLDAP_PASSWORD vpoppasswd #define VLDAP_BASEDN o=vpopmail 2. My compile options --enable-auth-module=ldap 3. Copied the file slapd.conf and qmailUser.schema from the vpopmail ldap directory to ldap etc/ and schema/ directory 4. Successful creation of vpopmail database ldapadd -f vpopmail.ldif -x -w vpoppasswd -D'cn=vpopmailuser,o=vpopmail' The problem is when I add a virtual domain /home/vpopmail/bin/vadddomain mydomain.com I get an error saying: Error: Object class violation (65) additional info: object class 'qmailUser' requires attribute 'sn' Failed while attempting to add user to auth backend Error: (vadduser) no auth connection What seems to be the problem here? Did I missed something? Please help! Thanks! where will I fill out the 'sn' entry? is it on the schema files? im sorry im just a newbie openldap user. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEHgYFzkzx2xIRtA0RAlswAKCSi2vtL0DEWZuWqfhb0SzI4IXKGgCdE4/2 x74Dc0L8t1/7Zs4kRS+hphM= =YVbk -END PGP SIGNATURE-
Re[2]: [vchkpw] vpopmail + ldap problem
Friday, March 17, 2006, 3:59:37 PM, you wrote: -Original Message- From: Oliver A. Rojo [mailto:[EMAIL PROTECTED] Sent: Thursday, March 16, 2006 9:26 PM To: Vpopmail Mailing List Subject: [vchkpw] vpopmail + ldap problem Im having a problem with integrating vpopmail with ldap. I've already installed everything... What I did: 1. I set these options on vldap.h before compile #define VLDAP_SERVER localhost #define VLDAP_PORT LDAP_PORT #define VLDAP_USER cn=vpopmailuser, o=vpopmail #define VLDAP_PASSWORD vpoppasswd #define VLDAP_BASEDN o=vpopmail 2. My compile options --enable-auth-module=ldap 3. Copied the file slapd.conf and qmailUser.schema from the vpopmail ldap directory to ldap etc/ and schema/ directory 4. Successful creation of vpopmail database ldapadd -f vpopmail.ldif -x -w vpoppasswd -D'cn=vpopmailuser,o=vpopmail' The problem is when I add a virtual domain /home/vpopmail/bin/vadddomain mydomain.com I get an error saying: Error: Object class violation (65) additional info: object class 'qmailUser' requires attribute 'sn' Failed while attempting to add user to auth backend Error: (vadduser) no auth connection What seems to be the problem here? Did I missed something? Please help! Thanks! -- Oliver A. Rojo __ This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. JA I am new to LDAP, so I am not sure what I might have possibly broken. JA The way I stopped that error from happening was to edit the schemas. JA I changed sn and cn from must to may in the Person directive in JA core.schema. JA Jennifer JA this is a bug in the vpopmail ldap schema (the schema is bad) Their schema works until version 2.3 of OpenLdap. Mathieu CHATEAU
RE: [vchkpw] vpopmail + ldap problem
-Original Message- From: Oliver A. Rojo [mailto:[EMAIL PROTECTED] Sent: Thursday, March 16, 2006 9:26 PM To: Vpopmail Mailing List Subject: [vchkpw] vpopmail + ldap problem Im having a problem with integrating vpopmail with ldap. I've already installed everything... What I did: 1. I set these options on vldap.h before compile #define VLDAP_SERVER localhost #define VLDAP_PORT LDAP_PORT #define VLDAP_USER cn=vpopmailuser, o=vpopmail #define VLDAP_PASSWORD vpoppasswd #define VLDAP_BASEDN o=vpopmail 2. My compile options --enable-auth-module=ldap 3. Copied the file slapd.conf and qmailUser.schema from the vpopmail ldap directory to ldap etc/ and schema/ directory 4. Successful creation of vpopmail database ldapadd -f vpopmail.ldif -x -w vpoppasswd -D'cn=vpopmailuser,o=vpopmail' The problem is when I add a virtual domain /home/vpopmail/bin/vadddomain mydomain.com I get an error saying: Error: Object class violation (65) additional info: object class 'qmailUser' requires attribute 'sn' Failed while attempting to add user to auth backend Error: (vadduser) no auth connection What seems to be the problem here? Did I missed something? Please help! Thanks! -- Oliver A. Rojo __ This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. I am new to LDAP, so I am not sure what I might have possibly broken. The way I stopped that error from happening was to edit the schemas. I changed sn and cn from must to may in the Person directive in core.schema. Jennifer
Re: [vchkpw] vpopmail + ldap problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 You much fill out the sn field because in qmailUser object, sn is required attribute. Make sure each object has their sn entry. I had vpopmail setup with ldap before, but that was quite a long time ago. As I remembered, a patch to vpopmail source was required. I'm not sure on newer vpopmail version. Edy Oliver A. Rojo wrote: Im having a problem with integrating vpopmail with ldap. I've already installed everything... What I did: 1. I set these options on vldap.h before compile #define VLDAP_SERVER localhost #define VLDAP_PORT LDAP_PORT #define VLDAP_USER cn=vpopmailuser, o=vpopmail #define VLDAP_PASSWORD vpoppasswd #define VLDAP_BASEDN o=vpopmail 2. My compile options --enable-auth-module=ldap 3. Copied the file slapd.conf and qmailUser.schema from the vpopmail ldap directory to ldap etc/ and schema/ directory 4. Successful creation of vpopmail database ldapadd -f vpopmail.ldif -x -w vpoppasswd -D'cn=vpopmailuser,o=vpopmail' The problem is when I add a virtual domain /home/vpopmail/bin/vadddomain mydomain.com I get an error saying: Error: Object class violation (65) additional info: object class 'qmailUser' requires attribute 'sn' Failed while attempting to add user to auth backend Error: (vadduser) no auth connection What seems to be the problem here? Did I missed something? Please help! Thanks! -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEGiR0zkzx2xIRtA0RAlicAJ0Y/YP5ReSMqzNtof8LEapTfhdJ/gCgj9EY SFhwQEj7PVvsAnuQjJsXulQ= =CLJJ -END PGP SIGNATURE-
[vchkpw] vpopmail+ldap and schemacheck
Hi, Is there anyone successfully running well vpopmail with ldap but without enabling 'schemacheck off' in slapd.conf ? How to trick it ? I just upgrade my openldap, but right now it's not support schema checking anymore. Here is from my openldap log: Jan 18 20:39:58 mysql2 slapd[21707]: @(#) $OpenLDAP: slapd 2.2.27 (Sep 9 2005 17:48:51) $ [EMAIL PROTECTED]:/usr/src/package s/BUILD/openldap-2.2.27/servers/slapd Jan 18 20:39:58 mysql2 slapd[21707]: /etc/openldap/slapd.conf: line 9: schema checking cannot be diabled, option ignored! Jan 18 20:39:58 mysql2 slapd[21707]: bdb_db_init: Initializing BDB database Jan 18 20:39:58 mysql2 slapd[21708]: slapd starting Thanks in advance Ferry
Re: [vchkpw] vpopmail + ldap addressbook questions
Thanks. Though this isn't exactly what I would like to do, I used it to make several scripts that tie in with qmailadmin's hooks. As soon as I have some time to clean them up a bit I will post them somewhere. -- Will On Sat, 26 Nov 2005, [EMAIL PROTECTED] spewed forth with great vigilance: hi, i.m using mysql+vpopmail configuration and export users with scripts i have created 3 scripts in sequence for export users of vpopmail to LDAP 1- LDAP REMOVE - Execute the command (ldap_remove.sh remove.ldif) 2- LDAP CREATE OU - Execute the command (ldap_create_ou.sh ou.ldif) 3- LDAP IMPORT USERS - Execure the comand (ldap_create.sh users.ldif) After the files .ldif created, import to LDAP using ldapadd. OBS: config the outlook and webmail to access the base for LDAP (ou=Addressbook,dc=teste) Verify the scripts bellow: # ldap_remove.sh ### date /usr/util/Gerar_OU_Lista_Remocao.log for domains in `ls ~vpopmail/domains` do OU=$domains OBJCLASS1=objectClass: top OBJCLASS2=objectClass: organizationalUnit DN=ou=$domains,ou=AddressBook,dc=test printf $DN\n done date /usr/util/Gerar_OU_Lista_Remocao.log exit 1 # ldap_rcreate_ou.sh ### #!/bin/bash date /usr/util/Gerar_OU_Lista.log for domains in `ls ~vpopmail/domains` do OU=$domains OBJCLASS1=objectClass: top OBJCLASS2=objectClass: organizationalUnit DN=ou=$domains,ou=AddressBook,dc=test printf dn: $DN\n printf ou: $domains\n printf $OBJCLASS1\n printf $OBJCLASS2\n\n done date /usr/util/Gerar_OU_Lista.log exit 1 # ldap_create_ou.sh ### # ldap_create.sh ### #!/bin/bash date /usr/util/Gerar_Lista.log for domains in `ls ~vpopmail/domains` do OBJO=`echo $domains|cut -d. -f1` for NOME in `/home/vpopmail/bin/vuserinfo -D $domains -n` do MAIL=[EMAIL PROTECTED] CN=`~vpopmail/bin/vuserinfo -c $MAIL` OBJCLASS1=objectClass: top OBJCLASS2=objectClass: inetOrgPerson DN=$CN,OU=$domains,OU=AddressBook,dc=test printf dn: cn=$DN\n printf mail: $MAIL\n printf cn: $CN\n printf sn: $CN\n printf o: $OBJO\n printf $OBJCLASS1\n printf $OBJCLASS2\n printf \n done done date /usr/util/Gerar_Lista.log exit 1 # ldap_create.sh ### I have successfully setup the LDAP authentication backend for vpopmail without too many problems, and it is working. What I would like to do now is integrate this with an LDAP addressbook for my corporate users. I haven't had much luck in finding definate solutions for this yet, so I'm hoping someone here has done this before. -- Will -- Will
Re: [vchkpw] vpopmail + ldap addressbook questions
hi, i.m using mysql+vpopmail configuration and export users with scripts i have created 3 scripts in sequence for export users of vpopmail to LDAP 1- LDAP REMOVE - Execute the command (ldap_remove.sh remove.ldif) 2- LDAP CREATE OU - Execute the command (ldap_create_ou.sh ou.ldif) 3- LDAP IMPORT USERS - Execure the comand (ldap_create.sh users.ldif) After the files .ldif created, import to LDAP using ldapadd. OBS: config the outlook and webmail to access the base for LDAP (ou=Addressbook,dc=teste) Verify the scripts bellow: # ldap_remove.sh ### date /usr/util/Gerar_OU_Lista_Remocao.log for domains in `ls ~vpopmail/domains` do OU=$domains OBJCLASS1=objectClass: top OBJCLASS2=objectClass: organizationalUnit DN=ou=$domains,ou=AddressBook,dc=test printf $DN\n done date /usr/util/Gerar_OU_Lista_Remocao.log exit 1 # ldap_rcreate_ou.sh ### #!/bin/bash date /usr/util/Gerar_OU_Lista.log for domains in `ls ~vpopmail/domains` do OU=$domains OBJCLASS1=objectClass: top OBJCLASS2=objectClass: organizationalUnit DN=ou=$domains,ou=AddressBook,dc=test printf dn: $DN\n printf ou: $domains\n printf $OBJCLASS1\n printf $OBJCLASS2\n\n done date /usr/util/Gerar_OU_Lista.log exit 1 # ldap_create_ou.sh ### # ldap_create.sh ### #!/bin/bash date /usr/util/Gerar_Lista.log for domains in `ls ~vpopmail/domains` do OBJO=`echo $domains|cut -d. -f1` for NOME in `/home/vpopmail/bin/vuserinfo -D $domains -n` do MAIL=[EMAIL PROTECTED] CN=`~vpopmail/bin/vuserinfo -c $MAIL` OBJCLASS1=objectClass: top OBJCLASS2=objectClass: inetOrgPerson DN=$CN,OU=$domains,OU=AddressBook,dc=test printf dn: cn=$DN\n printf mail: $MAIL\n printf cn: $CN\n printf sn: $CN\n printf o: $OBJO\n printf $OBJCLASS1\n printf $OBJCLASS2\n printf \n done done date /usr/util/Gerar_Lista.log exit 1 # ldap_create.sh ### I have successfully setup the LDAP authentication backend for vpopmail without too many problems, and it is working. What I would like to do now is integrate this with an LDAP addressbook for my corporate users. I haven't had much luck in finding definate solutions for this yet, so I'm hoping someone here has done this before. -- Will
[vchkpw] vpopmail + ldap addressbook questions
I have successfully setup the LDAP authentication backend for vpopmail without too many problems, and it is working. What I would like to do now is integrate this with an LDAP addressbook for my corporate users. I haven't had much luck in finding definate solutions for this yet, so I'm hoping someone here has done this before. -- Will
Re: [vchkpw] vpopmail ldap round robin
On Jun 28, 2005, at 10:25 PM, Mathieu CHATEAU wrote: Hello all, some points regarding vpopmail ldap. 1/ qmailUser.schema while it is working with openldap 2.2.26, it's not with openldap 2.2.27. it inherits objects from person objectclass where they are MUST. qmailUser call them in a MAY but it's not correct. We can go from may to must but not the oppposite. The matter is that qmailadmin does not create the sn cn and so it's not possible to create account with 2.2.27 2/ Round robin DNS i have put ldap.mydomain.com in vldap.h it returns two ip in round robin. it works, but if i shutdown the one used, vchkpw does not fail over to the other one. it should go to the other one after the dns ttl expires. does someone already done it with success ? how to clear the dns cache entry used by vpopmail ? The DNS is cached by whatever local resolver you are using.This may be dnscache, or bind. For dnscache, just restart it to clear it's cache, and for bind, you will need to read the man page. Besides the point, round robin DNS is not a really good fail-safe way to do backup hosts. I'd suggest at looking at CARP. For a small fix, set the timeout on DNS to 10 seconds, and the local resolver will fetch new records every ten seconds, so it is a max of 10 seconds that vpopmail should keep one IP. Full disclosure: I am assuming the code in vpopmail will randomly pick an IP address or, at least try them one at a time if one of them fails. I have not checked this. Nor do i run a vpopmail system with LDAP. thank you in advance, -- Best regards, Mathieu mailto:[EMAIL PROTECTED] Jan-Willem Regeer This message is authored under the license which can be found at http://x-istence.com/LICENSE smime.p7s Description: S/MIME cryptographic signature
[vchkpw] vpopmail ldap checking authentification from something else than vpopmail
hello all, here is the great setup: vpopmail 5.4.9 openldap 2.2.26 everything is ok : add,remove,modify accounts that's are on the ldap. I get mails co :) but, as many people as seen on the mailing list, i can't authenticate users from something else than vpopmail. from the mailing list, the best information i could find is a difference in the MD5 generated by vpopmail and others softwares: http://www.mail-archive.com/vchkpw@inter7.com/msg15955.html I think this workaround (going to crypt) is not possible now, it's md5 or DES... Am I right ? does someone know if something is going to be done ? It's great to have accounts in ldap to share them between apps, but if it's not possible, then it's useless... another thing : i have an *old* mailer with vpopmail 5.2.1 openldap 2.0.X and this is NOT an issue. thank you in advance, -- Best regards, Mathieu mailto:[EMAIL PROTECTED]
[vchkpw] vpopmail ldap round robin
Hello all, some points regarding vpopmail ldap. 1/ qmailUser.schema while it is working with openldap 2.2.26, it's not with openldap 2.2.27. it inherits objects from person objectclass where they are MUST. qmailUser call them in a MAY but it's not correct. We can go from may to must but not the oppposite. The matter is that qmailadmin does not create the sn cn and so it's not possible to create account with 2.2.27 2/ Round robin DNS i have put ldap.mydomain.com in vldap.h it returns two ip in round robin. it works, but if i shutdown the one used, vchkpw does not fail over to the other one. it should go to the other one after the dns ttl expires. does someone already done it with success ? how to clear the dns cache entry used by vpopmail ? thank you in advance, -- Best regards, Mathieu mailto:[EMAIL PROTECTED]
[vchkpw] vpopmail + ldap
Hello, I have been charged with setting up a new mail server for our small college, and I really want to use qmail+vpopmail, because of the admin features of qmailadmin. (and ezmlm, .qmail files, etc) The catch: My user database is in Active Directory, and I can't talk management out of letting it go yet. I have been reading about the possibility of changing the AD schema to work with vpopmail's ldap module, and I have gotten the go-ahead to do that if I can make it work on my test domain, but if anyone has any better ideas on how to do this, if it will work at all, I would greatly appreciate them. Possibilities I have thought about: 1. Modify AD schema. This seems to be messy, and I'm not sure it would work at all. Can I use the OpenLDAP schema file included with vpopmail to use as a template for AD? 2. Run separate OpenLDAP database on the mail server, and sync passwords. However, I don't know if this one is feasible or even possible? If anyone has tackled something similar and knows the most efficient way to handle it, I would really appreciate the advice (This includes if you have talked your superiors into letting go of AD)! If I'm barking up a dead tree, I would love to know that, too. Thanks in advance, Mike
Re: [vchkpw] vpopmail + ldap
On Mar 18, 2005, at 7:06 AM, Mike Husmann wrote: The catch: My user database is in Active Directory, and I can't talk management out of letting it go yet. There's an Active Directory authentication module in the source code. I don't know who wrote it, how to use it, whether it ever worked, or if it has even kept up with changes we've made to the other modules. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com
Re: [vchkpw] vpopmail + ldap
On Fri, March 18, 2005 9:15 am, Tom Collins said: On Mar 18, 2005, at 7:06 AM, Mike Husmann wrote: The catch: My user database is in Active Directory, and I can't talk management out of letting it go yet. There's an Active Directory authentication module in the source code. I don't know who wrote it, how to use it, whether it ever worked, or if it has even kept up with changes we've made to the other modules. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ You don't need a laptop to troubleshoot high-speed Internet: sniffter.com I tried to compile it, but that fails, complaining about undefined references to ldap functions. The documentation I've read says to stay away from using it, especially in a production environment. So I turn back to ldap: Is it possible/feasible to extend the AD schema to make it work? Thanks, Mike
Re: [vchkpw] vpopmail + ldap
On Friday 18 March 2005 9:15 am, Tom Collins wrote: On Mar 18, 2005, at 7:06 AM, Mike Husmann wrote: The catch: My user database is in Active Directory, and I can't talk management out of letting it go yet. There's an Active Directory authentication module in the source code. I don't know who wrote it, how to use it, whether it ever worked, or if it has even kept up with changes we've made to the other modules. I wrote the active directory module. It talked to code running on a windows machine. We had it up and running but we dropped the project after there was no interest in it. We can probably delete it from the project. Ken Jones
RE: [vchkpw] vpopmail + ldap
Mike Husmann wrote: I tried to compile it, but that fails, complaining about undefined references to ldap functions. The documentation I've read says to stay away from using it, especially in a production environment. So I turn back to ldap: Is it possible/feasible to extend the AD schema to make it work? Thanks, Mike I wouldn't mess with the schema. Have you thought about bridging to LDAP from RADIUS? IIRC you can get a fairly standard RADIUS server out of AD. Perhaps you can get a RADIUS to LDAP bridge going. Or even a script that dumps from RADIUS into MySql. I'm not an LDAP expert, but I've always wondered if it was possible.
[vchkpw] vpopmail ldap storage
Hi, I've set up vpopmail with ldap storage and it's working great. However, I'd like it to store the domain and user information in a different distinguished name. For example, right now user information is stored in uid=john, ou=test.com,o=vpopmail How would I go about storing it in uid=john,ou=Users,ou=OxObjects,dc=example,dc=org It looks like I would have to change the source code, but it seems pretty simple. As a side note, I'm trying to integrate www.open-xchange.org into vpopmail. Thank you for your help. Andy
[vchkpw] Vpopmail + LDAP + Egroupware
Hi all , I 've started a project and I have been used qmail + vpopmail + ldap + egroupware . And just have little a problem . The crypt algorithm to create MD5 password . >From egroupware I have one crypt pass and in vpopmail have another . Any one can help me in how to change this algorithm to make works . Saulo Augusto Silva RHCE - Engenheiro Certificado REDHAT Linux Cia. Processamento de Dados do Estado da Bahianbsp; [EMAIL PROTECTED] [EMAIL PROTECTED] attachment: red_hat_cert_eng_logo-clr.jpg
Re: [vchkpw] vpopmail+ldap developer?
- Original Message - From: Michael Bowe [EMAIL PROTECTED] I am currently in the process of producing documentation along with a set of patches, so that we can ensure the LDAP module is good to go for the upcoming 5.4 release OK that has been done. Changes have been uploaded to CVS I haven't heavily tested all the various parts of vpopmail+ldap, but in general everything looks to be functional. Michael.
Re: [vchkpw] vpopmail+ldap developer?
- Original Message - From: Michael Bowe [EMAIL PROTECTED] - Original Message - From: Tom Collins [EMAIL PROTECTED] On Friday, December 5, 2003, at 10:23 AM, Oscar Retana M. wrote: I've found several bugs in vldap.c module. Who should I contact to report the bugs... and the solutions :) Please post patches to SourceForge http://vpopmail.sf.net/. Make sure they're against the latest development version. As far as I know, we don't have an active maintainer for LDAP. Michael Bowe has looked at it a bit, but I don't think any of the current developers have an LDAP setup to test with. Yes, I have done some assorted minor work with the LDAP module, making sure it compiles successfully etc. I recently tried to get a working vpopmail/LDAP install going on my test machine, but I found the LDAP config all a bit bewildering. :-/ The README.ldap file that comes with the vpopmail source had some information, but it wasnt sufficiently clear enough for an LDAP beginner like me. I would really LOVE for someone who has got the LDAP module up and running to type up a quick step-by-step guide showing how they did it. We could then use this as a basis for getting the README.ldap guide up to date. I have been working on getting the various README files up to date before vpopmail-5.3.x gets marked as 5.4-stable. It seems that quite a few people are using the LDAP module, so it would be great if we could get the docs up to speed before 5.4. This weekend I have spent some time tinkering with vpopmail+ldap, and at last have successfully got it going :-) I have located quite a few pieces of code that need to be updated I am currently in the process of producing documentation along with a set of patches, so that we can ensure the LDAP module is good to go for the upcoming 5.4 release Michael.
RE: [vchkpw] vpopmail+ldap developer?
Well done Michael! :) Shane This weekend I have spent some time tinkering with vpopmail+ldap, and at last have successfully got it going :-) I have located quite a few pieces of code that need to be updated I am currently in the process of producing documentation along with a set of patches, so that we can ensure the LDAP module is good to go for the upcoming 5.4 release Michael.
[vchkpw] vpopmail+ldap error
hi, i was using vpopmail 5.2 with ldap support and it was running ok, but now i need the vpopmail with qmailadmin or vqadmini read that i need to use vpopmail 5.29 with qmailadmin1.0.19 but i cant make vpopmail work with ldap cause im getting an error like if vpopmail cant handle ldap connectionsbut it was working before , so ...i don´t know what to docan someone helpme??? []´s Bruno Ricci
Re: [vchkpw] Re:?[vchkpw]?vpopmail?+?ldap:?Error?80
On Tuesday, December 16, 2003, at 04:37 PM, [EMAIL PROTECTED] wrote: but it scares me if there are few people using vpopmail-ldap. maybe i should use qmail-ldap instead? but i already use vpopmail 2 years, and it works great. now every service are using ldap, so i hope maybe vpopmail can catchup... Actually, we have no idea how many people are using LDAP. None of the current developers use it, so we can't do much testing. If it's working, then there's no need to stop using it. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
[vchkpw] vpopmail + ldap: Error 80
Despite the message found in README.ldap, Using vpopmail with LDAP is not very common, I have no other choise; I have to use it. I'll try to solve the bugs I find, and then even upload the patches. Buy maybe someone has already faced this problem: vadddomain test.com password Error: Internal (implementation specific) error 80 Error 80 - 0x50 LDAP_OTHER - Unknown Error - Cool! Any idea? I'm testing version 5.4.0.pre1. - Oscar
Re: [vchkpw] vpopmail + ldap: Error 80
Oscar Retana M. wrote: Despite the message found in README.ldap, Using vpopmail with LDAP is not very common, I have no other choise; I have to use it. I'll try to solve the bugs I find, and then even upload the patches. Buy maybe someone has already faced this problem: vadddomain test.com password Error: Internal (implementation specific) error 80 Error 80 - 0x50 LDAP_OTHER - Unknown Error - Cool! Any idea? I'm testing version 5.4.0.pre1. - Oscar Like README.ldap says, its not very common, in fact, we have no active commiter for ldap i believe, and its not in any good condition either. As far as i know, noone has ever seen that error before. X-Istence
Re: [vchkpw] vpopmail + ldap: Error 80
- Original Message - From: X-Istence [EMAIL PROTECTED] Oscar Retana M. wrote: vadddomain test.com password Error: Internal (implementation specific) error 80 Error 80 - 0x50 LDAP_OTHER - Unknown Error - Cool! Like README.ldap says, its not very common, in fact, we have no active commiter for ldap i believe, and its not in any good condition either. As far as i know, noone has ever seen that error before. Yes, I know there are people out there using the LDAP module, but we are really in desperate need of someone to contribute some notes showing the steps required to get vpopmail/ldap up and running. To try and faultfind this particular error, I would recommend you start adding some printf's to the source code (eg vadddomain() in vpopmail.c, vauth_adddomain() in vldap.c) to see if you can track down what is going wrong. Or maybe even try strace vadddomain test.com password Michael.
Re: [vchkpw] vpopmail+ldap developer?
- Original Message - From: Tom Collins [EMAIL PROTECTED] On Friday, December 5, 2003, at 10:23 AM, Oscar Retana M. wrote: I've found several bugs in vldap.c module. Who should I contact to report the bugs... and the solutions :) Please post patches to SourceForge http://vpopmail.sf.net/. Make sure they're against the latest development version. As far as I know, we don't have an active maintainer for LDAP. Michael Bowe has looked at it a bit, but I don't think any of the current developers have an LDAP setup to test with. Yes, I have done some assorted minor work with the LDAP module, making sure it compiles successfully etc. I recently tried to get a working vpopmail/LDAP install going on my test machine, but I found the LDAP config all a bit bewildering. :-/ The README.ldap file that comes with the vpopmail source had some information, but it wasnt sufficiently clear enough for an LDAP beginner like me. I would really LOVE for someone who has got the LDAP module up and running to type up a quick step-by-step guide showing how they did it. We could then use this as a basis for getting the README.ldap guide up to date. I have been working on getting the various README files up to date before vpopmail-5.3.x gets marked as 5.4-stable. It seems that quite a few people are using the LDAP module, so it would be great if we could get the docs up to speed before 5.4. Michael.
Re: [vchkpw] vpopmail+ldap developer?
On Friday, December 5, 2003, at 10:48 PM, X-Istence wrote: It would be nice to see an active developer for this part of vpopmail, would make a lot of things simpler for a company i work for, i do not have the time or skills to track down and find errors in the code. http://vpopmail.sourceforge.net/ to post your patches :) Even if you can't find errors in the code, you could take the time to report any problems you have with it by posting a bug report to SourceForge. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [vchkpw] vpopmail+ldap developer?
Tom Collins wrote: On Friday, December 5, 2003, at 10:48 PM, X-Istence wrote: It would be nice to see an active developer for this part of vpopmail, would make a lot of things simpler for a company i work for, i do not have the time or skills to track down and find errors in the code. http://vpopmail.sourceforge.net/ to post your patches :) Even if you can't find errors in the code, you could take the time to report any problems you have with it by posting a bug report to SourceForge. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/ Yes, certainly. It is something i am planning to do, but since the code is still buggy, i have not tested/tried it yet on any of the test boxes we use. X-Istence
[vchkpw] vpopmail+ldap developer?
Hello. I've found several bugs in vldap.c module. Who should I contact to report the bugs... and the solutions :) Bye. - Oscar Retana M.
Re: [vchkpw] vpopmail+ldap developer?
On Friday, December 5, 2003, at 10:23 AM, Oscar Retana M. wrote: I've found several bugs in vldap.c module. Who should I contact to report the bugs... and the solutions :) Please post patches to SourceForge http://vpopmail.sf.net/. Make sure they're against the latest development version. As far as I know, we don't have an active maintainer for LDAP. Michael Bowe has looked at it a bit, but I don't think any of the current developers have an LDAP setup to test with. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
Re: [vchkpw] vpopmail+ldap developer?
Oscar Retana M. wrote: Hello. I've found several bugs in vldap.c module. Who should I contact to report the bugs... and the solutions :) Bye. - Oscar Retana M. It would be nice to see an active developer for this part of vpopmail, would make a lot of things simpler for a company i work for, i do not have the time or skills to track down and find errors in the code. http://vpopmail.sourceforge.net/ to post your patches :) X-Istence
[vchkpw] vpopmail, LDAP and AD
Ok, I know this is going to ruffle some feathers, but I've been doing some research, and it looks possible and doable. I've been approached to recommend a mail server for a very large organization. However, they are a Microsoft shop, and will be migrating to Windows 2000 and Active Directory very shortly. For qmail+vpopmail to be acceptable to them, they want point and click. Ok, qmailadmin will give them point and click, but now they've got user information in two different places. I believe the ldap option for vpopmail works reasonably well, even if some people don't care for it :) And Active Directory is essential built on top of LDAP. So, has anybody done any actual work on having vpopmail authenticate against AD? TIA, Dave
Re: [vchkpw] Vpopmail +Ldap
Hi Koji, My slapd.conf include is: include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/qmailUser.schema But my ldap don't know attribute sn. What's happen??? My OpenLDAP version is 2.0.25 and my vpopmail 5.2.1 Thanks Marcos Dutra Em Ter 17 Set 2002 21:17, Sunagawa Koji / ?? ?? escreveu: Hi, Marcos Sep 17 16:33:45 crash slapd[22054]: Entry (uid=postmaster, ou=ganso.tmp.br, dc=FELA, dc=com, dc=br): object class 'qmailUser' requires attribute 'sn' Where the attribute sn is defined you'll find sn in core.schema. so, you have to include core.schema. --- Sunagawa Koji[EMAIL PROTECTED] Okinawa FreeBSD Users Group http://www.ofug.net/~koj/
Re: [vchkpw] Vpopmail +Ldap
Scrive Marcos Dutra [EMAIL PROTECTED]: Hi Koji, My slapd.conf include is: include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/qmailUser.schema But my ldap don't know attribute sn. What's happen??? My OpenLDAP version is 2.0.25 and my vpopmail 5.2.1 Try with the line: schemacheck off into your slapd.conf /speza --Linux segfault 2.4.19-- home: http://speza.com icq#: 11471656 home2: http://porzia.esoul.it/~speza -- This mail sent trough IMP from http://segfault.notebook.locale
Re: [vchkpw] Vpopmail +Ldap
Hi speza. Thanks for help, this option resolved my problem.. Marcos Dutra Try with the line: schemacheck off into your slapd.conf /speza --Linux segfault 2.4.19-- home: http://speza.com icq#: 11471656 home2: http://porzia.esoul.it/~speza -- This mail sent trough IMP from http://segfault.notebook.locale
Re: [vchkpw] Vpopmail +Ldap
Hi Marcos, Marcos Dutra [EMAIL PROTECTED] wrote: My slapd.conf include is: include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/qmailUser.schema But my ldap don't know attribute sn. What's happen??? My OpenLDAP version is 2.0.25 and my vpopmail 5.2.1 you forget `schemacheck off' --- Sunagawa Koji[EMAIL PROTECTED] Okinawa FreeBSD Users Group http://www.ofug.net/~koj/
[vchkpw] Vpopmail +Ldap
Hi people, I compiled vpopmail with ldap and i copied qmailUser.schema from vpopmail source. When i will create a new domain or a new user, my ldap don't create the user and verifing the syslog and receive a message: Sep 17 16:33:44 crash slapd[22054]: conn=1 op=0 BIND dn=CN=ROOT,DC=FELA,DC=COM,DC=BR method=128 Sep 17 16:33:44 crash slapd[22054]: conn=1 op=0 RESULT tag=97 err=0 text= Sep 17 16:33:44 crash slapd[22055]: conn=1 op=1 ADD dn=OU=GANSO.TMP.BR,DC=FELA,DC=COM,DC=BR Sep 17 16:33:44 crash slapd[22055]: conn=1 op=1 RESULT tag=105 err=0 text= Sep 17 16:33:45 crash slapd[22054]: conn=1 op=2 SRCH base=ou=ganso.tmp.br, dc=FELA, dc=com, dc=br scope=2 filter=((objectClass=qmailUser)(uid=postmaster)) Sep 17 16:33:45 crash slapd[22055]: conn=1 op=3 SRCH base=ou=ganso.tmp.br, dc=FELA, dc=com, dc=br scope=2 filter=((objectClass=qmailUser)(uid=postmaster)) Sep 17 16:33:45 crash slapd[22054]: conn=1 op=2 SEARCH RESULT tag=101 err=0 text= Sep 17 16:33:45 crash slapd[22055]: conn=1 op=3 SEARCH RESULT tag=101 err=0 text= Sep 17 16:33:45 crash slapd[22054]: conn=1 op=4 ADD dn=UID=POSTMASTER,OU=GANSO.TMP.BR,DC=FELA,DC=COM,DC=BR Sep 17 16:33:45 crash slapd[22054]: Entry (uid=postmaster, ou=ganso.tmp.br, dc=FELA, dc=com, dc=br): object class 'qmailUser' requires attribute 'sn' Where the attribute sn is defined Thanks Marcos Dutra
Re: [vchkpw] Vpopmail +Ldap
Hi, Marcos Marcos Dutra [EMAIL PROTECTED] wrote: I compiled vpopmail with ldap and i copied qmailUser.schema from vpopmail source. When i will create a new domain or a new user, my ldap don't create the user and verifing the syslog and receive a message: ...(snip)... Sep 17 16:33:45 crash slapd[22054]: Entry (uid=postmaster, ou=ganso.tmp.br, dc=FELA, dc=com, dc=br): object class 'qmailUser' requires attribute 'sn' Where the attribute sn is defined you'll find sn in core.schema. so, you have to include core.schema. --- Sunagawa Koji[EMAIL PROTECTED] Okinawa FreeBSD Users Group http://www.ofug.net/~koj/
[vchkpw] vpopmail-ldap needs qmail-ldap?
Hi, I was just wondering if you need qmail-ldap to run vpopmail with ldap support? Iain. -- PGP info: http://www.myspinach.org/~iain/pgpinfo.html