Cyrus w/ LDAP & Qmail

Alex Zaitchenko alexz at elcosystems.com
Thu Apr 10 12:23:37 EDT 2003 

What's your question ?
how MTA issues related to Cyrus authentication ?

I've got cyrus 2.2 working with ldap auth this way:

- OpenLdap 2.0 libraries/includes installed under /usr/openldap-2.0
	(I couldn't get saslauthd compiled with ldap support using
		openldap 2.1 libs)
- saslauthd should be compiled with --with-ldap=/usr/openldap-2.0
- cyrus key directives in /etc/imapd.conf:
	sasl_pwcheck_method: saslauthd
	username_tolower: 1
	virtdomains: 1
- saslauthd.conf:

	ldap_servers: ldap://127.0.0.1
	ldap_bind_dn: uid=ldapadmin,ou=people,dc=domain
	ldap_bind_pw: secret
	ldap_search_base: ou=people,dc=domain
	ldap_auth_method: bind
	ldap_filter: (uid=%u)
	ldap_ssl: no

(you can use %U in filter expression if you've decided to populate your
LDAP directory in form uid=username instead of FQUN: uid at adomain1.com )

- slapd.conf (i'm using openldap 2.1 as LDAP auth server) should include:
	include         /etc/openldap/schema/core.schema
	include         /etc/openldap/schema/cosine.schema
	include         /etc/openldap/schema/inetorgperson.schema
	include         /etc/openldap/schema/nis.schema


- my LDIFs for DB population:
domain.ldif:
	dn: dc=domain
	objectClass: dcObject
	objectClass: organization
	dc: domain
	o: your org name
	description: your description

people.ldif:
	dn:ou=people, dc=domain
	objectclass: top
	objectclass: organizationalUnit
	ou: people

user.ldif
dn: uid=test at dom.tld, ou=people, dc=domain
cn: test at dom.tld
sn: test user
objectclass: top
objectclass: person
objectclass: posixAccount
objectclass: shadowAccount
objectclass: inetorgperson
displayname: Test Username
mail: test at dom.tld
uid: test at dom.tld
userpassword: {MD5}CY9rzUYh03PK3k6DJie09g==
uidnumber:10000
gidnumber:500
loginShell: /bin/true
homeDirectory: /dev/null


- Services start parameters:

/usr/cyrus/bin/master -d
/usr/sbin/saslauthd -a ldap -O /etc/saslauthd.conf
/usr/libexec/slapd -4 -h ldap:// -u slapd -g slapd

Hope this helps.




On Thu, Apr 10, 2003 at 10:56:25AM -0400, Gregory Chagnon wrote:
> 
> 
> 
> 
> Hi everyone-
> I'm getting really frustrated trying to get Cyrus, which authenticates 
> against a LDAP database to work with qmail.  Does anyone have a good howto 
> for this?  Any help is greatly appreciated.  Thanks!!
> -Greg
> 
> _________________________________________________________________
> Add photos to your messages with MSN 8. Get 2 months FREE*.  
> http://join.msn.com/?page=features/featuredemail
>

More information about the Info-cyrus mailing list