This documentation is for Dovecot v2.x, see wiki1 for v1.x documentation.
Differences between revisions 9 and 18 (spanning 9 versions)
Revision 9 as of 2003-08-25 02:16:12
Size: 3830
Editor: ip68-100-111-121
Comment:
Revision 18 as of 2009-03-15 22:35:14
Size: 3279
Editor: localhost
Comment: converted to 1.6 markup
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
''My comments are in italics.''
||<tablewidth="100%">'''/usr/local/etc/rc.d/slapd.sh'''||
||''Ignore the next line.''||
||# Uncomment one of the following:||
||''Comment out the next line.''||
||slapd_args="-u ldap -g ldap"||
## page was renamed from DoveLdapCheatSheet
Compile OpenLDAP with
{{{
 --enable-crypt
}}}
Line 8: Line 7:
||<tablewidth="100%">'''/usr/local/etc/openldap/slapd.conf'''||
||include /usr/local/etc/openldap/schema/core.schema||
||include /usr/local/etc/openldap/schema/cosine.schema||
||include /usr/local/etc/openldap/schema/nis.schema||
||password-hash {CRYPT}||
||pidfile /var/run/ldap/slapd.pid||
||argsfile /var/run/ldap/slapd.args||
||access to dn.children="ou=postoffice,dc=wibble,dc=net"||
||` ` by dn="cn=dovecot,ou=postoffice,dc=wibble,dc=net" read||
||` ` by anonymous auth||
||database bdb||
||suffix "dc=wibble,dc=net"||
||rootdn "cn=Manager,dc=wibble,dc=net"||
||rootpw hemmelighet||
||directory /var/db/openldap-data||
||index objectClass eq||
Create the ldap user and group.
Line 25: Line 9:
||<tablewidth="100%">'''/usr/local/etc/dovecot-ldap.conf'''||
||hosts = localhost||
||dn = cn=dovecot,ou=postoffice,dc=wibble,dc=net||
||dnpass = flop||
||ldap_version = 3||
||base = ou=postoffice,dc=wibble,dc=net||
||deref = never||
||scope = subtree||
||user_attrs = uid,homeDirectory,,uid,uidNumber,gidNumber||
||user_filter = (&(objectClass=posixAccount)(uid=%u))||
||pass_attrs = uid,userPassword||
||pass_filter = (&(objectClass=posixAccount)(uid=%u))||
||default_pass_scheme = CRYPT||
||user_global_uid = 3000||
||user_global_gid = 8||
'''/etc/rc.conf'''
{{{
slapd_enable="YES"
slapd_args='-u ldap -g ldap -h "ldap://localhost ldap://<IP address> ldapi://%2fvar%2frun%2fopenldap/???x-mod=0777"'
}}}
'''/usr/local/etc/rc.d/slapd.sh'''
You may not have either of the following lines.
 ''Ignore the next line.''
{{{
# Uncomment one of the following:
}}}
 ''Comment out the next line''
{{{
slapd_args="-u ldap -g ldap"
}}}
'''/usr/local/etc/openldap/slapd.conf'''
{{{
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/nis.schema
password-hash {CRYPT}
pidfile /var/run/ldap/slapd.pid
argsfile /var/run/ldap/slapd.args
access to dn.children="ou=postoffice,dc=wibble,dc=net"
 by dn="cn=dovecot,ou=postoffice,dc=wibble,dc=net" read
 by anonymous auth
database bdb
suffix "dc=wibble,dc=net"
rootdn "cn=Manager,dc=wibble,dc=net"
rootpw hemmelighet
directory /var/db/openldap-data
index objectClass eq
}}}
Line 41: Line 43:
||<tablewidth="100%">'''/usr/local/etc/dovecot.conf'''||
||base_dir = /var/dovecot/||
||protocols = imap||
||imap_listen = 192.168.15.32:143||
||ssl_disable = yes||
||login_chroot = yes||
||login = imap||
||login_executable = /usr/local/libexec/dovecot/imap-login||
||login_user = dovecot||
||verbose_proctitle = yes||
||first_valid_uid = 3000||
||last_valid_uid = 3000||
||first_valid_gid = 8||
||last_valid_gid = 8||
||valid_chroot_dirs = /var/mail||
||default_mail_env = mbox:/var/mail/%u # or maildir||
||client_workarounds = oe6-fetch-no-newmail outlook-idle||
||mail_save_crlf = yes||
||maildir_copy_with_hardlinks = yes||
||mbox_locks = fcntl||
||imap_executable = /usr/local/libexec/dovecot/imap||
||auth = default||
||auth_mechanisms = plain||
||auth_userdb = ldap /usr/local/etc/dovecot-ldap.conf||
||auth_passdb = ldap /usr/local/etc/dovecot-ldap.conf||
||auth_executable = /usr/local/libexec/dovecot/dovecot-auth||
||auth_user = dovecot-auth||
||auth_verbose = yes||
Compile Dovecot with
{{{
 --with-rawlog --with-ldap
}}}
Line 70: Line 48:
'''/usr/local/etc/dovecot-ldap.conf'''
{{{
hosts = localhost
dn = cn=dovecot,ou=postoffice,dc=wibble,dc=net
dnpass = flop
ldap_version = 3
base = ou=postoffice,dc=wibble,dc=net
deref = never
scope = subtree
user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid
user_filter = (&(objectClass=posixAccount)(uid=%u))
pass_attrs = uid=user,userPassword=password
pass_filter = (&(objectClass=posixAccount)(uid=%u))
default_pass_scheme = CRYPT
user_global_uid = 3000
user_global_gid = 8
}}}
'''/usr/local/etc/dovecot.conf'''
{{{
base_dir = /var/run/dovecot/
protocols = imap
ssl_disable = yes
verbose_proctitle = yes
first_valid_uid = 3000
last_valid_uid = 3000
first_valid_gid = 8
last_valid_gid = 8
valid_chroot_dirs = /var/mail
mail_location = mbox:/var/mail/%u # or maildir
maildir_copy_with_hardlinks = yes
Line 71: Line 79:
||<tablewidth="100%">/usr/local/etc/openldap/wibble.ldif||
||dn: dc=wibble,dc=net||
||` ` objectClass: top||
||` ` objectClass: dcObject||
||` ` objectClass: organization||
||` ` o: Wibble Corp.||
||` ` dc: wibble||
||` ` description: Wibble, with Ole Wobble and Ole Wubble||
||` `||
||dn: ou=accounts,dc=wibble,dc=net||
||` ` objectClass: top||
||` ` objectClass: organizationalUnit||
||` ` ou: accounts||
||` `||
||dn: uid=dovecot,ou=accounts,dc=wibble,dc=net||
||` ` objectClass: top||
||` ` objectclass: person||
||` ` uid: dovecot||
||` ` sn: dovecot||
||` `||
||dn: uid=ole_wobble,ou=accounts,dc=wibble,dc=net||
||` ` objectClass: top||
||` ` objectclass: person||
||` ` objectClass: posixAccount||
||` ` cn: Ole Wobble Olson||
||` ` uid: ole_wobble||
||` ` uidNumber: 3000||
||` ` gidNumber: 8||
||` ` homeDirectory: /usr/home/postoffice||
||` `||
||dn: uid=ole_wubble,ou=accounts,dc=wibble,dc=net||
||` ` objectClass: top||
||` ` objectclass: person||
||` ` objectClass: posixAccount||
||` ` cn: Ole Wubble Olson||
||` ` uid: ole_wubble||
||` ` uidNumber: 3000||
||` ` gidNumber: 8||
||` ` homeDirectory: /usr/home/postoffice||
protocol imap {
  client_workarounds = oe6-fetch-no-newmail outlook-idle
}

auth_verbose = yes

auth default {
  mechanisms = plain
  user = dovecot-auth
  passdb ldap {
    args = /usr/local/etc/dovecot-ldap.conf
  }
  userdb ldap {
    args = /usr/local/etc/dovecot-ldap.conf
  }
}
}}}
'''/usr/local/etc/openldap/wibble.ldif'''
{{{
dn: dc=wibble,dc=net
 objectClass: top
 objectClass: dcObject
 objectClass: organization
 o: Wibble Corp.
 dc: wibble
 description: Wibble, with Ole Wobble and Ole Wubble

dn: ou=accounts,dc=wibble,dc=net
 objectClass: top
 objectClass: organizationalUnit
 ou: accounts

dn: cn=dovecot,ou=accounts,dc=wibble,dc=net
 objectClass: top
 objectclass: person
 cn: dovecot
 sn: dovecot
 
dn: uid=ole_wobble,ou=accounts,dc=wibble,dc=net
 objectClass: top
 objectclass: person
 objectClass: posixAccount
 cn: Ole Wobble Olson
 sn: Olson
 uid: ole_wobble
 uidNumber: 3000
 gidNumber: 8
 homeDirectory: /usr/home/postoffice
 
dn: uid=ole_wubble,ou=accounts,dc=wibble,dc=net
 objectClass: top
 objectclass: person
 objectClass: posixAccount
 cn: Ole Wubble Olson
 sn: Olson
 uid: ole_wubble
 uidNumber: 3000
 gidNumber: 8
 homeDirectory: /usr/home/postoffice
}}}

Compile OpenLDAP with

        --enable-crypt

Create the ldap user and group.

/etc/rc.conf

slapd_enable="YES"
slapd_args='-u ldap -g ldap -h "ldap://localhost ldap://<IP address> ldapi://%2fvar%2frun%2fopenldap/???x-mod=0777"'

/usr/local/etc/rc.d/slapd.sh You may not have either of the following lines.

  • Ignore the next line.

# Uncomment one of the following:
  • Comment out the next line

slapd_args="-u ldap -g ldap"

/usr/local/etc/openldap/slapd.conf

include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/nis.schema
password-hash {CRYPT}
pidfile         /var/run/ldap/slapd.pid
argsfile        /var/run/ldap/slapd.args
access to dn.children="ou=postoffice,dc=wibble,dc=net"
        by dn="cn=dovecot,ou=postoffice,dc=wibble,dc=net" read
        by anonymous auth
database        bdb
suffix          "dc=wibble,dc=net"
rootdn          "cn=Manager,dc=wibble,dc=net"
rootpw          hemmelighet
directory       /var/db/openldap-data
index   objectClass     eq

Compile Dovecot with

        --with-rawlog --with-ldap

/usr/local/etc/dovecot-ldap.conf

hosts = localhost
dn = cn=dovecot,ou=postoffice,dc=wibble,dc=net
dnpass = flop
ldap_version = 3
base = ou=postoffice,dc=wibble,dc=net
deref = never
scope = subtree
user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid
user_filter = (&(objectClass=posixAccount)(uid=%u))
pass_attrs = uid=user,userPassword=password
pass_filter = (&(objectClass=posixAccount)(uid=%u))
default_pass_scheme = CRYPT
user_global_uid = 3000
user_global_gid = 8

/usr/local/etc/dovecot.conf

base_dir = /var/run/dovecot/
protocols = imap
ssl_disable = yes
verbose_proctitle = yes
first_valid_uid = 3000
last_valid_uid = 3000
first_valid_gid = 8
last_valid_gid = 8
valid_chroot_dirs = /var/mail
mail_location = mbox:/var/mail/%u # or maildir
maildir_copy_with_hardlinks = yes

protocol imap {
  client_workarounds = oe6-fetch-no-newmail outlook-idle
}

auth_verbose = yes

auth default {
  mechanisms = plain
  user = dovecot-auth
  passdb ldap {
    args = /usr/local/etc/dovecot-ldap.conf
  }
  userdb ldap {
    args = /usr/local/etc/dovecot-ldap.conf
  }
}

/usr/local/etc/openldap/wibble.ldif

dn: dc=wibble,dc=net
        objectClass: top
        objectClass: dcObject
        objectClass: organization
        o: Wibble Corp.
        dc: wibble
        description: Wibble, with Ole Wobble and Ole Wubble

dn: ou=accounts,dc=wibble,dc=net
        objectClass: top
        objectClass: organizationalUnit
        ou: accounts

dn: cn=dovecot,ou=accounts,dc=wibble,dc=net
        objectClass: top
        objectclass: person
        cn: dovecot
        sn: dovecot
        
dn: uid=ole_wobble,ou=accounts,dc=wibble,dc=net
        objectClass: top
        objectclass: person
        objectClass: posixAccount
        cn: Ole Wobble Olson
        sn: Olson
        uid: ole_wobble
        uidNumber: 3000
        gidNumber: 8
        homeDirectory: /usr/home/postoffice
        
dn: uid=ole_wubble,ou=accounts,dc=wibble,dc=net
        objectClass: top
        objectclass: person
        objectClass: posixAccount
        cn: Ole Wubble Olson
        sn: Olson
        uid: ole_wubble
        uidNumber: 3000
        gidNumber: 8
        homeDirectory: /usr/home/postoffice

None: HowTo/DoveLdapCheatSheet (last edited 2009-03-15 22:35:14 by localhost)