readme.ldap

相当优秀的 UNIX 进程管理工具

#define VLDAP_SERVER "localhost" // change this line to point 
                                 // to your ldap server

#define VLDAP_PORT LDAP_PORT // no need to change if you didn't 
                             //change anything)

#define VLDAP_USER "cn=Manager, o=vpop" // MUST change to reflect youre
                                        //settings from 
#define VLDAP_PASSWORD "proba"  // MUST change to reflect youre
                                // setting from /etc/openldap/slapd.conf

#define VLDAP_BASEDN "ou=%s, o=vpop" // MUST change to reflect youre
                                     // setting from /etc/openldap/slapd.conf
--------
then type 
"./configure --enable-auth-module=ldap " and that "should" setup ldap in vpopmail 
without hasle :) 
"make" "make install" and that should get you to running version of vpopmail
in ~vpopmail/bin dir 
try adding new domain with ~vpopmail/bin/vadddomain terere.com dddddasfa
if there is no any stupid error
"Error: Unable to chdir to vpopmail/users directory"

that's it :)
again you can check does it work with 
ldapsearch -x -b'o=vpop' if there is terere.com in output


Resources non known except www.openldap.org and www.inter7.com 


-------------------qmailUser.schema---------------------------

attributetype ( 1.3.6.1.4.1.8868.3.1.2
        NAME 'qmailGID'
        DESC 'qmail group id'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{100}
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.8868.3.1.3
        NAME 'qmailUID'
        DESC 'qmail userid'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{100}
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.8868.3.1.4
        NAME 'qmaildomain'
        DESC 'qmail Domain'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{100}
        SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.8868.3.1.6
        NAME 'mailQuota'
        DESC 'qmail quota'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{100}
        SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.8868.3.1.7
        NAME 'mailMessageStore'
        DESC 'qmail Store'
        EQUALITY caseIgnoreIA5Match
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{100}
        SINGLE-VALUE )

objectclass ( 1.3.6.1.4.1.8868.3.1
        NAME 'qmailUser'
        DESC 'qmail local mail recipient'
        SUP ( top $ person $ organizationalPerson )
        MAY ( qmailGID $ qmailUID $ qmaildomain $
                mailQuota $ mailMessageStore $ name $ sn $ cn $ userPassword) )


LDAP FAQ


2. After installing vpopmail successfully, running vadddomain gives a core
   dump error. What's wrong?

You probably configured --with-hardquota=xxxxx. This is a known bug. Hopefully
it will be fixed soon =)

3. After installing vpopmail successfully, running vadddomain gives an error:

Error: Unable to chdir to vpopmail/users directory

I don't know :(
From looking at the permissions in /home/vpopmail, everything looks fine.
If you found a solution to this problem, please let me know (and share
with other vpopmailers on the mailing list :)

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
All errors are fixed for ldap module :)
This only works on OpenLDAP 2.0.7-Release     21 July 2000 
( I don't use openldap ver 1)

error No. 2 from README.ldap

Fixed ... (snprintf error %s instead %i was in vldap.c on line 463)

error No. 3 from README.ldap

Fixed ... ( everything changed is in vpopmail.patch)

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Explanation:


2 error (stupid typo error :] )
3. error(s) were not that stupid :(
	and need more explaining

Ok here it is ;)

Fist there is a big diference in openldap ver 1 and openldap ver 2

first ther is more strict schema checking 
uid attribute cann't be used with this patch 
need for PosixAccount objectClass ...

third error was or it is not who knows 

  memset((char *)crypted, 0x0, 100);
  if ( password[0] != 0 ) {
    mkpasswd3(password, crypted, 100);
//    crypted[0] = 0;
  } else {
    mkpasswd3(password, crypted, 100);
  }

that check simply do not work I know it should but solution is simple ;) 

and I think these are all errors 


This was for all folks trying to make it working with openldap  V2


---------- OLD LDAP README ----------------------
From: vol [mailto:vol]On Behalf Of vol@inter7.com
Sent: Wednesday, December 05, 2001 1:15 PM
To: vchkpw@inter7.com
Subject: vpopmail, the LDAP module, and OpenLDAP


Alright.  I've responded to about 15 messages on this list
about the use of the OpenLDAP module.  I'm going to do my best
to explain everything that has ever been asked.  In case you
aren't aware, I'm the author of the LDAP module.  A little background
on the project, we needed to convert a large LDAP solution over
to a vpopmail-based LDAP solution as per the client's request.
I knew nothing of LDAP before I began work on the project, and believe
you me, I had a hell of a time figuring out exactly how LDAP functioned.

First of all, there is absolutely NO RELATIONSHIP between
vpopmail's LDAP module, and qmail-ldap.  qmail-ldap is an
LDAP-enabled qmail-based MTA.  The vpopmail LDAP module reads
user authentication information out of an LDAP database.

Second, the LDAP module DOES work, however, it is not actively
maintained because here at Inter7, we dislike LDAP, and anything
using it with a passion.  LDAP is the most terribly conceived idea
ever to hit the database industry, and to top it off, it is widely
used with bulky commercial mail solutions.  I wish I knew why.
Just to quelch any flaming I might get for my opinions in this area;
I've been over the code, I've worked with the big solutions, and I've
seen many benchmarks.

Here are common problems that will arise when trying to use the vpopmail
LDAP module:



  1) Unable to add new information to the database (domains, users, etc)
     and/or unable to authenticate out of the database

     Various misconfigurations can occur here:
        A) Bad authentication information (see vldap.h)
        B) Bad BASEDN information (see vldap.h)
        C) Mismatched schema (see vldap.h, and your ldap configurations)

     This will be the main problem people run into.  This is a
     misconfiguration on your end.  Not the module.  As far as I know,
     there have been no major re-writes of the OpenLDAP API that would
     cause the base functions to work differently causing database
     information retrieval to fail or act differently.

  2) Things are not properly removed from the database

     This worked in the original code.  Someone reported an error
     where something was not properly removed from the database.
     I have not worked with the LDAP module since early 4.x versions.
     As you know, 5.0 is a big re-write of a lot of the base vpopmail
     code.  I cannot verify if this is a true bug or not.

Instructions for installing the vpopmail LDAP module:

  Okay, folks.  I need to say right up front.  If you don't know
  enough about LDAP to construct a database from scratch without
  reading for hours on end, you're not going to have great success
  with this installation.  If you're not already an LDAP guru,
  please just decide upon another database.  You will be a lot
  happier in the long run.

  First of all, you need to configure your LDAP server.  For our
  purposes, this will be slapd.  You'll need to edit your slapd.conf
  and your slapd.oc.conf (I think its called that still).  Add
  the new schema information.  You can find all this in vldap.c/vldap.h
  source files (or you used to be able to).  Again, if you don't know
  what a 'schema' is, you really shouldnt be mucking with LDAP.  Do
  NOT attempt to modify the structure.  It will BREAK.  Follow the
  schema from vldap.h/vldap.c.

  Modify vldap.h for the authentication information.

  Now, in the old version I worked with, you had to create the basedn
  to start.  If this is no longer needed, ignore this step.  Create
  a little LDIF (you'll probably want to save this in case of problems)
  and pipe it into the database.

  If you followed these instructions, and understood everything you
  were doing more or less, your vpopmail LDAP configuration should be
  working smoothly.

Last words:

  As I said above, the LDAP module has not been verified as extremely
  functional since early 4.x versions.  We'd prefer, if you must use
  backend database, that you go with MySQL.  I'd really suggest you
  look at the benchmarking on the MySQL site.  MySQL cant hold 2
terabytes
  of authentication information, but it's three times faster than
Oracle.
  On the flip side, Oracle CAN hold 2 terabytes of authentication
  information, but unless you're a fortune 500 company, you probably
  will not need to bother with that type of database storage.

  Any further questions about LDAP, we will not be able to help you with
  unless you want to fund some sort of documentation, update project.
  We always welcome funding for any project, of course. :)

I hope this has helped those of you who absolutely cannot live without
LDAP authentication.

Good luck!
-- 
vol@inter7.com
Inter7 Internet Technologies, Inc.
www.inter7.com - 847-492-0470
Prices at http://www.inter7.com/prices