OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Gary C. New (garycnew_at_yahoo.com)
Date: Mon Sep 02 2002 - 12:10:25 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    I am currently trying to configure IMP + Cyrus +
    Postfix + SASL2 + LDAP.
      I am at the point where I am trying to hammer out
    the ldap structure that will best support these
    applications to include virtual users and domains.

    It was suggested to me that several persons on this
    list have attempted this before and I might be able to
    get some suggestions from you. Most of my ldap
    structure and entries are based from the examples
    given in the postfix LDAP_README document.

            dn: cn=defaultrecipient, dc=fake, dc=dom
            objectclass: top
            objectclass: virtualaccount
            cn: defaultrecipient
            owner: uid=root, dc=someserver, dc=isp, dc=dom
       1 -> mailacceptinggeneralid: fake.dom
       2 -> mailacceptinggeneralid: fake.dom
       3 -> maildrop: realuserreal.dom

    As I am attempting to use SASL2 as the secure
    intermediary I believe the SASL Auth ID to LDAP DN
    conversion is suppose to be like this:

            uid=<user>,cn=<realm>,cn=digest-md5,cn=auth
    (sasl digest-md5)

            to

            uid=<user>,ou=person,dc=example,dc=com

    My question is: What would be the best ldap structure
    and entries to enable the use of virtual users and
    domains and integrate well for use as a client address
    book?

    This is what I am currently considering:

                       -- ou=clientcompany1 -- uid=user1
    dc=example,dc=org -- ou=clientcompany2 -- uid=user1 --
    uid=user2
                       -- ou=clientcompany3 -- uid=user1

    ldif entry:

    dn:
    uid=user1,ou=clientcompany2,dc=clientcompany2,dc=org
    objectclass: top
    objectclass: virtualaccount
    cn: defaultrecipient
    owner: uid=root,dc=mail,dc=example,dc=org
    mailacceptinggeneralid: clientcompany2.org
    mailacceptinggeneralid: clientcompany2.org
    maildrop: <realuser><realdomain.org>
    userpassword: <userpassword>

    Can anyone suggest a better structure?

    Respectfully,

    Gary

    __________________________________________________
    Do You Yahoo!?
    Yahoo! Finance - Get real-time stock quotes
    http://finance.yahoo.com
    -
    To unsubscribe, send mail to majordomopostfix.org with content
    (not subject): unsubscribe postfix-users