Un annuaire LDAP (avec le schéma misc) est déjà en place, nous souhaitons monter un serveur de mail SMTP/IMAPS en s’appuyant sur l’authentification de l’annuaire LDAP :
apt-get install postfix postfix-ldap dovecot-imapd
Postfix
Tout d’abord /etc/postfix/main.cf :
smtpd_banner = $myhostname biff = no append_dot_mydomain = no readme_directory = no smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache myhostname = hostname.zici.fr myorigin = /etc/mailname relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_command = /usr/lib/dovecot/deliver mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all luser_relay = alias_maps = hash:/etc/aliases virtual_mailbox_domains = zici.fr, mercereau.info, liencontrelien.zici.fr virtual_alias_maps = hash:/www/zici/emailPoubelle/virtual dovecot_destination_recipient_limit = 1 virtual_transport = dovecot mailbox_transport = dovecot dovecot_destination_recipient_limit = 1
Dans le fichier master.cf il suffit de rajouter la ligne suivante à la fin du fichier:
# Dovecot LDA dovecot unix - n n - - pipe flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} -d ${user}
Dovecot
Il n’y a que 2 fichiers de conf, d’abord, /etc/dovecot/dovecot.conf
protocols = imap imaps log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:/var/mail/%n mail_uid = 500 mail_gid = 8 mail_privileged_group = mail protocol imap { imap_client_workarounds = outlook-idle } protocol pop3 { pop3_uidl_format = %08Xu%08Xv } protocol managesieve { } protocol lda { postmaster_address = postmaster@zici.fr auth_socket_path = /var/run/dovecot/auth-master } auth default { mechanisms = plain login passdb pam { } passdb ldap { args = /etc/dovecot/dovecot-ldap.conf } userdb ldap { args = /etc/dovecot/dovecot-ldap.conf } user = root socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = vmail group = mail } } } dict { } plugin { }
et enfin /etc/dovecot/dovecot-ldap.conf
hosts = 127.0.0.1 auth_bind = yes ldap_version = 3 base = ou=Utilisateur,dc=zici,dc=fr user_attrs = uidNumber=500,gidNumber=8 user_filter = (&(objectClass=posixAccount)(cn=%n)) pass_filter = (&(objectClass=posixAccount)(cn=%n)) default_pass_scheme = SSHA
Astuce pour tester les filtres utiliser la commande
ldapsearch -x -h localhost -b "ou=Utilisateur,dc=zici,dc=fr" '(&(objectClass=posixAccount)(cn=Utilisateur))'
Source :
- http://www.404blog.net/?p=36
- http://monblog.system-linux.net/blog/2011/05/12/ajouter-des-schemas-dans-votre-annuaire-openldap-avec-debian-squeeze/
- http://www.rjsystems.nl/en/2100-d6-openldap-provider.php