On Thu, 12 Apr 2001, John C. Amodeo wrote:
> A quick question...
>
> We downloaded the patches form Openldap.org, but looking at the source, there are no
> provisions to pass ldap_server or ldap_basedn. Am I missing something here? The
> code in the pwcheck_ldap.c suggests that you need to hard-code the ldap information
> in, then compile.
>
> We are using the latest CVS, with the -C config option, and patches found at
> http://www.surf.org.uk/patches/index.html
>
> Is the the correct patch to use? Does anyone have any advise on how to get this
> going? The e-mail below suggests it is pretty effortless, but all attempts we have
> made have failed.
>
> Thanks,
> -John
I have it running here, although I backed out the mysql stuff from the
surf patches.
In your /etc/imapd.conf, replace
sasl_pwcheck_method: PAM
with
sasl_pwcheck_method: ldap
and add:
sasl_ldap_server: <your ldap server>
sasl_ldap_basedn: <your basedn>
Then create a separate /etc/otherimapd.conf in which you have different
sasl_ldap_server and sasl_ldap_basedn configs.
Then in /etc/cyrus.conf, for each IP address you want to listen to,
create the following entries (replacing <address#> with the IP address,
although you needn't necessarily name your config files with IP
addresses - just use something meaningful, like maybe the hostname):
imap-<address#> cmd="imapd -C /etc/<address#>imap.conf"
listen="<address#>:imap" prefork=0
pop3-<address#> cmd="pop3 -C /etc/<address#>imap.conf"
listen="<address#>:pop3" prefork=0
I tested this with sendmail 11.2 and found that I also had to create
separate lmtp sockets for each address I wanted to receive mail for - I
simply generated two sendmail.cf files that only bound sendmail to a
particular IP address and I hard coded the lmtp socket into the
sendmail.mc file I used to generate the .cf file.
I have this working here - two IP addresses on the same box, with one imap
and pop3 processing listening on each.
Both IP addresses use SASL for authenticatiom and I can use multiple LDAP
servers and multiple basedns very nicely. Mail is stored in separate
spools for each IP address and I can have identical uids for multipe
addresses (i.e [EMAIL PROTECTED] and
[EMAIL PROTECTED] both work but are separate mail boxes).
Thanks much to Michael Clark for pointing out the sasl_ldap patches. That
definitely allows me to use Cyrus the way I want to (although I'd much
prefer to specify multiple trees/servers in the pam_ldap config so that
_all_ services can take advantage of this, not just cyrus and sendmail).
Very cool.
The only problem I've run into is that I probably should generate a new
directory for sendmail's config files and databases for each instance of
sendmail I've run but I should easily be able to create a template
sendmail.mc and modify that for each instance.
Kevin
--
Kevin M. Myer
Systems Administrator
Lancaster-Lebanon Intermediate Unit 13
(717)-560-6140
