Sorry,
One other question to add to my previous e-mail. Are you supposed to use the "Cyrus
LDAP
auth patch" or the "Cyrus SASL 1.5.24 LDAP auth and mysql patch"?
If you have to use the "Cyrus SASL 1.5.24 LDAP auth and mysql patch" do you have a
modified version minus the mysql stuff, or is it simple enough to remove?
Thanks,
-John
"Kevin M. Myer" wrote:
> On Thu, 12 Apr 2001, John C. Amodeo wrote:
>
> > A quick question...
> >
> > We downloaded the patches form Openldap.org, but looking at the source, there are
>no
> > provisions to pass ldap_server or ldap_basedn. Am I missing something here? The
> > code in the pwcheck_ldap.c suggests that you need to hard-code the ldap information
> > in, then compile.
> >
> > We are using the latest CVS, with the -C config option, and patches found at
> > http://www.surf.org.uk/patches/index.html
> >
> > Is the the correct patch to use? Does anyone have any advise on how to get this
> > going? The e-mail below suggests it is pretty effortless, but all attempts we have
> > made have failed.
> >
> > Thanks,
> > -John
>
> I have it running here, although I backed out the mysql stuff from the
> surf patches.
>
> In your /etc/imapd.conf, replace
> sasl_pwcheck_method: PAM
>
> with
> sasl_pwcheck_method: ldap
>
> and add:
>
> sasl_ldap_server: <your ldap server>
> sasl_ldap_basedn: <your basedn>
>
> Then create a separate /etc/otherimapd.conf in which you have different
> sasl_ldap_server and sasl_ldap_basedn configs.
>
> Then in /etc/cyrus.conf, for each IP address you want to listen to,
> create the following entries (replacing <address#> with the IP address,
> although you needn't necessarily name your config files with IP
> addresses - just use something meaningful, like maybe the hostname):
>
> imap-<address#> cmd="imapd -C /etc/<address#>imap.conf"
> listen="<address#>:imap" prefork=0
>
> pop3-<address#> cmd="pop3 -C /etc/<address#>imap.conf"
> listen="<address#>:pop3" prefork=0
>
> I tested this with sendmail 11.2 and found that I also had to create
> separate lmtp sockets for each address I wanted to receive mail for - I
> simply generated two sendmail.cf files that only bound sendmail to a
> particular IP address and I hard coded the lmtp socket into the
> sendmail.mc file I used to generate the .cf file.
>
> I have this working here - two IP addresses on the same box, with one imap
> and pop3 processing listening on each.
>
> Both IP addresses use SASL for authenticatiom and I can use multiple LDAP
> servers and multiple basedns very nicely. Mail is stored in separate
> spools for each IP address and I can have identical uids for multipe
> addresses (i.e [EMAIL PROTECTED] and
> [EMAIL PROTECTED] both work but are separate mail boxes).
>
> Thanks much to Michael Clark for pointing out the sasl_ldap patches. That
> definitely allows me to use Cyrus the way I want to (although I'd much
> prefer to specify multiple trees/servers in the pam_ldap config so that
> _all_ services can take advantage of this, not just cyrus and sendmail).
> Very cool.
>
> The only problem I've run into is that I probably should generate a new
> directory for sendmail's config files and databases for each instance of
> sendmail I've run but I should easily be able to create a template
> sendmail.mc and modify that for each instance.
>
> Kevin
>
> --
> Kevin M. Myer
> Systems Administrator
> Lancaster-Lebanon Intermediate Unit 13
> (717)-560-6140
