[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Getting IMAP to work with OpenLDAP
This is not entirely true, whatever you have in your /etc/pam.d/imap is
what is going to be used to authenticate users as long as your imap
server was compiled to use pam.
This is one of the nice things about pam, you can tell it to
authenticate local users one way, imap users another, and pop yet another.
The pam.d configuration file that the system uses to authenticate users
is typically system-auth or login. I like to leave those alone and only
configure imap and pop to know about ldap that way you won't get locked
out if your ldap server fails. It also makes it impossible for your
users to use ssh and other services simply because they are completely
unaware of the directory altogether.
BTW, I have many, many thousands of users working against
sendmail/uw-imap/qpopper without good success. I must note though that
I wrote a custom patch against uw-imap to cause it to store imap folders
in a message store directory instead of the users home dir.
schu
tsg wrote:
But IMAP uses normal unix password mechanism to identificate users. So if You
want to use IMAP with LDAP, the pam_ldap authentification should work for
normal users. So If I would do that I make pam_ldap working for normal users,
and than IMAP should work also.
Best regards.
PS. If Yoy are going to have thouthands of users, IMAP and thouthands users in
users You computer would be a headache. Consider using Cyrus or Courier