Vishal,
I haven't used cyrus so I'm unable to help.
Sorry,
schu
Hi,
I did some thing else yesterday since everyone mentioned that I should use cyrus I installed the latest RPM of Cyrus-imap on my system.
How do I check if my cyrus-imap has been compiled with LDAP support, I had the complete package from the distro of Suse 8.1 professional.
What I did was that I removed the old IMAP software and installed the new one. I started the server and as expected it did not run.
I did the changes in the pam.d/imap file and /etc/nsswitch file.
but to fail all I see now in the log after this is that imap tries to autenticate as below
Apr 11 11:37:51 lancer master[26152]: about to exec /usr/lib/cyrus/bin/ctl_cyrusdb
Apr 11 11:37:51 lancer ctl_cyrusdb[26152]: checkpointing cyrus databases
Apr 11 11:37:51 lancer ctl_cyrusdb[26152]: DBERROR db4: /var/lib/imap/db/__db.001: Permission denied
Apr 11 11:37:51 lancer ctl_cyrusdb[26152]: DBERROR: dbenv->open '/var/lib/imap/db' failed: Permission denied
Apr 11 11:37:51 lancer ctl_cyrusdb[26152]: DBERROR: init /var/lib/imap/db: cyrusdb error
Apr 11 11:37:51 lancer ctl_cyrusdb[26152]: done checkpointing cyrus databases
Apr 11 11:37:51 lancer master[19160]: process 26152 exited, status 1
Apr 11 11:38:08 lancer master[26154]: about to exec /usr/lib/cyrus/bin/imapd
Apr 11 11:38:08 lancer imap[26154]: executed
Matthew Schumacher wrote:
Vishal,
There are a couple of things that need to happen to make imap/pam/ldap work:
First you need to install the pam modules, then you install nss_ldap and pam_ldap. Pam_ldap authenticates the user and nss_ldap resolves the user for local files and processes and such. Onces these packages are installed you need to configure your /etc/ldap.conf to tell these packages how to connect to your directory then you need to edit your /etc/nsswitch.conf to cause the libc libraries to become ldap aware though the nss_ldap module.
Once you do those things you should be able to chown a file to a ldap user. If you can't do that then either your /etc/ldap.conf, /etc/nsswitch.conf, or user record in ldap has a problem.
Once you get passed the chown test now compile imap with pam support. And create a /etc/pam.d/imap file and put this in it:
auth sufficient /lib/security/pam_ldap.so account sufficient /lib/security/pam_ldap.so
That should be it, it should just work now.
schu
Четверг 10 Апрель 2003 14:06, Vishal Khanna написал:
Hi All, I have basic problems in getting LDAP to work with IMAP.
What I want to do ------------------ I want to authenticate my MAIL(IMAP) users on Linux box from the LDAP server running on another server
a. Is it possible ? b. If yes then how ?
Any help would be really appreciated, I have done the hunting on the web
The pacakages I use are (RPMS on 2.4.19 Kernel) IMAP ----- imap-2001a-142 imap-lib-2001a-142
LDAP openldap2-client-2.1.4-26 yast2-ldap-client-2.6.5-66 nss_ldap-199-31 openldap2-2.1.4-26 pam_ldap-150-57 tclldap-1.1.1-693 perl-ldap-0.251-20 perl-ldap-ssl-0.251-20
I did what was mentioned of changing the settings in /etc/nsswitch.conf Changed the entries in /etc/pam.d/imap to
auth required pam_ldap.so account required pam_ldap.so
No matter what I do I cannot get it to work. My openLDAP software works perfectly fine otherwise.
Cheers Vishal