Difference between revisions of "LDAP and Claws Mail"
From Claws Mail FAQ
Jump to navigationJump to searchLine 1: | Line 1: | ||
− | Simple HOWTO based on Kubuntu (7.10) and | + | =Simple HOWTO based on Kubuntu (7.10)= |
+ | |||
+ | Exaple describes installation and configuration on Ubuntu 7.10 but should be valid for other distributions also. | ||
+ | It covers: | ||
+ | * openldap installation and configuration | ||
+ | * claws-mail configuration to use with LDAP | ||
+ | ==REMOVING OLD INSTALLATION== | ||
+ | *In case slapd is already installed, either go to point 4 or reinstall it with commands: | ||
+ | :<pre>sudo apt-get purge slapd</pre> | ||
+ | :<pre>sudo rm -rf /etc/ldap</pre> | ||
+ | ::<i>(in case your LDAP configuration is not yet in use)</i> | ||
+ | :<pre>sudo rm -rf /var/run/slapd</pre> | ||
+ | ::<i>(in case your LDAP database is not yet filled)</i> | ||
+ | ==INSTALLATION== | ||
+ | *Install slapd: | ||
+ | :<pre>sudo apt-get install slapd</pre> | ||
+ | :during installation ubuntu usually asks you for ldap admin password - use any - even empty - later we can change it anyway | ||
+ | |||
+ | ==CONFIGURATION== | ||
+ | *make sure to shut down LDAP server after installation: | ||
+ | :<pre>sudo /etc/init.d/slapd stop</pre> | ||
+ | *folder for storing data: | ||
+ | :make directory where you LDAP will store data - by default it is /var/run/slapd bud I don't recommend it for backup purposes (in case your root partition is to be reinstalled - OS crashed or whatever - then LDAP db is also vanished - my proposal is to use i.e. directory /home/ldap | ||
+ | ::<pre>sudo mkdir /home/ldap</pre> | ||
+ | :Because Ubuntu by default runs slapd daemon as user openldap (created automatically during slapd installation), then we must change the ownership of this directory: | ||
+ | ::<pre>sudo chown -R openldap:openldap /home/ldap</pre> | ||
+ | :as an alternative is to change default behaviour of slapd in file /etc/default/slapd the line: | ||
+ | ::<pre>SLAPD_USER="openldap"</pre> | ||
+ | :should be changed to: | ||
+ | ::<pre>SLAPD_USER=</pre> | ||
+ | :and in this case slapd runs as root and changing ownership is not needed - in this HOWTO we change the ownership to avoid the mismatch with Ubuntu default settings | ||
+ | *main config file creation: /etc/ldap/slapd.conf | ||
+ | :copy current config file: | ||
+ | ::<pre>sudo cp /etc/ldap/slapd.conf /etc/ldap/slapd.conf-org</pre> | ||
+ | :create main password for ldap: | ||
+ | ::<pre>slappasswd -s "your_password"</pre> | ||
+ | ::<i>where "your_password" is any string without quotes of course</i> | ||
+ | :as an output you get for example: | ||
+ | ::<pre>{SSHA}QqvOMErMXSJXRfLdmoIjMHEey129M5Qt</pre> | ||
+ | ::<i>this is your password encrypted to be used later in config file</i> | ||
+ | :modify configuration file | ||
+ | ::<pre>sudo gedit (or kedit) /etc/ldap/slapd.conf</pre> | ||
+ | :and put there (instead of everything what you find there): | ||
+ | <code><pre> | ||
+ | include /etc/ldap/schema/core.schema | ||
+ | include /etc/ldap/schema/cosine.schema | ||
+ | include /etc/ldap/schema/nis.schema | ||
+ | include /etc/ldap/schema/inetorgperson.schema | ||
+ | schemacheck on | ||
+ | pidfile /var/run/slapd/slapd.pid | ||
+ | argsfile /var/run/slapd/slapd.args | ||
+ | loglevel 0 | ||
+ | modulepath /usr/lib/ldap | ||
+ | moduleload back_bdb | ||
+ | backend bdb | ||
+ | checkpoint 512 30 | ||
+ | |||
+ | database bdb | ||
+ | suffix "dc=nodomain" | ||
+ | rootdn "cn=admin,dc=nodomain" | ||
+ | rootpw here_output_of_your_password i.e. {SSHA}QqvOMErMXSJXRfLdmoIjMHEey129M5Qt | ||
+ | directory "/home/ldap" | ||
+ | index objectClass eq | ||
+ | lastmod on | ||
+ | </pre></code> | ||
+ | :create database config file: | ||
+ | ::<pre>sudo gedit (or kedit) /home/ldap/DB_CONFIG </pre> | ||
+ | <code><pre> | ||
+ | set_cachesize 0 2097152 0 | ||
+ | set_lg_bsize 524288 | ||
+ | set_lk_max_objects 5000 | ||
+ | set_lk_max_locks 5000 | ||
+ | set_lk_max_lockers 5000 | ||
+ | </pre></code> | ||
+ | :these are default settings, not needed to change at this point | ||
+ | :if you changde /home/ldap to be owned by openldap user then it must be repeated at this point at least for this created file: | ||
+ | ::<pre>sudo chown openldap:openldap /home/ldap/DB_CONFIG</pre> | ||
+ | ==STARTING LDAP== |
Revision as of 14:33, 9 January 2008
Simple HOWTO based on Kubuntu (7.10)
Exaple describes installation and configuration on Ubuntu 7.10 but should be valid for other distributions also. It covers:
- openldap installation and configuration
- claws-mail configuration to use with LDAP
REMOVING OLD INSTALLATION
- In case slapd is already installed, either go to point 4 or reinstall it with commands:
sudo apt-get purge slapd
sudo rm -rf /etc/ldap
- (in case your LDAP configuration is not yet in use)
sudo rm -rf /var/run/slapd
- (in case your LDAP database is not yet filled)
INSTALLATION
- Install slapd:
sudo apt-get install slapd
- during installation ubuntu usually asks you for ldap admin password - use any - even empty - later we can change it anyway
CONFIGURATION
- make sure to shut down LDAP server after installation:
sudo /etc/init.d/slapd stop
- folder for storing data:
- make directory where you LDAP will store data - by default it is /var/run/slapd bud I don't recommend it for backup purposes (in case your root partition is to be reinstalled - OS crashed or whatever - then LDAP db is also vanished - my proposal is to use i.e. directory /home/ldap
sudo mkdir /home/ldap
- Because Ubuntu by default runs slapd daemon as user openldap (created automatically during slapd installation), then we must change the ownership of this directory:
sudo chown -R openldap:openldap /home/ldap
- as an alternative is to change default behaviour of slapd in file /etc/default/slapd the line:
SLAPD_USER="openldap"
- should be changed to:
SLAPD_USER=
- and in this case slapd runs as root and changing ownership is not needed - in this HOWTO we change the ownership to avoid the mismatch with Ubuntu default settings
- main config file creation: /etc/ldap/slapd.conf
- copy current config file:
sudo cp /etc/ldap/slapd.conf /etc/ldap/slapd.conf-org
- create main password for ldap:
slappasswd -s "your_password"
- where "your_password" is any string without quotes of course
- as an output you get for example:
{SSHA}QqvOMErMXSJXRfLdmoIjMHEey129M5Qt
- this is your password encrypted to be used later in config file
- modify configuration file
sudo gedit (or kedit) /etc/ldap/slapd.conf
- and put there (instead of everything what you find there):
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
schemacheck on
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
loglevel 0
modulepath /usr/lib/ldap
moduleload back_bdb
backend bdb
checkpoint 512 30
database bdb
suffix "dc=nodomain"
rootdn "cn=admin,dc=nodomain"
rootpw here_output_of_your_password i.e. {SSHA}QqvOMErMXSJXRfLdmoIjMHEey129M5Qt
directory "/home/ldap"
index objectClass eq
lastmod on
- create database config file:
sudo gedit (or kedit) /home/ldap/DB_CONFIG
set_cachesize 0 2097152 0
set_lg_bsize 524288
set_lk_max_objects 5000
set_lk_max_locks 5000
set_lk_max_lockers 5000
- these are default settings, not needed to change at this point
- if you changde /home/ldap to be owned by openldap user then it must be repeated at this point at least for this created file:
sudo chown openldap:openldap /home/ldap/DB_CONFIG