摩托學園討論區

[chench]

請問各位大大:
我是用Debian3.0 +postfix 2.1.5-9 +slapd 2.2.23-8
我想要把user帳號和密碼放在ldap上面
但是~我的mail已經可以正常收發信件
但他抓的是本機端的帳號密碼
請問我還要改哪些設定去讓postfix的帳號密碼是抓 LDAP的勒?
以下是我的三個 conf 如有缺蝦米檔案
再請各位大大跟我說一下

/etc/postfix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

myhostname = localhost.localdomain
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = chench.xxx.com.tw, localhost.localdomain, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

/etc/postfix/master.cf # ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - - - - smtpd
#submission inet n - - - - smtpd
# -o smtpd_etrn_restrictions=reject
#628 inet n - - - - qmqpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - - 300 1 qmgr
#qmgr fifo n - - 300 1 oqmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - - - - showq
error unix - - - - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
# maildrop. See the Postfix MAILDROP_README file for details.
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}


/etc/ldap/slapd.conf
# Schema and objectClass definitions
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema

# match schemas for their objectClasses's
schemacheck on

pidfile /var/run/slapd/slapd.pid

argsfile /var/run/slapd.args

loglevel 0

modulepath /usr/lib/ldap
moduleload back_bdb

backend bdb
checkpoint 512 30
database bdb
suffix "dc=xxx,dc=com,dc=tw"

directory "/var/lib/ldap"

# Indexing options for database #1
index objectClass eq

# Save the time that the entry gets modified, for database #1
lastmod on

access to attrs=userPassword
by dn="cn=admin,dc=xxx,dc=com,dc=tw" write
by anonymous auth
by self write
by * none

access to dn.base="" by * read

# can read everything.
access to *
by dn="cn=admin,dc=xxx,dc=com,dc=tw" write
by * read

[chench]

補上syslog的訊息
以下是restart postfix 和 slapd 的訊息~

Nov 7 09:50:22 localhost postfix/postfix-script: stopping the Postfix mail system
Nov 7 09:50:22 localhost postfix/master[2272]: terminating on signal 15
Nov 7 09:50:24 localhost postfix/postfix-script: starting the Postfix mail system
Nov 7 09:50:24 localhost postfix/master[25771]: daemon started -- version 2.1.5
Nov 7 09:51:57 localhost slapd[25788]: slapd stopped.
Nov 7 09:51:57 localhost slapd[25788]: connections_destroy: nothing to destroy.
Nov 7 09:53:21 localhost slapd[25804]: @(#) $OpenLDAP: slapd 2.2.23 (May 30 2005 08:52:42) $ ^I@pulsar:/home/torsten/packages/openldap/openldap2.2-2.2.23/debian/build/servers/slapd

[Tetralet]

以前的筆記，請參考：


首先，在 /etc/postfix/main.cf 中加入：

代碼: 選擇全部

# The ldap_search_base parameter specifies the LDAP database to search.
ldap_search_base = "dc=luna,dc=com,dc=tw"

# The ldap_server_host parameter specifies the LDAP server hostname.
ldap_server_host = 192.168.1.254

然後，修改 /etc/postfix/sasl/smtpd.conf 的內容如下：

代碼: 選擇全部

pwcheck_method: pam

最後，新增 /etc/pam.d/smtp 這個檔案：

代碼: 選擇全部

#%PAM-1.0

auth sufficient pam_ldap.so
auth required pam_unix_auth.so

account sufficient pam_ldap.so
account required pam_unix_acct.so

password required pam_unix_passwd.so
session required pam_unix_session.so

雖然不保証以下設定真的可以運作無誤，
但是有了以上資訊，找起 Google 應該會更容易了。
請不妨參考看看！