[courier-users] Semi-virtual users in LDAP

Hi all,

We are phasing out the system that the mail server is on, because the box is
dying. I use Courier-IMAP and currently authenticate via PAM/LDAP. The
system that I want to move the server onto also authenticates via PAM/LDAP.
There is only one problem. That system already has home directories
in /home, for the Samba users on it. For that reason, I don't want
Courier-IMAP to store mail in /home/$USER/Maildir like the default.
Basically I want Courier to ignore the homeDirectory attributes of my users,
and instead look for maildirs in /mail/$USER/Maildir.

To that end I have configured authldaprc like this:

LDAP_SERVER ldap.mycompany.com
LDAP_PORT 389

LDAP_PROTOCOL_VERSION 3

LDAP_BASEDN ou=corp,dc=mycompany,dc=com
LDAP_BINDDN cn=Manager,dc=mycompany,dc=com
LDAP_BINDPW supersecret


LDAP_TIMEOUT 5

LDAP_MAIL uid
LDAP_FILTER (objectClass=posixAccount)
LDAP_DOMAIN mycompany.com

LDAP_HOMEDIR LDAP_MAILROOT/$user
LDAP_MAILROOT /mail
LDAP_MAILDIR mailbox

LDAP_DEFAULTDELIVERY defaultDelivery

LDAP_FULLNAME cn
LDAP_CRYPTPW userPassword
LDAP_UID uidNumber
LDAP_GID gidNumber
LDAP_DEREF never
LDAP_TLS 0

Then I make a directory structure /mail/test/Maildir/[cur,tmp,new] and I make
it readable by user 'test'. I try to log in as user 'test' and here is what
I get:

Mar 7 15:50:15 furnsrv authdaemond: received auth request, service=imap,
authtype=logi
n
Mar 7 15:50:15 furnsrv authdaemond: authldap: trying this module
Mar 7 15:50:15 furnsrv authdaemond: selected ldap protocol version 3
Mar 7 15:50:15 furnsrv authdaemond: binding to LDAP server as DN
'cn=Manager,dc=mycompany
,dc=com', password 'supersecret'
Mar 7 15:50:15 furnsrv authdaemond: using search filter: (uid=test)
Mar 7 15:50:15 furnsrv authdaemond: one entry returned, DN:
uid=test,ou=People,ou=CORP
,dc=borkholder,dc=com
Mar 7 15:50:15 furnsrv authdaemond: raw ldap entry returned:
Mar 7 15:50:15 furnsrv authdaemond: | cn: test
Mar 7 15:50:15 furnsrv authdaemond: | uid: test
Mar 7 15:50:15 furnsrv authdaemond: | userPassword: {SSHA}
3c4JKSytP5B5UhCOWJ2IiQYUgQox
2NeD
Mar 7 15:50:15 furnsrv authdaemond: authldaplib: refuse to authenticate test:
uid=0, g
id=0 (zero uid or gid not permitted)
Mar 7 15:50:15 furnsrv authdaemond: authldaplib: sysusername=<null>,
sysuserid=0, sysg
roupid=0, homedir=, address=test, fullname=test, maildir=<null>, quota=<null>,
options=
<null>
Mar 7 15:50:15 furnsrv authdaemond: authldaplib: clearpasswd=<null>,
passwd={SSHA}3c4J
KSytP5B5UhCOWJ2IiQYUgQox2NeD
Mar 7 15:50:15 furnsrv authdaemond: supplied password 'test' does not match
encrypted
password '{SSHA}3c4JKSytP5B5UhCOWJ2IiQYUgQox2NeD'
Mar 7 15:50:15 furnsrv authdaemond: authldap: REJECT - try next module
Mar 7 15:50:15 furnsrv authdaemond: FAIL, all modules rejected
Mar 7 15:50:15 furnsrv imapd: LOGIN FAILED, user=test,
ip=[::ffff:192.168.1.105]
Mar 7 15:50:20 furnsrv imapd: Disconnected, ip=[::ffff:192.168.1.105], time=5

Now, in LDAP the uidNumber of 'test' is 1127 and gidNumber is 513. I am not
sure why it thinks that the uid and gid are both 0 for the entry 'test.'

Can someone please tell me what I am doing wrong and/or if there is an easier
way to accomplish what I am trying to do?

Thanks!
Misty


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/.../courier-users