Topic: [SOLVED] LDAP authe remote server

[johnnyb]

Hello,

I'm trying to setup an ldap authentification. I read this documentations :

http://wiki.contribs.org/LDAP_Authentication
http://wiki.contribs.org/LemonLDAP-NG

Installation is ok but i don't want local LDAP server just remote auth to an other ldap server.


Any idea ?

Thank you

[johnnyb]

So to my mind, SME can't support full LDAP auth, i want to set auth on Centos layer but i think i will crash the SME layer

I'll be back to Postfix/Dovecot, SME needs more work

[Stefano]

So to my mind, SME can't support full LDAP auth, i want to set auth on Centos layer but i think i will crash the SME layer

Hi

I think you misunderstood SME's aims.. it's something like SBS..

I'll be back to Postfix/Dovecot

ok..

SME needs more work

this is not true.. SME does very well what it is designed for..
it's true that you need to read carefully the documentation before judging..

in any case you are welcome here..

[mmccarn]

...I'm trying to setup an ldap authentification. ...

For what?

For a specific web app?
For the SME web server?

It would take non-trivial effort customizing each of SME's user-specific services before you could simply have your SME use an external LDAP server for "everything".

At first guess, you'd need to customize the back-end for each of the following:
- Samba shares
- "User" ibays
- the /user-password panel
- qpsmtpd
- qmail
- dovecot
- pam(?)

... and when done:
- you'd be so customized that (probably) future SME updates wouldn't work on your system
- you'd *still* need  to configure ldap authentication independently for each new web app you might install (such as OwnCloud, Moodle, Gallery, Wordpress, etc).

[johnnyb]

Hello,

Thank you for your answer

The goal is very simple :

I want to migrate my old Postfix to SME/Qmail. So i need that my users (50) could login with there usually login/passwd

So i want to SME IMAP/POP/SMTP check users authentication on my LDAP server. I don't want an ldap SME server, i just want to authenticate to a remote LDAP server.

it's true that you need to read carefully the documentation before judging..

I had search for several hours but no really good documentation, but i can help Contribs to setup a good LDAP auth doc.

Where is the documentation ? where is the LDAP doc backend ?

thank you

 

[johnnyb]

@mmccarn

Thank you i understand, i have to setup qmail and dovecot LDAP remote auth

I there a way to contribute to documentation ?

[janet]

johnnyb

Where is the documentation ?

Look at the top of the Forums page, there are links to Manual, Wiki, Contribs, Howtos, FAQ etc.

where is the LDAP doc backend ?

In your forum user profile you can tick a box to request membership of the Wiki & Documentation team, after approval you will be able to edit the wiki pages & create new documents.

On the main Wiki page there is a Help link on top left hand side that explains how to use the Wiki, edit & create pages & formatting syntax etc.

Just ask here if you are unsure or get stuck.
IIRC there is a wiki sandbox you can experiment in first to get the feel of using the wiki.
I suggest you look at the formatting & syntax of existing documents & simply copy a whole document that is similar to what you want, & then edit to suit.

Using the wiki to create new documents is pretty easy really.

[johnnyb]

Hello janet,

Thank you very much for these informations

I'll try to participate to documentation

[janet]

johnnyb

Actually a link to Contribs is not at the top of Forums, but you can see it in my forum signature & find it on the main wiki pages.

[CharlieBrady]

So i want to SME IMAP/POP/SMTP check users authentication on my LDAP server. I don't want an ldap SME server, i just want to authenticate to a remote LDAP server.

No you don't. You don't just want authentication. You also want the SME server to have mail infrastructure for all those users - so you want mailboxes, home directories, etc.

SME server isn't designed that way. It is not a client system to some other system's set of users. It's an authoritative server, with its own inbuilt user list.

mmccarn has told you how many things would need to be modified to give you what you want.

If you really want to use SME server, the easiest way would be to export the userlist and passwords from your postfix system and set those users up on SME server.

[johnnyb]

Hello,

Thank you for your answer

I understand now why i can't use LDAP auth.

The best way is to import my LDAP database in the SME LDAP server ?

[CharlieBrady]

The best way is to import my LDAP database in the SME LDAP server ?

I don't think so. Import the user data (including passwords) from your ldap database, but use it to create normal SME users, including storing the passwords in /etc/shadow. I'm not sure how exactly you'd do that - there's probably a tool you can use to insert the hashes.