1 (edited by toxa 2013-10-21 18:23:14)

Topic: iRedMail (OpenLDAP) with GOsa

1. after installing iRedMail install GOSa:
apt-get install gosa gosa-schema gosa-plugin-mail
2 . connect schema:
edit / etc / ldap / slapd.conf
# gosa
include / etc / ldap / schema / gosa / gosystem.schema
include / etc / ldap / schema / gosa / gofon.schema
include / etc / ldap / schema / gosa / goto.schema
include / etc / ldap / schema / gosa / goserver.schema
include / etc/ldap/schema/gosa/samba3.schema
include / etc/ldap/schema/gosa/gosa-samba3.schema
tune GOSa through web interface.

3 . Edit files on your instructions.

4 . When you create a new user in GOSa after entering the password error:
Cannot generate SAMBA hash.

Cannot generate SAMBA hash.

When you add an existing mail user , and it works.
Apparently the error lies somewhere in the settings of LDAP or snap user rights GOSa.

Help please !

2

Re: iRedMail (OpenLDAP) with GOsa

Configured LDAP + GOSa and iRedMail on different servers, edited configs on the example above.
If you try to send a message the local user error:
SMTP Error (451): Unable to add recipient "test@my.domain" (4.3.0 <test1@my.domain>: Temporary lookup failure)

3

Re: iRedMail (OpenLDAP) with GOsa

First of all, please post your questions in a new topic, do not hijack other's forum topic.

toxa wrote:

SMTP Error (451): Unable to add recipient "test@my.domain" (4.3.0 <test1@my.domain>: Temporary lookup failure)

Please check Postfix log file to see why it reports this error.

4

Re: iRedMail (OpenLDAP) with GOsa

ZhangHuangbin wrote:

First of all, please post your questions in a new topic, do not hijack other's forum topic.

toxa wrote:

SMTP Error (451): Unable to add recipient "test@my.domain" (4.3.0 <test1@my.domain>: Temporary lookup failure)

Please check Postfix log file to see why it reports this error.

Once again, set 2 servers:
1. Debian 7.2 + GOSa 2.7.4 + ldapadmin + created a user vmail with adminnistrativnymi rights, according to instructions: http://blog.toxa.dp.ua/?p=25
2. Debian 7.2 + iRedMail-0.8.5 installed with base LDAP

Then try to make the authorization of the base GOSa on your instructions:
http://www.iredmail.org/forum/topic309- … -gosa.html

So questions:
1. after editing the files are missing authorization in the web interface.
2. Policyd (cluebringer) Web UI: edit rules in SQL database and reads the rules of the Postfix LDAP.

5 (edited by toxa 2013-11-28 21:09:36)

Re: iRedMail (OpenLDAP) with GOsa

root@post:/etc/postfix/ldap# cat virtual_alias_maps.cf
#server_host     = 127.0.0.1
#server_port     = 389
#version         = 3
#bind            = yes
#start_tls       = no
#bind_dn         = cn=vmail,dc=mku,dc=post
#bind_pw         = BmHsEcYPLijsJWC8G7eBGcJ77NAmiK
#search_base     = o=domains,dc=mku,dc=post
#scope           = sub
#query_filter    = (&(|(mail=%s)(shadowAddress=%s))(accountStatus=active)(enabledService=mail)(enabledService=deliver)(|(objectClass=mailAlias)(&(objectClass=mailUser)(enabledService=forward))))
#result_attribute= mailForwardingAddress
#debuglevel      = 0


server_host     = 192.168.0.221
server_port     = 389
version         = 3
bind            = yes
start_tls       = no
bind_dn         = cn=vmail,dc=mku,dc=post
bind_pw         = zaq12wsx
search_base     = ou=people,dc=mku,dc=post
scope           = sub
query_filter    = (&(objectClass=gosaMailAccount)(gosaMailForwardingAddress=*)(|(mail=%s)(gosaMailAlternateAddress=%s)))
result_attribute= gosaMailForwardingAddress
debuglevel      = 0
___________________________________________________________________________________
root@post:/etc/postfix/ldap# cat virtual_mailbox_maps.cf
#server_host     = 127.0.0.1
#server_port     = 389
#version         = 3
#bind            = yes
#start_tls       = no
#bind_dn         = cn=vmail,dc=mku,dc=post
#bind_pw         = BmHsEcYPLijsJWC8G7eBGcJ77NAmiK
#search_base     = o=domains,dc=mku,dc=post
#scope           = sub
#query_filter    = (&(objectClass=mailUser)(|(mail=%s)(&(enabledService=shadowaddress)(shadowAddress=%s)))(accountStatus=active)(enabledService=mail)(enabledService=deliver))
#result_attribute= mailMessageStore
#result_format   = %s/Maildir/
#debuglevel      = 0


server_host     = 192.168.0.221
server_port     = 389
version         = 3
bind            = yes
start_tls       = no
bind_dn         = cn=vmail,dc=mku,dc=post
bind_pw         = zaq12wsx
search_base     = ou=people,dc=mku,dc=post
scope           = one
query_filter    = (&(objectClass=gosaMailAccount)(mail=%s))
result_attribute= uid
result_format   = /var/vmail/%s/
debuglevel      = 0
___________________________________________________________________
root@post:/etc/postfix/ldap# cat sender_login_maps.cf
#server_host     = 127.0.0.1
#server_port     = 389
#version         = 3
#bind            = yes
#start_tls       = no
#bind_dn         = cn=vmail,dc=mku,dc=post
#bind_pw         = BmHsEcYPLijsJWC8G7eBGcJ77NAmiK
#search_base     = o=domains,dc=mku,dc=post
#scope           = sub
#query_filter    = (&(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=smtp)(|(mail=%s)(&(enabledService=shadowaddress)(shadowAddress=%s))))
#result_attribute= mail
#debuglevel      = 0

server_host     = 192.168.0.221
server_port     = 389
version         = 3
bind            = yes
start_tls       = no
bind_dn         = cn=vmail,dc=mku,dc=post
bind_pw         = zaq12wsx
search_base     = ou=people,dc=mku,dc=post
scope           = one
query_filter    = (&(mail=%s)(objectClass=gosaMailAccount))
result_attribute= mail
debuglevel      = 0
___________________________________________________________
root@post:/etc/postfix/ldap# cat virtual_group_maps.cf
#server_host     = 127.0.0.1
#server_port     = 389
#version         = 3
#bind            = yes
#start_tls       = no
#bind_dn         = cn=vmail,dc=mku,dc=post
#bind_pw         = BmHsEcYPLijsJWC8G7eBGcJ77NAmiK
#search_base     = o=domains,dc=mku,dc=post
#scope           = sub
#query_filter    = (&(accountStatus=active)(enabledService=mail)(enabledService=deliver)(|(&(|(memberOfGroup=%s)(shadowAddress=%s))(objectClass=mailUser))(&(memberOfGroup=%s)(!(shadowAddress=%s))(|(objectClass=mailExternalUser)(objectClass=mailList)(objectClass=mailAlias)))))
#result_attribute= mail
#debuglevel      = 0


server_host     = 192.168.0.221
server_port     = 389
version         = 3
bind            = yes
start_tls       = no
bind_dn         = cn=vmail,dc=mku,dc=post
bind_pw         = zaq12wsx
search_base     = ou=groups,dc=mku,dc=post
scope           = sub
query_filter    = (&(objectClass=gosaMailAccount)(objectClass=posixGroup)(mail=%s))
result_attribute= memberUid
result_format   = %u@post.mku.dp.ua
_________________________________________________________
root@post:/etc/dovecot# cat dovecot-ldap.conf
#hosts           = 127.0.0.1:389
#ldap_version    = 3
#auth_bind       = yes
#dn              = cn=vmail,dc=mku,dc=post
#dnpass          = BmHsEcYPLijsJWC8G7eBGcJ77NAmiK
#base            = o=domains,dc=mku,dc=post
#scope           = subtree
#deref           = never
#
## Below two are required by command 'doveadm mailbox ...'
#iterate_attrs   = mail=user
#iterate_filter  = (&(objectClass=mailUser)(accountStatus=active)(enabledService=mail))
#
#user_filter     = (&(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=%Ls%Lc)(|(mail=%u)(&(enabledService=shadowaddress)(shadowAddress=%u))))
#user_attrs      = mail=user,homeDirectory=home,=mail=maildir:~/Maildir/,mailQuota=quota_rule=*:bytes=%$
#pass_filter     = (&(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=%Ls%Lc)(|(mail=%u)(&(enabledService=shadowaddress)(shadowAddress=%u))))
#pass_attrs      = mail=user,userPassword=password
#default_pass_scheme = CRYPT

hosts           = 192.168.0.221:389
ldap_version    = 3
auth_bind       = yes
dn              = cn=vmail,dc=mku,dc=post
dnpass          = zaq12wsx
base            = ou=people,dc=mku,dc=post
scope           = subtree
deref           = never
user_filter     = (&(objectClass=gosaMailAccount)(mail=%u))
pass_filter     = (mail=%u)
pass_attrs      = userPassword=password
default_pass_scheme = PLAIN
user_attrs      = uid=home=/var/vmail/%$,=mail=maildir:~/Maildir/,gosaMailQuota=quota_rule=*:bytes=%$M

6

Re: iRedMail (OpenLDAP) with GOsa

Do I need to make any changes to / usr/share/apache2/roundcubemail/config/main.inc.php?

7

Re: iRedMail (OpenLDAP) with GOsa

Dovecot log:
Nov 28 15:09:03 imap-login: Info: Disconnected (auth failed, 1 attempts in 6 secs): user=<test@post.mku.dp.ua>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<LAaWajzs8QB/AAAB>

8

Re: iRedMail (OpenLDAP) with GOsa

Error found himself. Error in user rights vmail.

9

Re: iRedMail (OpenLDAP) with GOsa

ZhangHuangbin wrote:

First of all, please post your questions in a new topic, do not hijack other's forum topic.

toxa wrote:

SMTP Error (451): Unable to add recipient "test@my.domain" (4.3.0 <test1@my.domain>: Temporary lookup failure)

Please check Postfix log file to see why it reports this error.

Nov 28 16:01:05 post postfix/smtpd[3954]: connect from localhost[127.0.0.1]
Nov 28 16:01:05 post postfix/proxymap[3955]: warning: dict_ldap_lookup: /etc/postfix/ldap/virtual_group_maps.cf: Search base 'ou=groups,dc=mku,dc=post' not found: 32: No such object
Nov 28 16:01:05 post postfix/smtpd[3954]: warning: proxy:ldap:/etc/postfix/ldap/virtual_group_maps.cf lookup error for "test@post.mku.dp.ua"
Nov 28 16:01:05 post postfix/smtpd[3954]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 451 4.3.0 <test@post.mku.dp.ua>: Temporary lookup failure; from=<test@post.mku.dp.ua> to=<admin@toxa.dp.ua> proto=ESMTP helo=<192.168.0.220>
Nov 28 16:01:05 post postfix/smtpd[3954]: disconnect from localhost[127.0.0.1]

10

Re: iRedMail (OpenLDAP) with GOsa

Object ou = groups not in LDAP database GOSa
   
+--> dc=mku,dc=post (5)
  ---> cn=admin
  ---> cn=vmail
  ---> o=GOsaLdapEncoding_,_"_(_)_+_/
  +--> ou=people (2)
  | ---> cn=System Administrator
  | ---> cn=test test
  | ---> Create new entry here
  +--> ou=systems (2)
  | +--> ou=configs (1)
  | | ---> ou=gosa
  | | ---> Create new entry here
  | +--> ou=servers (1)
  | | ---> cn=post.mku.dp.ua
  | | ---> Create new entry here
  | ---> Create new entry here
  ---> Create new entry here

11

Re: iRedMail (OpenLDAP) with GOsa

Creat Group "users"
WORK! ))