[hcoop/debian/courier-authlib.git] / README.ldap

LDAP support based on a patch by:
Luc Saillard <luc.saillard@alcove.fr>  Thu, 30 Dec 1999 20:33:08 +0100

Adapted as a generic authlib authentication module - SV 12/31/99.

Configuration File
------------------

     LDAP configuration is placed in the file authldaprc, which is installed,
     by default, as /usr/lib/courier-imap/etc/authldaprc.
     Use --with-authldaprc=pathname to override the location.

     This file must be owned by root and have the permissions set to 0400
     because the LDAP administrator password is stored in this file.

     See the default authldaprc for more information.

     CC both me and Luc Saillard for questions on authldap.

Schema
------

OpenLDAP 2.0 defaults to schema checking on all directories.  The file
authldap.schema contains a definition of a LDAP objects
CourierMailAccount, CourierMailAlias, and CourierDomainAlias.

Only CourierMailAccount is used for mailbox authentication (i.e. IMAP,
webmail).  The other two objects are used by LDAP-based mail routing
in the Courier Mail Server.

The file authldap.ldif contains an ldif format definition of the same objects.
This is the same schema definition as in authldap.schema, except in the ldif
format.

Here are some sample LDAP objects that use this schema:

dn: o=example, c=com
ObjectClass: organization
o: example
c: com

dn: mail=xyz123@example.com, o=example, c=com
ObjectClass: CourierMailAccount
ObjectClass: person
cn: Xavier Y Zimmerman
sn: Zimmerman
mail: xyz123@example.com
clearPassword: tux
userPassword: {MD5}WrbkuYvH+3FvwH7Zj+34Ag==
homeDirectory: /home/xyz123
uidNumber: 1001
gidNumber: 1001

dn: mail=mailalias@example.com, o=example, c=com
ObjectClass: CourierMailAlias
ObjectClass: nisMailAlias
cn: mailalias
mail: mailalias
maildrop: xyz123

dn: virtualdomain=domain.com, o=example, c=com
ObjectClass: nisMailAlias
ObjectClass: CourierDomainAlias
cn: domain.com
virtualdomain: domain.com
virtualdomainuser: wxyz456


Notice on Luc's original patch:
-------------------------------

  Copyright (C) 1999 Luc Saillard

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.

  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
Commit	Line	Data
d9898ee8	1	LDAP support based on a patch by:
	2	Luc Saillard <luc.saillard@alcove.fr> Thu, 30 Dec 1999 20:33:08 +0100
	3
	4	Adapted as a generic authlib authentication module - SV 12/31/99.
	5
	6	Configuration File
	7	------------------
	8
	9	LDAP configuration is placed in the file authldaprc, which is installed,
	10	by default, as /usr/lib/courier-imap/etc/authldaprc.
	11	Use --with-authldaprc=pathname to override the location.
	12
	13	This file must be owned by root and have the permissions set to 0400
	14	because the LDAP administrator password is stored in this file.
	15
	16	See the default authldaprc for more information.
	17
	18	CC both me and Luc Saillard for questions on authldap.
	19
	20	Schema
	21	------
	22
	23	OpenLDAP 2.0 defaults to schema checking on all directories. The file
	24	authldap.schema contains a definition of a LDAP objects
	25	CourierMailAccount, CourierMailAlias, and CourierDomainAlias.
	26
	27	Only CourierMailAccount is used for mailbox authentication (i.e. IMAP,
	28	webmail). The other two objects are used by LDAP-based mail routing
	29	in the Courier Mail Server.
	30
8d138742 CE	31	The file authldap.ldif contains an ldif format definition of the same objects.
	32	This is the same schema definition as in authldap.schema, except in the ldif
	33	format.
	34
d9898ee8	35	Here are some sample LDAP objects that use this schema:
	36
	37	dn: o=example, c=com
	38	ObjectClass: organization
	39	o: example
	40	c: com
	41
	42	dn: mail=xyz123@example.com, o=example, c=com
	43	ObjectClass: CourierMailAccount
8d138742 CE	44	ObjectClass: person
	45	cn: Xavier Y Zimmerman
	46	sn: Zimmerman
d9898ee8	47	mail: xyz123@example.com
d9898ee8	48	clearPassword: tux
	49	userPassword: {MD5}WrbkuYvH+3FvwH7Zj+34Ag==
	50	homeDirectory: /home/xyz123
	51	uidNumber: 1001
	52	gidNumber: 1001
	53
	54	dn: mail=mailalias@example.com, o=example, c=com
	55	ObjectClass: CourierMailAlias
8d138742 CE	56	ObjectClass: nisMailAlias
8d138742 CE	57	cn: mailalias
d9898ee8	58	mail: mailalias
	59	maildrop: xyz123
	60
	61	dn: virtualdomain=domain.com, o=example, c=com
8d138742	62	ObjectClass: nisMailAlias
d9898ee8	63	ObjectClass: CourierDomainAlias
8d138742	64	cn: domain.com
d9898ee8	65	virtualdomain: domain.com
	66	virtualdomainuser: wxyz456
	67
	68
	69	Notice on Luc's original patch:
	70	-------------------------------
	71
	72	Copyright (C) 1999 Luc Saillard
	73
	74	This program is free software; you can redistribute it and/or modify
	75	it under the terms of the GNU General Public License as published by
	76	the Free Software Foundation; either version 2 of the License, or
	77	(at your option) any later version.
	78
	79	This program is distributed in the hope that it will be useful,
	80	but WITHOUT ANY WARRANTY; without even the implied warranty of
	81	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	82	GNU General Public License for more details.
	83
	84	You should have received a copy of the GNU General Public License
	85	along with this program; if not, write to the Free Software
	86	Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
	87