[Dovecot] dovecot-ldap.conf for usernames/homes/UID/GID

Stroller stroller at stellar.eclipse.co.uk
Fri Jan 13 14:37:51 EET 2006 

On 12 Jan 2006, at 22:33, Paul Matthews wrote:
>
> Q1. Can dovecot use it's LDAP configuration to get information from  
> Active
> Directory? if so can someone show me and example dovecot-ldap.conf  
> file?

Probably but that's not relevant if you're using WinBind. See below.

> Q2. To this me seams like just virtual user scenario, in virtual  
> users how
> do you get a home directory for mail to be stored in automatically?

pam_mkhomedir, as you've used below.

>
> Q3. In my /etc/pam.d/dovecot pam module (shown below) it requests  
> that you
> make a home directory, when i use this in my sshd pam module and  
> login i
> make a home directory, when i do it via squirrel mail it dosn't  
> make a home
> directory, why?
>
> auth        required      pam_winbind.so
> account 	required      pam_winbind.so
> session	optional      pam_mkhomedir.so

Interesting. Mine says:
   auth       required     /lib/security/pam_winbind.so
   account    required     /lib/security/pam_winbind.so
   session    required     /lib/security/pam_mkhomedir.so skel=/etc/ 
skel umask=0022

The paths to the PAM modules should be irrelevant, but I would  
perhaps add the skel & umask declarations.

> Q4. Here is both my configuration files, can someone tell me what  
> i'm doing
> wrong?
>
> /etc/dovecot-ldap.conf

This is irrelevant if you're using WinBind.

> /etc/dovecot.conf
...
> auth_userdb = ldap /etc/dovecot-ldap.conf
> auth_passdb = pam

Many lines of this .conf file are commented out, and so are  
irrelevant. However it looks like you're using a different format of  
dovecot.conf than I am. I'm told the current 1.0_alpha5 is more  
stable than 0.99.x and it also supports Pam sessions, which you need  
for pam_mkhomedir.

My Dovecot.conf says:
   # /etc/passwd or similar, using getpwnam()
   # In many systems nowadays this uses Name Service Switch, which is
   # configured in /etc/nsswitch.conf.
   userdb passwd {
   }

   passdb pam {
   args = "-session *"
   }


My nsswitch.conf says:
    passwd:     files winbind
    shadow:     files
    group:      files winbind

    hosts:       files dns
    networks:    files dns

    services:    db files
    protocols:   db files
    rpc:         db files
    ethers:      db files
    netmasks:    files
    netgroup:    files
    bootparams:  files

    automount:   files
    aliases:     files

I do not use LDAP at all on my mailserver.

HTH,

Stroller.

More information about the dovecot mailing list