Postfix Dovecot LDAP setup

Thu Jan 22 23:10:17 UTC 2015

... Silly me ... turns out I had a newline in my LDIF .... that's why it 
ignored all the attributes below.
wasted 1.5 days on this flippn thing. Crap ;(

Anyway .. happy to move on now ;)

Am 22.01.15 um 22:19 schrieb Leander Schäfer:
> [EDIT]: Sorry about the second mail. ignore the first one - it had try 
> & and error mistakes in. Problem is still the very same as explaned 
> below. Thanks a lot.
>
>
>
> Hi,
>
> since days I'm trying to substitude my SQL based Postfix/Dovecot mail 
> server by a LDAP based setup. Everything seems to go smooth so far - 
> thanks to the many how to and Dovecot wiki. Unfortunately I'm 
> struggeling, since I have to create individual a LDAP schema which 
> suits the currently used LDAP structure. The current tructure looks 
> like this:
>
> => dc=MyDomain,dc=TLD
> ==> ou=People
> ===> uid=User-1
> ====> ou=mail
> ===> uid=User-2
> ====> ou=mail
>
> ... and so on ...
>
>
> Within ou=mail should be the individual mail account(s) information of 
> a user. So in the end I want to add a(nother) mail account by 
> something like this:
>
> cat << EOF > ./newUser.ldif
> dn: 
> mailAddress=Test at Domain.TLD,ou=mail,uid=User-1,ou=people,dc=MyDomain,dc=TLD
> objectclass: top
> objectclass: mailAccount
>
> mailAddress: Test at Domain.TLD
> MailPassword: {SSHA}SomePassword
> MailAccountStatus: active
> [...]
> EOF
>
>
> Therefore I setup a LDAP schema like the following, but it seems to 
> ignore the attributes "MailPassword" and "noMailAccountStatus". Why? I 
> don't understand what I'm missing here on my objectclass? ;/
>
>
>
> # ====================== LDAP schema ======================= #
>
>
> #
> # OID Macros (10001 should be IANA-registered)
> #
>
> objectidentifier nameSpace                  1.3.6.1.4.1.10001
> objectidentifier mail                       nameSpace:1
> objectidentifier objectClassAccount         mail:1
> objectidentifier objectClassAccountInfo     mail:2
>
>
> #
> # Attributes: objectClass[NAME]:1.[SERIAL]
> #
>
> attributetype ( objectClassAccount:1.1
>     NAME 'mailAddress'
>     DESC 'The hosted mail addresses'
>     EQUALITY caseIgnoreIA5Match
>     SUBSTR caseIgnoreIA5SubstringsMatch
>     SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
>     SINGLE-VALUE )
>
> attributetype ( objectClassAccount:1.2
>     NAME 'MailPassword'
>     DESC 'The hosted mail password'
>     EQUALITY octetStringMatch
>     SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
>
> attributetype ( objectClassAccount:1.3
>     NAME 'MailAccountStatus'
>     DESC 'The status of a user account: active, noaccess, disabled, 
> deleted'
>     EQUALITY caseIgnoreIA5Match
>     SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
>     SINGLE-VALUE )
>
> [...]
>
> #
> # Objects: objectClass[NAME]:2.[SERIAL]
> #
>
> objectclass ( objectClassAccount:2.1
>     NAME 'mailAccount'
>     SUP ( top )
>     STRUCTURAL
>     DESC 'Mail account'
>     MUST ( mailAddress )
>     MAY ( MailPassword $ MailAccountStatus ) )
>
> # ====================================================== #
>
>
> Thanks
>
>
> Best Regards,
> Leander