Difference between revisions of "LDAP and Claws Mail"

From Claws Mail FAQ
Jump to: navigation, search
m (Reverted edit of Draconianintros, changed back to last version by Zyghom)
 
Line 1: Line 1:
[http://www.squidoo.com/design-and-construction-tips http://nedesignbuild.com]
+
=LDAP and Claws Mail HOWTO based on Kubuntu (7.10)=
  
http://www.squidoo.com/design-and-construction-tips
+
Example describes installation and configuration on Ubuntu 7.10 but should be valid for other distributions also.
 +
It covers:
 +
* openldap installation and configuration
 +
* claws-mail configuration to use with LDAP
 +
==REMOVING OLD INSTALLATION==
 +
*In case slapd is already installed, either go to point [[#CONFIGURATION]] or reinstall it with commands:
 +
:<pre>sudo apt-get purge slapd</pre>
 +
:<pre>sudo rm -rf /etc/ldap</pre>
 +
::<i>(in case your LDAP configuration is not yet in use)</i>
 +
:<pre>sudo rm -rf /var/run/slapd</pre>
 +
::<i>(in case your LDAP database is not yet filled)</i>
  
Cambridge
+
==INSTALLATION==
 +
*Install slapd:
 +
:<pre>sudo apt-get install slapd</pre>
 +
:during installation Ubuntu usually asks you for ldap admin password - use any - even empty - later we can change it anyway
  
 +
==CONFIGURATION==
 +
*make sure to shut down LDAP server after installation:
 +
:<pre>sudo /etc/init.d/slapd stop</pre>
 +
*folder for storing data:
 +
:make directory where your LDAP will store data - by default it is /var/run/slapd but i don't recommend it for backup purposes (in case your root partition is to be reinstalled - OS crashed or whatever - then LDAP db is also vanished - my proposal is to use i.e. directory /home/ldap
 +
::<pre>sudo mkdir /home/ldap</pre>
 +
:Because Ubuntu by default runs slapd daemon as user openldap (created automatically during slapd installation), then we must change the ownership of this directory:
 +
::<pre>sudo chown -R openldap:openldap /home/ldap</pre>
 +
:as an alternative is to change default behaviour of slapd in file /etc/default/slapd the line:
 +
::<pre>SLAPD_USER="openldap"</pre>
 +
:should be changed to:
 +
::<pre>SLAPD_USER=</pre>
 +
:and in this case slapd runs as root and changing ownership is not needed - in this HOWTO we change the ownership to avoid the mismatch with Ubuntu default settings
 +
*main config file creation: /etc/ldap/slapd.conf
 +
:copy current config file:
 +
::<pre>sudo cp /etc/ldap/slapd.conf /etc/ldap/slapd.conf-org</pre>
 +
:create main password for ldap:
 +
::<pre>slappasswd -s "your_password"</pre>
 +
::<i>where  "your_password" is any string without quotes of course</i>
 +
:as an output you get for example:
 +
::<pre>{SSHA}QqvOMErMXSJXRfLdmoIjMHEey129M5Qt</pre>
 +
::<i>this is your password encrypted to be used later in config file</i>
 +
:modify configuration file
 +
::<pre>sudo gedit (or kedit) /etc/ldap/slapd.conf</pre>
 +
:and put there (instead of everything what you find there):
 +
<code><pre>
 +
include        /etc/ldap/schema/core.schema
 +
include        /etc/ldap/schema/cosine.schema
 +
include        /etc/ldap/schema/nis.schema
 +
include        /etc/ldap/schema/inetorgperson.schema
 +
schemacheck    on
 +
pidfile        /var/run/slapd/slapd.pid
 +
argsfile        /var/run/slapd/slapd.args
 +
loglevel        0
 +
modulepath /usr/lib/ldap
 +
moduleload back_bdb
 +
backend bdb
 +
checkpoint 512 30
  
 +
database        bdb
 +
suffix          "dc=nodomain"
 +
rootdn          "cn=admin,dc=nodomain"
 +
rootpw {SSHA}QqvOMErMXSJXRfLdmoIjMHEey129M5Qt
 +
directory      "/home/ldap"
 +
index          objectClass eq
 +
lastmod        on
 +
</pre></code>
 +
:create database config file:
 +
::<pre>sudo gedit (or kedit) /home/ldap/DB_CONFIG </pre>
 +
<code><pre>
 +
set_cachesize 0 2097152 0
 +
set_lg_bsize 524288
 +
set_lk_max_objects      5000
 +
set_lk_max_locks        5000
 +
set_lk_max_lockers 5000
 +
</pre></code>
 +
:these are default settings, not needed to be changed at this point
 +
:if you changed /home/ldap to be owned by openldap user then it must be repeated at this point at least for this created file:
 +
::<pre>sudo chown openldap:openldap /home/ldap/DB_CONFIG</pre>
  
REMODELING
+
==STARTING LDAP==
 +
*start ldap to see if it is working:
 +
:<pre>sudo /etc/init.d/slapd start</pre>
 +
:and check if working:
 +
::<pre>ps -ef | grep slapd  | grep -v grep</pre>
 +
:if you see something like this:
 +
::<pre>openldap  8662    1  0 10:43 ?        00:00:00 /usr/sbin/slapd -g openldap -u openldap</pre>
 +
:then this means it works (ldap server)
 +
:if not just start command:
 +
::<pre>sudo slapd -d 256 </pre>
 +
:and see any errors which may occur and ... try to find out problem by yourself (use google, or contact me)
 +
==FEEDING LDAP WITH INITIAL DATA==
 +
*now, ldap is working but empty, lets configure top of it:
 +
:<pre>gedit (or kedit) /tmp/1.ldif  </pre>
 +
:and put there:
 +
<code><pre>
 +
dn: dc=nodomain
 +
objectclass: dcObject
 +
objectclass: organization
 +
o: My Computer LDAP
 +
dc: nodomain
  
Some things to consider when think about your renovating kitchen or kitchen area includeHouse
+
dn: cn=admin,dc=nodomain
 +
objectclass: organizationalRole
 +
cn: admin
 +
</pre></code>
 +
*now import it to ldap:
 +
:<pre>ldapadd -x -D "cn=admin,dc=nodomain" -W -f /tmp/1.ldif</pre>
 +
:it will ask you for your LDAP password
 +
:proper output should be:
 +
<code><pre>
 +
Enter LDAP Password:
 +
adding new entry "dc=nodomain"
  
With the economy and housing market in a real estate turmoil, home continual has become house makeover popular come to be ever
+
adding new entry "cn=admin,dc=nodomain"
 +
</pre></code>
 +
:in case of password mistake it will be:
 +
:<pre>ldap_bind: Invalid credentials (49)</pre>
 +
:<b>don't repeat this command</b> if successfully imported as it will fail second time saying:
 +
<code><pre>
 +
adding new entry "dc=nodomain"
 +
ldap_add: Already exists (68)
 +
</pre></code>
 +
:now we can see if imported:
 +
:<pre>sudo slapcat </pre>
 +
:proper output should be:
 +
<code><pre>
 +
dn: dc=nodomain
 +
objectClass: dcObject
 +
objectClass: organization
 +
o: My Computer LDAP
 +
dc: nodomain
 +
structuralObjectClass: organization
 +
entryUUID: 35b05380-52e0-102c-8f25-0fc5f46797d9
 +
creatorsName: cn=admin,dc=nodomain
 +
createTimestamp: 20080109092257Z
 +
entryCSN: 20080109092257Z#000000#00#000000
 +
modifiersName: cn=admin,dc=nodomain
 +
modifyTimestamp: 20080109092257Z
  
beforeProminent When you decide on to upgrade,  
+
dn: cn=admin,dc=nodomain
 +
objectClass: organizationalRole
 +
cn: admin
 +
structuralObjectClass: organizationalRole
 +
entryUUID: 35b335f0-52e0-102c-8f26-0fc5f46797d9
 +
creatorsName: cn=admin,dc=nodomain
 +
createTimestamp: 20080109092257Z
 +
entryCSN: 20080109092257Z#000001#00#000000
 +
modifiersName: cn=admin,dc=nodomain
 +
modifyTimestamp: 20080109092257Z
 +
</pre></code>
 +
:you should see 2 records (regardless if ldap is up or not - slapcat prints data from db - not using server deamon)
 +
*adding real data:
 +
:create file /tmp/2.ldif and put in there:
 +
:<pre>gedit (or kedit) /tmp/1.ldif  </pre>
 +
:and put there:
 +
<code><pre>
 +
dn: cn=Zygfryd Homonto ,dc=nodomain
 +
cn: Zygfryd Homonto
 +
sn: Zygfryd
 +
mail: zyghom@yahoo.co.uk
 +
objectClass: top
 +
objectClass: person
 +
objectClass: organizationalPerson
 +
objectClass: inetOrgPerson
 +
</pre></code>
 +
:now import it to ldap:
 +
:<pre>ldapadd -x -D "cn=admin,dc=nodomain" -W -f /tmp/2.ldif</pre>
 +
:proper output should be:
 +
<code><pre>
 +
Enter LDAP Password:
 +
adding new entry "cn=Zygfryd Homonto ,dc=nodomain"
 +
</pre></code>
 +
:check if imported:
 +
:<pre>sudo slapcat </pre>
 +
:now it should show 3 records
 +
==CONFIGURING Claws-Mail==
 +
*start claws-mail
 +
*go to Addressbook->Menu: Book->New LDAP Server and there:
 +
<pre>
 +
Name: any name, i.e. Myserver
 +
hostname: localhost
 +
Port: 389 TLS: not CHECKED
 +
SSL: not CHECKED
 +
</pre>
 +
:then press button "Check server"
 +
::<i>claws should fill the field: "Search Base" by: "dc=nodomain" by itself and in the bottom should say: "Connected successfully to server"</i>
 +
:now go to tab "Extended" and there"
 +
<pre>
 +
Bind DN: cn=admin,dc=nodomain
 +
Bind Password: password
 +
</pre>
 +
:Then tab "Search"
 +
<pre>
 +
Search Attributes: mail, cn, givenName, sn, displayName
 +
Max Query Age: 600
 +
Include server in dynamic search: CHECKED
 +
Match names containing... CHECKED
 +
</pre>
  
you could essentially build the home that you have
+
ok, claws should be ready to cooperate with LDAP
 +
in addressbook you should see now "Myserver" under LDAP Servers
 +
go to field "Lookup name" and type i.e. homonto and press Find
 +
you should see my name there
  
actually constantly dreamed of without having to fret about the sale of your
+
=AUTOMATIC LDAP CREATION AND CONFIGURATION=
 +
*If you are brave enough (joke) you can use the script I prepared. It does all steps mentioned above (except reconfiguring claws-mail: <b>this one must do by himself</b>).
 +
:Just save all lines to text file, i.e:
 +
:<pre>gedit (or kedit) /tmp/ldap.sh</pre>
 +
:and make it executable:
 +
:<pre>chmod +x /tmp/ldap.sh</pre>
 +
:Then run the script:
 +
:<pre>sudo /tmp/ldap.sh</pre>
 +
:when asked for LDAP password just pres Enter - it is later changed by script to "password" (without quotes)
 +
<code><pre>
 +
#!/bin/bash
 +
datka=`date '+%Y%m%d_%H%M'`
 +
echo purging existing LDAP...
 +
cp /etc/default/slapd /etc/default/slapd_$datka
 +
cp /etc/ldap/slapd.conf  /etc/ldap/slapd.conf_$datka
 +
apt-get purge slapd
 +
mv /etc/ldap  /etc/ldap_$datka
 +
mv /var/run/slapd /var/run/slapd_$datka
 +
mv /home/ldap /home/ldap_$datka
 +
mv /etc/default/slapd /etc/default/slapd_$datka
 +
apt-get install slapd
  
house, locating the right house, paying closing
+
echo stopping LDAP...
 +
/etc/init.d/slapd stop
  
expenses, a down repayment and every thing else that goes
+
echo preparing folder...
 +
mkdir /home/ldap
 +
chown -R openldap:openldap /home/ldap
 +
ls -la /home/ldap
 +
echo configuring slapd.conf...
 +
mv /etc/ldap/slapd.conf /etc/ldap/slapd.conf-org_$datka
 +
cat > /etc/ldap/slapd.conf << "EOF"
 +
#-------------------------------------------------------
 +
include        /etc/ldap/schema/core.schema
 +
include        /etc/ldap/schema/cosine.schema
 +
include        /etc/ldap/schema/nis.schema
 +
include        /etc/ldap/schema/inetorgperson.schema
 +
schemacheck    on
 +
pidfile        /var/run/slapd/slapd.pid
 +
argsfile        /var/run/slapd/slapd.args
 +
loglevel        0
 +
modulepath /usr/lib/ldap
 +
moduleload back_bdb
 +
backend bdb
 +
checkpoint 512 30
  
with the acquisition and sale of a home. When you select to upgrade, you can essentially build the
+
database        bdb
 +
suffix          "dc=nodomain"
 +
rootdn          "cn=admin,dc=nodomain"
 +
rootpw {SSHA}A05/lroKS5fDHnBXn56I9BI84L5lDOhX
 +
directory      "/home/ldap"
 +
index          objectClass eq
 +
lastmod        on
 +
#-------------------------------------------------------
 +
EOF
 +
echo configuring DB_CONFIG...
 +
cat > /home/ldap/DB_CONFIG << "EOF"
 +
#-------------------------------------------------------
 +
set_cachesize 0 2097152 0
 +
set_lg_bsize 524288
 +
set_lk_max_objects      5000
 +
set_lk_max_locks        5000
 +
set_lk_max_lockers 5000
 +
#-------------------------------------------------------
 +
EOF
 +
chown openldap:openldap /home/ldap/DB_CONFIG
 +
chmod -R 700 /home/ldap
 +
ls -la /home/ldap
 +
echo starting LDAP...
 +
/etc/init.d/slapd start
 +
if `ps -ef | grep '/usr/sbin/slapd -g openldap -u openldap'  | grep -v grep  > /dev/null 2>&1` ; then
 +
echo LDAP seems to be working
 +
ps -ef | grep '/usr/sbin/slapd -g openldap -u openldap'  | grep -v grep
 +
else
 +
echo Some errors here, exiting...
 +
exit
 +
fi
 +
echo feeding top data in LDAP...
 +
cat > /tmp/1.ldif << "EOF"
 +
#------------------------------
 +
dn: dc=nodomain
 +
objectclass: dcObject
 +
objectclass: organization
 +
o: My Computer LDAP
 +
dc: nodomain
  
house that you have actually constantly dreamed of without having to  
+
dn: cn=admin,dc=nodomain
 +
objectclass: organizationalRole
 +
cn: admin
 +
#------------------------------
 +
EOF
 +
ldapadd -x -D "cn=admin,dc=nodomain" -w password -f /tmp/1.ldif
 +
echo checking data in LDAP...
 +
slapcat
 +
echo adding example data to LDAP...
 +
cat > /tmp/2.ldif << "EOF"
 +
#------------------------------
 +
dn: cn=Zygfryd Homonto ,dc=nodomain
 +
cn: Zygfryd Homonto
 +
sn: Zygfryd
 +
mail: zyghom@yahoo.co.uk
 +
objectClass: top
 +
objectClass: person
 +
objectClass: organizationalPerson
 +
objectClass: inetOrgPerson
 +
#------------------------------
 +
EOF
 +
ldapadd -x -D "cn=admin,dc=nodomain" -w password -f /tmp/2.ldif
 +
echo checking data in LDAP...
 +
if ` slapcat | grep omonto  | grep -v grep  > /dev/null 2>&1` ; then
 +
slapcat
 +
echo " "
 +
echo LDAP seems to be working
 +
else
 +
echo Some errors here, exiting...
 +
exit
 +
fi
 +
echo "all data is here: /home/ldap..."
 +
ls -la /home/ldap
 +
</pre></code>
  
fret about the sale of your residence, discovering the right
+
=GUARANTEE AND RESPONSIBILITY=
 
+
*sorry but nothing like this
home, paying closing expenses, a down repayment and every thing else that goes with the purchase and sale of a
+
*in case of problems you can contact me by mail: zyghomATyahooDOTcoDOTuk
 
+
residence.
+
 
+
Constantly employ a certified and seasoned redesigning
+
 
+
contractor. For a project to be completed right, there is extensive sychronisation, permitting and additional elements that should be taken into account. Always employ a certified and skilled upgrading contractor.
+
 
+
One of the greatest mistakes that property owners make when getting
+
 
+
started on a residence remodel is to not know just what
+
 
+
they prefer before they get begun. One of the most
+
 
+
significant errors that property owners make
+
 
+
when beginning on a residence remodel is to not know
+
 
+
just what they desire prior to they get begun.
+
 
+
Due to the fact that remodels commonly include taking
+
 
+
down walls and moving around crucial parts, it is
+
 
+
crucial to understand exactly just what your project
+
 
+
will be prior to permitting your contractor to begin.
+
 
+
 
+
 
+
Every renovation project will have a surprise or two along with it. Instead of being caught off guard, simply be prepared
+
 
+
for every thing to take a little longer, and not go
+
 
+
totally as organized.
+
 
+
Do not cut corners. Your remodel should be safe, complete, important addition to your house. By making sure it's done right, you
+
 
+
not just ensure your safety and long-lasting
+
 
+
contentment, but also the prolonged
+
 
+
resale value of your house if you do decide to move later on.
+
 
+
By starting with the above factors to consider, you
+
 
+
could be well on your means to an effective and
+
 
+
enjoyable upgrading experience. Do not let the scope of such a
+
 
+
project turn you away. You will certainly be thankful as soon as
+
 
+
every little thing is total.
+
 
+
Inspect for experience, however additionally just how long they
+
 
+
have actually been designing traditional brand-new
+
 
+
Hampshire-style domestic structures.
+
 
+
Based upon your examination, select your
+
 
+
specialist in New Hampshire architecture. REMODELING
+
 
+
Some things to look at when redesigning your
+
 
+
existing kitchen or home consist of:
+
 
+
With the economic situation and real estate market in a
+
 
+
constant turmoil, residence
+
 
+
redesign has actually become much more preferred than
+
 
+
ever before. Instead of transferring to a brand-new home, or developing one from scratch,
+
 
+
many home owners are choosing
+
 
+
this course when it comes time to change or expand. When you
+
 
+
choose to redesign, you can  
+
 
+
practically build the home that you have actually
+
 
+
constantly longed for without having to bother with the sale of your residence, discovering the right
+
 
+
home, paying closing prices, a down repayment and every thing else that chooses the
+
 
+
acquisition and sale of a residence.
+
 
+
IMPROVEMENT
+
 
+
Some things to consider when think about your
+
 
+
upgrading kitchen or kitchen area includeHouse
+
 
+
Feature the economy and housing market in a real estate turmoil, home remodeling has become
+
 
+
residence makeover has actually come to be ever
+
 
+
before. When you pick to renovate,
+
 
+
you could essentially build the home that you've always dreamed of without having to worry about the sale of your residence, locating the right house, paying closing prices, a down payment and every thing else that goes
+
 
+
with the purchase and sale of a house. When you pick to remodel, you could basically build the
+
 
+
home that you've constantly dreamed of without having to worry about the sale of your residence, discovering the right residence, paying closing prices, a down repayment and every
+
 
+
little thing else that goes with the acquisition and sale of a
+
 
+
residence.
+
 
+
IMPROVEMENT
+
 
+
Some things to consider when look at your renovating kitchen or kitchen area includeResidence
+
 
+
With the economy and housing market in a
+
 
+
continuous turmoil, home constant has become much improvement has actually than ever
+
 
+
beforeProminent When you pick to redesign,
+
 
+
you could essentially build the house that you've always dreamed of without having to worry about the sale of your home, discovering the right home, paying closing costs, a down repayment and everything else that goes
+
 
+
with the acquisition and sale of a house. [http://www.squidoo.com/design-and-construction-tips For individuals residing in Charlestown who might
+
 
+
be looking for Home
+
 
+
Remodeler]
+

Latest revision as of 18:37, 3 October 2012

Contents

LDAP and Claws Mail HOWTO based on Kubuntu (7.10)

Example describes installation and configuration on Ubuntu 7.10 but should be valid for other distributions also. It covers:

  • openldap installation and configuration
  • claws-mail configuration to use with LDAP

REMOVING OLD INSTALLATION

  • In case slapd is already installed, either go to point #CONFIGURATION or reinstall it with commands:
sudo apt-get purge slapd
sudo rm -rf /etc/ldap
(in case your LDAP configuration is not yet in use)
sudo rm -rf /var/run/slapd
(in case your LDAP database is not yet filled)

INSTALLATION

  • Install slapd:
sudo apt-get install slapd
during installation Ubuntu usually asks you for ldap admin password - use any - even empty - later we can change it anyway

CONFIGURATION

  • make sure to shut down LDAP server after installation:
sudo /etc/init.d/slapd stop
  • folder for storing data:
make directory where your LDAP will store data - by default it is /var/run/slapd but i don't recommend it for backup purposes (in case your root partition is to be reinstalled - OS crashed or whatever - then LDAP db is also vanished - my proposal is to use i.e. directory /home/ldap
sudo mkdir /home/ldap
Because Ubuntu by default runs slapd daemon as user openldap (created automatically during slapd installation), then we must change the ownership of this directory:
sudo chown -R openldap:openldap /home/ldap
as an alternative is to change default behaviour of slapd in file /etc/default/slapd the line:
SLAPD_USER="openldap"
should be changed to:
SLAPD_USER=
and in this case slapd runs as root and changing ownership is not needed - in this HOWTO we change the ownership to avoid the mismatch with Ubuntu default settings
  • main config file creation: /etc/ldap/slapd.conf
copy current config file:
sudo cp /etc/ldap/slapd.conf /etc/ldap/slapd.conf-org
create main password for ldap:
slappasswd -s "your_password"
where "your_password" is any string without quotes of course
as an output you get for example:
{SSHA}QqvOMErMXSJXRfLdmoIjMHEey129M5Qt
this is your password encrypted to be used later in config file
modify configuration file
sudo gedit (or kedit) /etc/ldap/slapd.conf
and put there (instead of everything what you find there):
include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/inetorgperson.schema
schemacheck     on
pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd/slapd.args
loglevel        0
modulepath	/usr/lib/ldap
moduleload	back_bdb
backend		bdb
checkpoint 512 30

database        bdb
suffix          "dc=nodomain"
rootdn          "cn=admin,dc=nodomain"
rootpw		{SSHA}QqvOMErMXSJXRfLdmoIjMHEey129M5Qt
directory       "/home/ldap"
index           objectClass eq
lastmod         on
create database config file:
sudo gedit (or kedit) /home/ldap/DB_CONFIG 
set_cachesize 	0	2097152		0
set_lg_bsize	524288
set_lk_max_objects      5000
set_lk_max_locks        5000
set_lk_max_lockers	5000
these are default settings, not needed to be changed at this point
if you changed /home/ldap to be owned by openldap user then it must be repeated at this point at least for this created file:
sudo chown openldap:openldap /home/ldap/DB_CONFIG

STARTING LDAP

  • start ldap to see if it is working:
sudo /etc/init.d/slapd start
and check if working:
ps -ef | grep slapd  | grep -v grep
if you see something like this:
openldap  8662     1  0 10:43 ?        00:00:00 /usr/sbin/slapd -g openldap -u openldap
then this means it works (ldap server)
if not just start command:
sudo slapd -d 256 
and see any errors which may occur and ... try to find out problem by yourself (use google, or contact me)

FEEDING LDAP WITH INITIAL DATA

  • now, ldap is working but empty, lets configure top of it:
gedit (or kedit) /tmp/1.ldif  
and put there:
dn: dc=nodomain
objectclass: dcObject
objectclass: organization
o: My Computer LDAP
dc: nodomain

dn: cn=admin,dc=nodomain
objectclass: organizationalRole
cn: admin
  • now import it to ldap:
ldapadd -x -D "cn=admin,dc=nodomain" -W -f /tmp/1.ldif
it will ask you for your LDAP password
proper output should be:
Enter LDAP Password: 
adding new entry "dc=nodomain"

adding new entry "cn=admin,dc=nodomain"
in case of password mistake it will be:
ldap_bind: Invalid credentials (49)
don't repeat this command if successfully imported as it will fail second time saying:
adding new entry "dc=nodomain"
ldap_add: Already exists (68)
now we can see if imported:
sudo slapcat 
proper output should be:
dn: dc=nodomain
objectClass: dcObject
objectClass: organization
o: My Computer LDAP
dc: nodomain
structuralObjectClass: organization
entryUUID: 35b05380-52e0-102c-8f25-0fc5f46797d9
creatorsName: cn=admin,dc=nodomain
createTimestamp: 20080109092257Z
entryCSN: 20080109092257Z#000000#00#000000
modifiersName: cn=admin,dc=nodomain
modifyTimestamp: 20080109092257Z

dn: cn=admin,dc=nodomain
objectClass: organizationalRole
cn: admin
structuralObjectClass: organizationalRole
entryUUID: 35b335f0-52e0-102c-8f26-0fc5f46797d9
creatorsName: cn=admin,dc=nodomain
createTimestamp: 20080109092257Z
entryCSN: 20080109092257Z#000001#00#000000
modifiersName: cn=admin,dc=nodomain
modifyTimestamp: 20080109092257Z
you should see 2 records (regardless if ldap is up or not - slapcat prints data from db - not using server deamon)
  • adding real data:
create file /tmp/2.ldif and put in there:
gedit (or kedit) /tmp/1.ldif  
and put there:
dn: cn=Zygfryd Homonto ,dc=nodomain
cn: Zygfryd Homonto
sn: Zygfryd 
mail: zyghom@yahoo.co.uk
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
now import it to ldap:
ldapadd -x -D "cn=admin,dc=nodomain" -W -f /tmp/2.ldif
proper output should be:
Enter LDAP Password: 
adding new entry "cn=Zygfryd Homonto ,dc=nodomain"
check if imported:
sudo slapcat 
now it should show 3 records

CONFIGURING Claws-Mail

  • start claws-mail
  • go to Addressbook->Menu: Book->New LDAP Server and there:
Name: any name, i.e. Myserver
hostname: localhost 
Port: 389 TLS: not CHECKED 
SSL: not CHECKED
then press button "Check server"
claws should fill the field: "Search Base" by: "dc=nodomain" by itself and in the bottom should say: "Connected successfully to server"
now go to tab "Extended" and there"
Bind DN: cn=admin,dc=nodomain
Bind Password: password
Then tab "Search"
Search Attributes: mail, cn, givenName, sn, displayName
Max Query Age: 600
Include server in dynamic search: CHECKED
Match names containing... CHECKED

ok, claws should be ready to cooperate with LDAP in addressbook you should see now "Myserver" under LDAP Servers go to field "Lookup name" and type i.e. homonto and press Find you should see my name there

AUTOMATIC LDAP CREATION AND CONFIGURATION

  • If you are brave enough (joke) you can use the script I prepared. It does all steps mentioned above (except reconfiguring claws-mail: this one must do by himself).
Just save all lines to text file, i.e:
gedit (or kedit) /tmp/ldap.sh
and make it executable:
chmod +x /tmp/ldap.sh
Then run the script:
sudo /tmp/ldap.sh
when asked for LDAP password just pres Enter - it is later changed by script to "password" (without quotes)
#!/bin/bash
datka=`date '+%Y%m%d_%H%M'`
echo purging existing LDAP...
cp /etc/default/slapd /etc/default/slapd_$datka
cp /etc/ldap/slapd.conf  /etc/ldap/slapd.conf_$datka
apt-get purge slapd
mv /etc/ldap  /etc/ldap_$datka
mv /var/run/slapd /var/run/slapd_$datka
mv /home/ldap /home/ldap_$datka
mv /etc/default/slapd /etc/default/slapd_$datka
apt-get install slapd

echo stopping LDAP...
/etc/init.d/slapd stop

echo preparing folder...
mkdir /home/ldap
chown -R openldap:openldap /home/ldap
ls -la /home/ldap
echo configuring slapd.conf...
mv /etc/ldap/slapd.conf /etc/ldap/slapd.conf-org_$datka
cat > /etc/ldap/slapd.conf << "EOF"
#-------------------------------------------------------
include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/inetorgperson.schema
schemacheck     on
pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd/slapd.args
loglevel        0
modulepath	/usr/lib/ldap
moduleload	back_bdb
backend		bdb
checkpoint 512 30

database        bdb
suffix          "dc=nodomain"
rootdn          "cn=admin,dc=nodomain"
rootpw		{SSHA}A05/lroKS5fDHnBXn56I9BI84L5lDOhX
directory       "/home/ldap"
index           objectClass eq
lastmod         on
#-------------------------------------------------------
EOF
echo configuring DB_CONFIG...
cat > /home/ldap/DB_CONFIG << "EOF"
#-------------------------------------------------------
set_cachesize 	0	2097152		0
set_lg_bsize	524288
set_lk_max_objects      5000
set_lk_max_locks        5000
set_lk_max_lockers	5000
#-------------------------------------------------------
EOF
chown openldap:openldap /home/ldap/DB_CONFIG
chmod -R 700 /home/ldap
ls -la /home/ldap
echo starting LDAP...
/etc/init.d/slapd start
if `ps -ef | grep '/usr/sbin/slapd -g openldap -u openldap'  | grep -v grep  > /dev/null 2>&1` ; then
		echo LDAP seems to be working
		ps -ef | grep '/usr/sbin/slapd -g openldap -u openldap'  | grep -v grep
	else
		echo Some errors here, exiting...
		exit
	fi
echo feeding top data in LDAP...
cat > /tmp/1.ldif << "EOF"
#------------------------------
dn: dc=nodomain
objectclass: dcObject
objectclass: organization
o: My Computer LDAP
dc: nodomain

dn: cn=admin,dc=nodomain
objectclass: organizationalRole
cn: admin
#------------------------------
EOF
ldapadd -x -D "cn=admin,dc=nodomain" -w password -f /tmp/1.ldif
echo checking data in LDAP...
slapcat 
echo adding example data to LDAP...
cat > /tmp/2.ldif << "EOF"
#------------------------------
dn: cn=Zygfryd Homonto ,dc=nodomain
cn: Zygfryd Homonto
sn: Zygfryd 
mail: zyghom@yahoo.co.uk
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
#------------------------------
EOF
ldapadd -x -D "cn=admin,dc=nodomain" -w password -f /tmp/2.ldif
echo checking data in LDAP...
if ` slapcat | grep omonto  | grep -v grep  > /dev/null 2>&1` ; then
		slapcat
		echo " "
		echo LDAP seems to be working
	else
		echo Some errors here, exiting...
		exit
	fi
echo "all data is here: /home/ldap..."
ls -la /home/ldap

GUARANTEE AND RESPONSIBILITY

  • sorry but nothing like this
  • in case of problems you can contact me by mail: zyghomATyahooDOTcoDOTuk