LDAP and Claws Mail

From Claws Mail FAQ
Revision as of 15:38, 9 January 2008 by Zyghom (Talk | contribs)

Jump to: navigation, search

Contents

LDAP and Claws Mail HOWTO based on Kubuntu (7.10)

Exaple describes installation and configuration on Ubuntu 7.10 but should be valid for other distributions also. It covers:

  • openldap installation and configuration
  • claws-mail configuration to use with LDAP

REMOVING OLD INSTALLATION

  • In case slapd is already installed, either go to point 4 or reinstall it with commands:
sudo apt-get purge slapd
sudo rm -rf /etc/ldap
(in case your LDAP configuration is not yet in use)
sudo rm -rf /var/run/slapd
(in case your LDAP database is not yet filled)

INSTALLATION

  • Install slapd:
sudo apt-get install slapd
during installation ubuntu usually asks you for ldap admin password - use any - even empty - later we can change it anyway

CONFIGURATION

  • make sure to shut down LDAP server after installation:
sudo /etc/init.d/slapd stop
  • folder for storing data:
make directory where you LDAP will store data - by default it is /var/run/slapd bud I don't recommend it for backup purposes (in case your root partition is to be reinstalled - OS crashed or whatever - then LDAP db is also vanished - my proposal is to use i.e. directory /home/ldap
sudo mkdir /home/ldap
Because Ubuntu by default runs slapd daemon as user openldap (created automatically during slapd installation), then we must change the ownership of this directory:
sudo chown -R openldap:openldap /home/ldap
as an alternative is to change default behaviour of slapd in file /etc/default/slapd the line:
SLAPD_USER="openldap"
should be changed to:
SLAPD_USER=
and in this case slapd runs as root and changing ownership is not needed - in this HOWTO we change the ownership to avoid the mismatch with Ubuntu default settings
  • main config file creation: /etc/ldap/slapd.conf
copy current config file:
sudo cp /etc/ldap/slapd.conf /etc/ldap/slapd.conf-org
create main password for ldap:
slappasswd -s "your_password"
where "your_password" is any string without quotes of course
as an output you get for example:
{SSHA}QqvOMErMXSJXRfLdmoIjMHEey129M5Qt
this is your password encrypted to be used later in config file
modify configuration file
sudo gedit (or kedit) /etc/ldap/slapd.conf
and put there (instead of everything what you find there):
include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/inetorgperson.schema
schemacheck     on
pidfile         /var/run/slapd/slapd.pid
argsfile        /var/run/slapd/slapd.args
loglevel        0
modulepath	/usr/lib/ldap
moduleload	back_bdb
backend		bdb
checkpoint 512 30

database        bdb
suffix          "dc=nodomain"
rootdn          "cn=admin,dc=nodomain"
rootpw		here_output_of_your_password i.e. {SSHA}QqvOMErMXSJXRfLdmoIjMHEey129M5Qt
directory       "/home/ldap"
index           objectClass eq
lastmod         on
create database config file:
sudo gedit (or kedit) /home/ldap/DB_CONFIG 
set_cachesize 	0	2097152		0
set_lg_bsize	524288
set_lk_max_objects      5000
set_lk_max_locks        5000
set_lk_max_lockers	5000
these are default settings, not needed to be changed at this point
if you changde /home/ldap to be owned by openldap user then it must be repeated at this point at least for this created file:
sudo chown openldap:openldap /home/ldap/DB_CONFIG

STARTING LDAP

  • start ldap to see if it is working:
sudo /etc/init.d/slapd start
and check if working:
ps -ef | grep slapd  | grep -v grep