Re: Postfix+SASL+LDAP advice

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Postfix+SASL+LDAP advice

Gaël Lams
Hi

> I am attempting to setup postfix authentication using ldap (zimbra) for my
> backend.
> From what I've read, it appears there are a couple of ways in which this may
> be accomplished.
>
> A. Have postfix authenticate via saslauthd to connect to my ldap server.
> B. Compile openldap with cyrus-sasl so postfix directly connects to my ldap
> server.

It's my understanding that, to use SMTP AUTH, you must use the SASL
authentication protocol.
You therefore have to:
1) configure postfix to contact the saslauthd daemon for authentication purposes
2) tell cyrus-sasl to use LDAP

Practical steps should be something similar to:

For 1):
- Postfix looks for a file called smtpd.conf (can be in /usr/lib/sasl2
or other places, depending on your installation). Verify that this
file contains the following lines:
pwcheck_method: saslauthd
- modify main.cf to enable sasl authentication (smtpd_sasl_auth_enable
= yes) and add permit_sasl_authenticated in the
smtpd_recipient_restrictions

For 2):
- modify /etc/init.d/saslauthd (or /etc/sysconfig/saslauthd) and
specify MECH=ldap
- insert the ldap parameters in saslauthd.conf (ldap_servers,
ldap_search-base, ldap_filter). you can then verify that it works with
something like "testsaslauthd -u youruser -r your domain -p
yourpassword

Regards,

Gaël
Loading...