c. servidores linux - taller 6.1 sasl openldap
TRANSCRIPT
TALLER 6.1
John Correa.
SASL Configuration para autenticar con OpenLdap
Instalar soporte sasl para cyrus y OpenLdap
# yum install cyrus-sasl-ldap
Configurar SASL en sus opciones de inicio.
# vim /etc/sysconfig/saslauthd
Modificar las siguientes lineas.
[...]MECH=ldapFLAGS="-O /etc/saslauthd.conf"[...]
Configure LDAP SASL authentication.
Crear el siguiente archivo y agregar el contenido adjunto.
Vim /etc/saslauthd.conf
ldap_servers: ldap://127.0.0.1
ldap_search_base: ou=people,dc=redes,dc=edu
ldap_filter: (objectClass=*)
ldap_version: 3
ldap_scope: sub
ldap_filter: uid=%u
ldap_auth_method: bind
Reiniciar saslauthd.
# /etc/init.d/saslauthd restart
Verificar si el sistema de autenticación SASL utiliza OpenLdap como sistema de autenticación.
[root@redes etc]# /usr/sbin/testsaslauthd -u domino -p domino.2011
0: OK "Success."
Configure imapd.conf
configdirectory: /var/lib/imappartition-default: /var/spool/imap/useradmins: cyrus dominosievedir: /var/lib/imap/sievesendmail: /usr/sbin/sendmailhashimapspool: trueallowplaintext: yessasl_pwcheck_method: saslauthdsasl_mech_list: PLAIN#tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem#tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem#tls_ca_file: /etc/pki/tls/certs/ca-bundle.crtautocreateinboxfolders: Eviadosautosubscribreinboxfolfers: Enviadoscreateonpost: yesautocreatecuota: 20000defaultdomain: redes.eduunixhierarchysep: yes#lmtpsocket: /var/imap/socket/lmtp
Administrar CYRUS y crear buzones de correo.
[root@redes etc]# cyradm --user domino --server 192.168.100.252
IMAP Password:
192.168.100.252> createmailbox user/john
192.168.100.252> cm user/pedro
192.168.100.252> help
authenticate, login, auth authenticate to server
chdir, cd change current directory
createmailbox, create, cm create mailbox
deleteaclmailbox, deleteacl, dam remove ACLs from mailbox
deletemailbox, delete, dm delete mailbox
disconnect, disc disconnect from current server
exit, quit exit cyradm
help, ? show commands
info display mailbox/server metadata
listacl, lam, listaclmailbox list ACLs on mailbox
listmailbox, lm list mailboxes
listquota, lq list quotas on specified root
listquotaroot, lqr, lqm show quota roots and quotas for mailbox
mboxcfg, mboxconfig configure mailbox
reconstruct reconstruct mailbox (if supported)
renamemailbox, rename, renm rename (and optionally relocate) mailbox
server, servername, connect show current server or connect to server
setaclmailbox, sam, setacl set ACLs on mailbox
setinfo set server metadata
setquota, sq set quota on mailbox or resource
subscribe, sub subscribe to a mailbox
unsubscribe, unsub unsubscribe from a mailbox
version, ver display version info of current server
xfermailbox, xfer transfer (relocate) a mailbox to a different server
Asignar espacio de buzón.
192.168.100.252> setquota user/john 20000
quota:20000
192.168.100.252> lq user/john
STORAGE 0/20000 (0%)