Exim4-LDAP 0.0.5 initial released

Exim4-LDAP is my latest development progress. It is a Debian package that depends on exim4-heavy-daemon and slapd, which utilize Qmail-LDAP schema as backend database schema for seamless migration. Unlink Qmail-LDAP which required for manual source patching and compile, Exim4-LDAP just define additional authentication/router/transfer rules within configuration files. The ultimate goal of this research project is going to integrate with Samba-LDAP-PAM (for both Windows/Linux Single-Sign-On), RADIUS (for other services SSO) and even other services such as webmail. The project is now hosting in SourceForge.net with .deb available, download now. Here I will draft some simple installation guideline which not yet included in source package document. I am now testing this with a newly installed Debian Lenny sandbox.

Download and install Exim4-LDAP

Exim4-LDAP is available in SourceForge.net and develop with SVN. You may checkout the complete SVN source code with: svn checkout https://exim4-ldap.svn.sourceforge.net/svnroot/exim4-ldap exim4-ldap Latest source code are located in trunk directory. You may build your own .deb with following command (NOTE: you should have svn-buildpackage installed): cd ~/exim4-ldap/trunk svn-buildpackage -us -uc -rfakeroot --svn lintain The custom .deb package will now located in directory build-area as follow: mail:~# ls -la ~/exim4-ldap/build-area/ total 64 drwxr-xr-x 2 root root 4096 2009-08-13 14:09 . drwxr-xr-x 7 root root 4096 2009-08-13 11:32 .. -rw-r--r-- 1 root root 18842 2009-08-13 14:09 exim4-ldap_0.0.4_all.deb -rw-r--r-- 1 root root 524 2009-08-13 14:09 exim4-ldap_0.0.4.dsc -rw-r--r-- 1 root root 1233 2009-08-13 14:09 exim4-ldap_0.0.4_i386.changes -rw-r--r-- 1 root root 27880 2009-08-13 14:09 exim4-ldap_0.0.4.tar.gz
Besides build your own package, a pre-build version is available here.
Now install the package with dpkg -i. You may prompt for an error message that this package is depends on exim4-daemon-heavy which is not yet installed: dpkg -i ~/exim4-ldap/build-area/exim4-ldap_0.0.4_all.deb Just ignore the error message and now fix the dependency with aptitude (NOTE: you should also checkout the Suggested packages of exim4-ldap and install them accordingly, or first reference to my LDAP + Samba PDC + PAM/NSS on Debian Lenny HOWTO for more information): aptitude
As Exim4-LDAP only target for Exim4's LDAP support and implementation, we will not touch any 3rd party packages configuration by default. Besides that there exists some example configuration under /usr/share/doc/exim4-ldap/examples and you may check them out: mail:~# ls -la /usr/share/doc/exim4-ldap/examples/ total 44 drwxr-xr-x 2 root root 4096 2009-08-13 14:53 . drwxr-xr-x 3 root root 4096 2009-08-13 14:53 .. -rw-r--r-- 1 root root 375 2009-08-13 14:51 authldaprc -rw-r--r-- 1 root root 501 2009-08-13 14:51 nss-ldapd.conf -rw-r--r-- 1 root root 3175 2009-08-13 14:51 pam_ldap.conf.gz -rw-r--r-- 1 root root 1980 2009-08-13 14:51 qmail.schema.gz -rw-r--r-- 1 root root 3917 2009-08-13 14:51 samba.schema.gz -rw-r--r-- 1 root root 1959 2009-08-13 14:51 slapd.conf.gz -rw-r--r-- 1 root root 2292 2009-08-13 14:51 smb.conf -rw-r--r-- 1 root root 426 2009-08-13 14:51 smbldap_bind.conf -rw-r--r-- 1 root root 2667 2009-08-13 14:51 smbldap.conf.gz

Configure OpenLDAP for additional schema support

Replace /etc/ldap/slapd.conf with suggested version (NOTE: this will also integrate with Samba-LDAP support, according to Exim4-LDAP primary development target): zcat /usr/share/doc/exim4-ldap/examples/slapd.conf.gz \ > /etc/ldap/slapd.conf Also extract required additional LDAP schema (this samba.schema is just a clone of that from samba-doc): zcat /usr/share/doc/exim4-ldap/examples/samba.schema.gz \ > /etc/ldap/schema/samba.schema zcat /usr/share/doc/exim4-ldap/examples/qmail.schema.gz \ > /etc/ldap/schema/qmail.schema Remember to update OpenLDAP configuration accordingly, especially suffix, rootdn and rootpw: vi /etc/ldap/slapd.conf Now restart OpenLDAP server in order to activate the changes: /etc/init.d/slapd stop /etc/init.d/slapd start

Update your LDAP user account with Exim4-LDAP support

I will assume you have an existing LDAP DB with users defined with/without Qmail-LDAP support. If you have no idea about this, please refer to my LDAP + Samba PDC + PAM/NSS on Debian Lenny HOWTO for more information.
As your OpenLDAP is now supporting Qmail-LDAP schema, we can now include those required additional key-value pairs. Not all Qmail-LDAP keys are supported in Exim4-LDAP now; BTW, you should at least include mail and /home/users/demo/Maildir for basic login and mail storage. Here is a trim down version of required ldif: dn: uid=demo,ou=people,dc=example,dc=com objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: qmailUser cn: demo sn: demo uid: demo uidNumber: 1000 gidNumber: 513 homeDirectory: /home/users/demo mail: demo@example.com mailMessageStore: /home/users/demo/Maildir userPassword:: e01ENX0vZ0hPS24rNnlQcjY3WHlZS2dUaUtRPT0=
Checkout /etc/exim4/conf.d/main/04_exim4-config_ldap_options for more information with available LDAP parameters.
Exim4-LDAP don't support any user account management CLI/GUI right now. I will suggest modify user account with phpLDAPadmin, which is a very useful web GUI tool that I use for development and debug.

Activate Exim4 with LDAP support

By default Exim4-LDAP is disabled after installation. In order to activate it you should create a file called as /etc/exim4/conf.d/main/000_localmacros (Exim4 with split file configuration) and specify as below: MAIN_LDAP_ENABLE = true MAIN_LDAP_DEFAULT_SERVERS = 127.0.0.1::389 MAIN_LDAP_VERSION = 3 MAIN_LDAP_BASEDN = dc=example,dc=com MAIN_LDAP_BINDDN = cn=admin,dc=example,dc=com MAIN_LDAP_BINDPW = CHANGE MAIN_LDAP_TIMEOUT = 15 In order to debug your Exim4 setup also edit /etc/default/exim4 as below: COMMONOPTIONS='-d' Now Exim4 will not run as daemon during next start and print all debug message in console. We can now restart Exim4 as below (press CTRL+C to terminate it): /etc/init.d/exim4 stop update-exim4.conf && /etc/init.d/exim4 start

Add new comment

Restricted HTML

  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd> <h4> <h5> <h6>
  • Lines and paragraphs break automatically.
  • Web page addresses and e-mail addresses turn into links automatically.
  • HTML tags will be transformed to conform to HTML standards.

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and e-mail addresses turn into links automatically.
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.