分类: LINUX
2009-02-20 17:16:33
groupadd -g 1001 vmail
groupadd postfix
groupadd postdrop
groupadd amavis
groupadd clamav
useradd vmail -g vmail -u 1001
useradd postfix -g postfix
useradd amavis -g amavis
useradd clamav -g clamav
[root@test ~]# hostname
test.com
cd db-4.6.18/build_unix //如果不再对应的操作系统的目录下编译,则会报错:“configure: error: Berkeley DB should not be built in the top-level or "dist" directories. Change directory to the build_unix directory and run ../dist/configure from there.”
../dist/configure --prefix=prefix=/usr/local/BerkeleyDB
make
make install
echo "/usr/local/BerkeleyDB/lib" >>/etc/ld.so.conf
ldconfig -v
说明:openldap-2.4.11 版本不支持db高于4.6的版本。
env CPPFLAGS="-I/usr/local/BerkeleyDB/include" \
LDFLAGS="-L/usr/local/BerkeleyDB/lib" \
./configure --prefix=/usr/local/openldap --enable-ldbm \
--enable-lmpasswd --enable-spasswd --enable-bdb \
--enable-crypt --enable-rewrite --enable-dynacl --enable-slapd \
--enable-hdb --enable-meta --enable-monitor --enable-shell \
--enable-sock --enable-syslog --enable-perl \
--enable-modules --enable-lmpasswd --enable-cleartext \
--enable-ldap
make depend
Make
Make test
Make install
echo /usr/local/openldap/lib >> /etc/ld.so.conf
tar zxvf extman-0.2.4.tar.gz
cd extman-0.2.4/docs
cp ./extmail.schema /usr/local/openldap/etc/openldap/schema/
ldconfig -v
[root@test docs]# /usr/local/openldap/sbin/slappasswd -h {crypt}
或者是/usr/local/openldap/sbin/slappasswd -h {md5}
New password: 111111
Re-enter new password: 111111
{CRYPT}W8f6D.CsAxbR2 //ldap 管理密码
vi /usr/local/openldap/etc/openldap/slapd.conf
include /usr/local/openldap/etc/openldap/schema/core.schema
include /usr/local/openldap/etc/openldap/schema/cosine.schema
include /usr/local/openldap/etc/openldap/schema/nis.schema
include /usr/local/openldap/etc/openldap/schema/inetorgperson.schema
include /usr/local/openldap/etc/openldap/schema/extmail.schema
database bdb
suffix "dc=extmail.org"
rootdn "cn=Manager,dc=extmail.org"
rootpw {CRYPT}W8f6D.CsAxbR2 //111111加密密码
index objectClass eq
index mail,active,virtualDomain,mailLocalAddress eq,pres
vi /usr/local/openldap/etc/openldap/ldap.conf
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example,dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:389
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
BASE dc=extmail.org
URI ldap://ldap.test.com ldap://ldap-master.test.com:389
SIZELIMIT 12
TIMELIMIT 15
DEREF nerver
启动ldap 服务:
/usr/local/openldap/libexec/slapd -d 256 //启动
/usr/local/openldap/libexec/slapd -d -1 调试LDAP服务器
修改防火墙规则 添加信任端口389 ,否则加入新规则的时候无法加入。
/usr/local/openldap/bin/ldapadd -x -D "cn=Manager,dc=extmail.org" -w 111111 -a -f init.ldif
//init.ldif 文件在extman/docs下面。
//-w secret 中的secret 为/usr/local/openldap/sbin/slappasswd -h {crypt}时的明文密码,密码不对是添加数据报错为:
ldap_bind: Invalid credentials (49)
验证LDAP是否正确:
ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts
./configure --prefix=/usr/local/sasl --enable-cram --enable-plain \
--enable-digest --disable-anon --enable-krb4 --enable-ntlm \
--with-authdaemond=/usr/local/authlib/var/spool/authdaemon/socket \
--with-ldap=/usr/loca/openldap --enable-ldapdb --enable-passdss --enable-login \
--enable-plain --enable-pwcheck
Make
make install
mv /usr/lib/sasl2 /usr/lib/sasl2.OFF
ln -sv /usr/local/sasl/lib/* /usr/lib
ln -sv /usr/local/sasl/lib/sasl2 /usr/lib
ln -sv /usr/local/sasl/lib/* /usr/local/lib
ln -sv /usr/local/sasl/include/sasl/* /usr/local/include
ln -sv /usr/local/sasl/include/sasl/* /usr/include
echo "/usr/local/sasl/lib/" >> /etc/ld.so.conf
mkdir -pv /var/state/saslauthd
echo "/usr/local/sasl/lib/sasl2" >> /etc/ld.so.conf
echo "/usr/local/sasl/sbin/saslauthd -a shadow ldap -O /etc/saslauthd.conf">/etc/rc.local
/usr/local/sasl/sbin/saslauthd -v //查看是否支持LDAP
/usr/local/sasl/sbin/testsaslauthd -u user -p password (-s stmp) //sasl 测试
/usr/local/sasl/sbin/saslauthd -a shadow ldap -O /etc/saslauthd -d //-d 启动调试
vi /usr/local/sasl/lib/sasl2/smtpd.conf
pwcheck_method: authdaemond
log_level: 3
mech_list:PLAIN LOGIN
authdaemond_path:/usr/local/authlib/var/spool/authdaemon/socket
vi /etc/saslauthd.conf
ldap_servers: ldap://192.168.150.130 ldap://127.0.0.1
ldap_auth_method: bind
#ldap_bind_dn: mail=root@extmail.com,o=extmailManager,dc=extmail.org
ldap_bind_dn: mail=postmaster@extmail.org,virtualDomain=extmail.org,o=extmailAccount,dc=extmail.org
ldap_bind_pw: extmail
ldap_filter: (|(&(mail=%U@%d)(active=1))(mail=%u@))
ldap_base: dc=extmail.org
ldap_search_base: o=extmailAccount,dc=extmail.org
chinaunix网友2011-01-24 09:04:20
configure: error: Cannot enable LDAPDB plugin: OpenLDAP library located but incompatible
chinaunix网友2011-01-24 09:04:20
configure: error: Cannot enable LDAPDB plugin: OpenLDAP library located but incompatible