Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Okay, I've used Sendmail in standalone for years very nicely, and now, I would like to use it in a Windows 2000 Active Directory Network. I remember a year ago reading about a project for PAM to authenticate agaist an active directory server. What I would be most interested in, is having something that could sync my passwd/shadow files with the AD controller, that way, I can also easily use authentication with Squid, ProFTPd, Sendmail, etc.
I've successfully pulled this off for Postfix using PAM and Samba's Winbind. Supposedly you can bypass Samba and also do this with either the PAM LDAP or PAM Kerberos modules, but I've never bother to get either of those working.
Hey thanks for the reply , I've tried to get it to work with postfix and LDAP and i haven't. I have winbind working cause i can see active directroy users. Can you please post what you've done step by step? Thanks again
Here's what I have from my notes to check to make sure Winbind is working properly - I'm assuming you've done all the Kerberos and Samba and nsswitch.conf configuration already (which is the hard part, IMHO)
Code:
1.wbinfo -u – should show domain users
2.wbinfo -g – should show domain groups
3.net ads testjoin – OK
4.wbinfo -a user%password – should succeed
5.getent passwd – should return domain users as well as local Linux users
6.getent group – should return domain groups as well as local Linux groups
If that works, postfix should automatically accept email for the AD usernames and store the mail in /var/mail (or maybe where your distro defaults to, I use Debian) - there should be a file per username and ls -la should show the file owned by the AD user.
Then its just a matter of configuring your POP3 (or IMAP) server to use pam winbind. I use Popa3d and have the following in /etc/pam.d/popa3d:
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.