LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 06-17-2004, 08:43 AM   #1
tibby
LQ Newbie
 
Registered: Jun 2004
Posts: 3

Rep: Reputation: 0
Sendmail and Active Directory


Okay, I've used Sendmail in standalone for years very nicely, and now, I would like to use it in a Windows 2000 Active Directory Network. I remember a year ago reading about a project for PAM to authenticate agaist an active directory server. What I would be most interested in, is having something that could sync my passwd/shadow files with the AD controller, that way, I can also easily use authentication with Squid, ProFTPd, Sendmail, etc.

Thanks,
Tibby
 
Old 10-21-2004, 07:22 AM   #2
BuRnInICE
LQ Newbie
 
Registered: Aug 2003
Distribution: RedHat 7.3
Posts: 6

Rep: Reputation: 0
Ever find out anything about this Tibby?
 
Old 05-16-2005, 11:06 AM   #3
Sern
Member
 
Registered: May 2005
Location: New York
Distribution: Fedora Core 3
Posts: 57

Rep: Reputation: 15
This is a REALLLYY old post but i didn't want to repost something thats already up , has anyone figured out howto do this??
 
Old 05-17-2005, 07:41 AM   #4
slacky
Member
 
Registered: Feb 2004
Location: USA
Distribution: Debian
Posts: 174

Rep: Reputation: 16
I've successfully pulled this off for Postfix using PAM and Samba's Winbind. Supposedly you can bypass Samba and also do this with either the PAM LDAP or PAM Kerberos modules, but I've never bother to get either of those working.
 
Old 05-17-2005, 08:25 AM   #5
Sern
Member
 
Registered: May 2005
Location: New York
Distribution: Fedora Core 3
Posts: 57

Rep: Reputation: 15
Hey thanks for the reply , I've tried to get it to work with postfix and LDAP and i haven't. I have winbind working cause i can see active directroy users. Can you please post what you've done step by step? Thanks again
 
Old 05-17-2005, 11:59 AM   #6
slacky
Member
 
Registered: Feb 2004
Location: USA
Distribution: Debian
Posts: 174

Rep: Reputation: 16
Here's what I have from my notes to check to make sure Winbind is working properly - I'm assuming you've done all the Kerberos and Samba and nsswitch.conf configuration already (which is the hard part, IMHO)

Code:
1.wbinfo -u – should show domain users
2.wbinfo -g – should show domain groups
3.net ads testjoin – OK
4.wbinfo -a user%password – should succeed
5.getent passwd – should return domain users as well as local Linux users
6.getent group – should return domain groups as well as local Linux groups
If that works, postfix should automatically accept email for the AD usernames and store the mail in /var/mail (or maybe where your distro defaults to, I use Debian) - there should be a file per username and ls -la should show the file owned by the AD user.

Then its just a matter of configuring your POP3 (or IMAP) server to use pam winbind. I use Popa3d and have the following in /etc/pam.d/popa3d:

Code:
# PAM configuration for popa3d
auth	required	pam_winbind.so
account	required	pam_winbind.so
IIRC, you don't need to do anything with LDAP to make this setup work.

Hope that helps.
 
Old 05-18-2005, 11:21 AM   #7
Sern
Member
 
Registered: May 2005
Location: New York
Distribution: Fedora Core 3
Posts: 57

Rep: Reputation: 15
Yes that helped a lot thank you , im not sure if i have the config files set up correctly though. Also does postfix need sendmail?

sendmail.mc
Code:
[root@WHB-LinuxBackup ~]# grep -v "^#" /etc/mail/sendmail.mc | grep -v "^dnl"
divert(-1)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for Red Hat Linux')dnl
OSTYPE(`linux')dnl
define(`confDEF_USER_ID',``8:12'')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST',true)dnl
define(`confDONT_PROBE_INTERFACES',true)dnl
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/var/log/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
define(`confTO_IDENT', `0')dnl
FEATURE(`no_default_msa',`dnl')dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
FEATURE(`accept_unresolvable_domains')dnl
LOCAL_DOMAIN(`dunn-pc.com')dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
postfix/main.cf
Code:
[root@WHB-LinuxBackup ~]# grep -v "^#" /etc/postfix/main.cf


queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/libexec/postfix

mail_owner = postfix






inet_interfaces = localhost


mydestination = $myhostname, localhost.$mydomain, localhost


unknown_local_recipient_reject_code = 550













alias_maps = hash:/etc/aliases

alias_database = hash:/etc/aliases



mail_spool_directory = /mail











debug_peer_level = 2


debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         xxgdb $daemon_directory/$process_name $process_id & sleep 5


sendmail_path = /usr/sbin/sendmail.postfix

newaliases_path = /usr/bin/newaliases.postfix

mailq_path = /usr/bin/mailq.postfix

setgid_group = postdrop

html_directory = no

manpage_directory = /usr/share/man

sample_directory = /usr/share/doc/postfix-2.1.5/samples

readme_directory = /usr/share/doc/postfix-2.1.5/README_FILES
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Fedora Directory Server sync Active Directory paul_mat Linux - Networking 8 03-08-2007 10:51 AM
Linux and active directory foxk Linux - Newbie 7 09-28-2005 12:30 PM
*nix and Active Directory... mbritojr Linux - Networking 2 06-17-2005 01:26 PM
Linux and active Directory jmirles Linux - Networking 0 06-19-2003 07:22 PM
what is active directory in linux ? rinux Linux - Newbie 3 05-28-2003 11:56 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 08:30 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration