Hi Guys,

I need to setup a Email server on Linux for a Domain which is windows based. does anyone know of good links, tutorials or docs for it. I have looked at postfix.are there anyothers which might do the job?

Thanks

zee

zee,

how tight do you need the integration between AD and the linux server to be?

i do this for a rather small environment ca 20 users. I run centos 5 (aka redhat enterprise 5) using postfix, dovecot (pop and IMAP) as well as squirrelmail for webmail access.

adding the SMTP, and Mail server pointer (mx records) into DNS is the first step.

adding the email address into the user template at creation is the integration part.

i also keep the user's home directories off of the windows server. Samba does a great job of authenticating against the domain controller. the homedirectory attribute in AD (set in the user template) transparently maps the linux home directory to the a drive letter on the AD workstations.

The reason i ask how tight the integration needs to be is that i personally create the usernames, passwords for email and homedirectories manually separate from the Windows environment (there are MANY good reasons for this).

if you authenticate Samba agains the domain the user never enters a username and password for the samba share, that is handled by the domain.

for the mail server i seen no reason to force the complex passwords and 90 day change rules i enforce on the windows workstations.

ultimately that means they have a secure password for the mail server that never changes and never matches the windows password.

when all is said and done, LDAP queries will return the home directory and mail address attributes for searches in outlook or any other email client that can use Ldap for address lookups.

I am quite confident that windows users will LOVE IMAP. Whenever their little windows boxes die and need to be re-imaged, all emails will magically re-appear and all the contents of their network drive / home directory will be there like nothing ever happened.

===

Side effect: once the linux box is there, accounts and home directories etc exist, they might want to start using a real operating system alltogether.

Hope that helps

Uli

Hi Uli,

many thanks for that reply, i dont really have to have a tight integration just a normal one and i am happy to assign username and passwords manually, if you have two different password its just two fold security in my opinion anyway. what would be great though if i could have a guide to how to set it up with samba, do you have any links or docs in that effect i will be really grateful

Kind Regards

zee

zee,

let me preface this with: i am not an "expert" i just do this once or twice a year, i am naturally lazy, and find this easy enough to do.

email server is the easy part. on Centos i simply install the mail server packages, then i make sure that my mail server listens on the external interface and hosts the services i want. Easy enough using my favorite tool webmin (google it). Makes setting up the relaying and such easy

then i install squirrelmail to get the webmail piece (just a matter of installing it and then running the config.pl script. squirrelmail comes with centos.

the samba piece for the homedirectories just needs samba installed and the security set for 'domain' and pointing the password server to be the ip of the AD domain controller.

no all you need to do is add the windows users as users to the linux box, that allows passwordless, authenticated access to the home directories on the linux box from all windows clients that authenticate against the domain.

set the home directory attribute in AD to \\linuxbox\home\username assign the drive letter of your choice.

I usually have a freenas box (old pc with freenas installed), google it, it is free. i leave freenas wide open for a public fileshare, that way the home directories do not ever need to be shared. (freenas can do ANYTHING as far as protocols go!)

at this point you have IMAP, POP, SMTP, and webmail
home directories on all windows workstations authenticated via AD
an awesome public fileshare with SMB, DFS, FTP, SSH, unison, RSYNC, etc
oh, and yes you now have webmail which makes mysql and other services transparent and remotely configurable without the need for command line interface.

want to make this accessible to linux desktops?

add support for UNIX clients to AD (schema extension comes with AD)

that will let you join linuxboxes to AD and log on to linux with your domain credentials.

the schema extension lets you set UID GUID, home directory and your favorite login shell.

with some luck i did not make too many mistakes typing this

hope that helps