Tuesday, November 10, 2009

migration openwebmail auth_unix to auth_pam

Motivation: Create new server with openwebmail and authentification to Active Directory (AD). Old server has local hand-made copies of accounts from AD. We need to migrate inboxes, ~/mail/, ~/.openwebmail/ and aliases.

Solution: We used ubuntu server 9.10, likewise and openwebmail 2.53.

Install Ubuntu server 9.10 and checked mail server and ssh server. Setup interfaces. Install few packages:
sudo aptitude install likewise-open libauthen-pam-perl libconvert-asn1-perl libmd5-perl libnet-ldap-perl perl-suid wwwconfig-common libpg-perl apache2 libdbd-mysql-perl alpine ispell iczech language-support-cs language-pack-cs-base gcc linux-headers-$(uname -r) vlan nmap mc

Join domain with likewise (see ubuntu forum), not necessary as Administrator (user):
sudo domainjoin-cli join DOMAIN user
test join:
sudo domainjoin-cli query
Many problems appear due to setting of /etc/resolv.conf, you should choose some AD machine as nameserver

Setup apache (enable ssl):
sudo a2enmod ssl
sudo /etc/init.d/apache2 restart
sudo ln -s /etc/apache2/sites-available/default-ssl /etc/apache2/sites-enabled/000-default-ssl
sudo /etc/init.d/apache2 restart


Setup likewise, enable logging:
sudo vim /etc/samba/lwiauthd.conf
add lines
winbind use default domain = yes
log level = 10

Wget, install and setup openwebmail:
wget http://openwebmail.org/openwebmail/download/debian/owm2.53-2.deb
sudo dpkg -i owm2.53-2.deb
sudo mv /var/www/openwebmail/redirect.html /var/www/index.html
sudo vim /etc/openwebmail/openwebmail.conf
* change lines to
domainnames DOMAIN
auth_module auth_pam.pl
allowed_autologinip all
* comment lines
default_style
forced_moveoldmsgfrominbox yes
* add lines
create_syshomedir yes
quota_module quota_du.pl
quota_limit 180000
quota_treshold 200000
default_language cz
default_moveoldmsgfrominbox no
spellcheck /usr/bin/ispell -a -S -w "-" -d @@@DICTIONARY@@@ -p @@@PDICNAME@@@
spellcheck_pdicname .ispell_words
spellcheck_dictionaries czech, english, american

Repair utf-8 use in perl (see acatysmoof):
sudo vim /usr/share/perl/5.10.0/CGI.pm
change line
my $utf8 = $charset eq 'utf-8';
to
my $utf8 = 0;

Setup postfix:
sudo vim /etc/postfix/main.cf
add line:
mydomain = DOMAIN
restart
sudo /etc/init.d/postfix restart

Move script:
root@cattom1:/home/pvl# cat ./moveusers.sh
#!/bin/sh
UCTY="movelist.txt"
scp -P 22 root@OLDSERVER:/etc/aliases ./old_aliases
cat $UCTY | while read LINE; do
# home move
scp -r -P 22 root@OLDSERVER:/home/$LINE /home/DOMAIN/
cat old_aliases | grep $LINE >> /etc/aliases
chown -R $LINE:domain^users /home/DOMAIN/$LINE
# inboxes
scp -P 22 root@OLDSERVER:/home/mail/$LINE /var/mail/
chown $LINE:mail /var/mail/$LINE
done


Alternativities: diretly to ldap developer.novel
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)