iredmail / iRedMail / conf / openldap

Zhang Huangbin 7c26194 

Zhang Huangbin 69f2f69 
Zhang Huangbin 7c26194 



























Zhang Huangbin ccebb2d 



Zhang Huangbin 72ad0fa 

Zhang Huangbin 7c26194 






Zhang Huangbin b75d888 
Zhang Huangbin 7c26194 



Zhang Huangbin 58a1263 


Zhang Huangbin 7c26194 

















Zhang Huangbin 87ee385 


Zhang Huangbin 7c26194 













Zhang Huangbin 72ad0fa 

Zhang Huangbin 7c26194 





Zhang Huangbin ccebb2d 

Zhang Huangbin 7c26194 












Zhang Huangbin 58a1263 







Zhang Huangbin 3c19c4e 
Zhang Huangbin 58a1263 



Zhang Huangbin 3c19c4e 


Zhang Huangbin 7c26194 












Zhang Huangbin 12efb11 





Zhang Huangbin ccebb2d 

Zhang Huangbin 12efb11 






Zhang Huangbin 7c26194 



Zhang Huangbin 72ad0fa 


Zhang Huangbin 7c26194 































Zhang Huangbin f0e7e84 
Zhang Huangbin 7c26194 


















Zhang Huangbin 36b45e2 
Zhang Huangbin 7c26194 





















































#!/usr/bin/env bash

# Author:   Zhang Huangbin (zhb _at_ iredmail.org)

#---------------------------------------------------------------------
# This file is part of iRedMail, which is an open source mail server
# solution for Red Hat(R) Enterprise Linux, CentOS, Debian and Ubuntu.
#
# iRedMail is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# iRedMail is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with iRedMail.  If not, see <http://www.gnu.org/licenses/>.
#---------------------------------------------------------------------

# Variables for OpenLDAP and related. Refer to 'dialog/ldap_config.sh'.

# LDAP service info.
export LDAP_SERVER_HOST='127.0.0.1'
export LDAP_SERVER_PORT='389'
export LDAP_USE_TLS='NO'
export LDAP_BIND='yes'
export LDAP_BIND_VERSION='3'

# OpenLDAP daemon user and group name.
export OPENLDAP_DAEMON_USER='ldap'
export OPENLDAP_DAEMON_GROUP='ldap'

export LDAP_RC_SCRIPT_NAME='slapd'

# Database backend type.
# Note:
#   * We use the same database type on all distributions to reduce our
#     workflow, and users migrate their mail server between supported
#     OS will be more comfortable.
#   * Performance of bdb backend is good enough. but Debian/Ubuntu can
#     also use 'hdb' for OpenLDAP-2.4.x.
export OPENLDAP_DEFAULT_DBTYPE='bdb'

# Default LDAP data directory.
export OPENLDAP_DATA_DIR='/var/lib/ldap'    # Do *NOT* end with '/'.

export OPENLDAP_PID_FILE='/var/run/openldap/slapd.pid'
export OPENLDAP_ARGS_FILE='/var/run/openldap/slapd.args'

# Configure.
if [ X"${DISTRO}" == X"RHEL" ]; then
    # OpenLDAP version.
    if [ X"${DISTRO_VERSION}" == X"5" ]; then
        export OPENLDAP_VERSION='2.3'
        export LDAP_RC_SCRIPT_NAME='ldap'
    else
        export OPENLDAP_VERSION='2.4'
    fi

    # Configuration files.
    export OPENLDAP_CONF_ROOT="/etc/openldap"
    export OPENLDAP_DB_CONFIG_SAMPLE="${OPENLDAP_CONF_ROOT}/DB_CONFIG.example"

    export OPENLDAP_SYSCONFIG_CONF="${ETC_SYSCONFIG_DIR}/ldap"

    # Module related.
    export OPENLDAP_MODULE_PATH='/usr/lib/openldap'
    if [ X"${ARCH}" == X'x86_64' ]; then
        export OPENLDAP_MODULE_PATH='/usr/lib64/openldap'
    fi

elif [ X"${DISTRO}" == X"SUSE" ]; then
    # OpenLDAP version.
    export OPENLDAP_VERSION='2.4'

    # Configuration files.
    export OPENLDAP_CONF_ROOT="/etc/openldap"
    export OPENLDAP_DB_CONFIG_SAMPLE='/var/lib/ldap/DB_CONFIG.example'

    export OPENLDAP_PID_FILE='/var/run/slapd/slapd.pid'
    export OPENLDAP_ARGS_FILE='/var/run/slapd/slapd.args'

    export OPENLDAP_SYSCONFIG_CONF="${ETC_SYSCONFIG_DIR}/openldap"

    # RC script
    export LDAP_RC_SCRIPT_NAME='ldap'

elif [ X"${DISTRO}" == X"DEBIAN" -o X"${DISTRO}" == X"UBUNTU" ]; then
    # OpenLDAP version.
    export OPENLDAP_VERSION='2.4'

    # LDAP daemon user & group.
    export OPENLDAP_DAEMON_USER='openldap'
    export OPENLDAP_DAEMON_GROUP='openldap'

    # Configuration files.
    export OPENLDAP_CONF_ROOT="/etc/ldap"
    export OPENLDAP_DB_CONFIG_SAMPLE="/usr/share/slapd/DB_CONFIG"

    export OPENLDAP_PID_FILE='/var/run/slapd/slapd.pid'
    export OPENLDAP_ARGS_FILE='/var/run/slapd/slapd.args'

    export OPENLDAP_SYSCONFIG_CONF="${ETC_SYSCONFIG_DIR}/slapd"

    # Module related.
    export OPENLDAP_MODULE_PATH='/usr/lib/ldap'

elif [ X"${DISTRO}" == X"GENTOO" ]; then
    # OpenLDAP version.
    export OPENLDAP_VERSION='2.4'

    # Configuration files.
    export OPENLDAP_CONF_ROOT="/etc/openldap"
    export OPENLDAP_DB_CONFIG_SAMPLE="${OPENLDAP_CONF_ROOT}/DB_CONFIG.example"

    export OPENLDAP_SYSCONFIG_CONF="${ETC_SYSCONFIG_DIR}/slapd"

    # Module related.
    export OPENLDAP_MODULE_PATH='/usr/lib/openldap/openldap'

    # Override default path
    export OPENLDAP_DATA_DIR='/var/lib/openldap-data'

elif [ X"${DISTRO}" == X"FREEBSD" ]; then
    # OpenLDAP version.
    export OPENLDAP_VERSION='2.4'

    # Configuration files.
    export OPENLDAP_CONF_ROOT='/usr/local/etc/openldap'
    export OPENLDAP_DB_CONFIG_SAMPLE="${OPENLDAP_CONF_ROOT}/DB_CONFIG.example"

    # Module related.
    export OPENLDAP_MODULE_PATH='/usr/local/libexec/openldap'

    # Override default setting.
    export OPENLDAP_DATA_DIR='/var/db/openldap-data'    # Do *NOT* end with '/'.

elif [ X"${DISTRO}" == X'OPENBSD' ]; then
    # OpenLDAP version.
    export OPENLDAP_VERSION='2.4'

    # LDAP daemon user & group.
    export OPENLDAP_DAEMON_USER='_openldap'
    export OPENLDAP_DAEMON_GROUP='_openldap'

    # Configuration files.
    export OPENLDAP_CONF_ROOT='/etc/openldap'
    export OPENLDAP_DB_CONFIG_SAMPLE="/usr/local/share/examples/openldap/DB_CONFIG"

    # Module related.
    export OPENLDAP_MODULE_PATH='/usr/local/libexec/openldap'
else
    :
fi

# RC script.
export LDAP_RC_SCRIPT="${DIR_RC_SCRIPTS}/${LDAP_RC_SCRIPT_NAME}"

export OPENLDAP_SCHEMA_DIR="${OPENLDAP_CONF_ROOT}/schema"
export OPENLDAP_SLAPD_CONF="${OPENLDAP_CONF_ROOT}/slapd.conf"
export OPENLDAP_LDAP_CONF="${OPENLDAP_CONF_ROOT}/ldap.conf"
export OPENLDAP_LOGFILE='/var/log/openldap.log'
export OPENLDAP_LOGROTATE_FILE="${LOGROTATE_DIR}/openldap"

# LDAP data directory.
export LDAP_DATA_DIR="${OPENLDAP_DATA_DIR}/${dn2dnsname}"

# Setting for one instance. You can edit ${OPENLDAP_SLAPD_CONF} manually to hold
# multi instances.
export LDAP_INIT_LDIF="${CONF_DIR}/ldap_init.ldif"

##################################################
# iRedMail LDAP schema related
#
# objectClass
export LDAP_OBJECTCLASS_OU='organizationalUnit'
export LDAP_OBJECTCLASS_MAILDOMAIN='mailDomain'
export LDAP_OBJECTCLASS_MAILUSER='mailUser'
export LDAP_OBJECTCLASS_MAILALIAS='mailAlias'
export LDAP_OBJECTCLASS_MAILGROUP='mailList'
export LDAP_OBJECTCLASS_MAILADMIN='mailAdmin'
export LDAP_OBJECTCLASS_MAIL_EXTERNAL_USER='mailExternalUser'

# Common attribute.
export LDAP_ENABLED_SERVICE='enabledService'

# Values of service name.
export LDAP_SERVICE_DOMAIN_ALIAS='domainalias'
export LDAP_SERVICE_MAIL='mail'
export LDAP_SERVICE_INTERNAL='internal'
export LDAP_SERVICE_DOVEADM='doveadm'
export LDAP_SERVICE_SMTP='smtp'
export LDAP_SERVICE_SMTPS='smtpsecured'
export LDAP_SERVICE_POP3='pop3'
export LDAP_SERVICE_POP3S='pop3secured'
export LDAP_SERVICE_IMAP='imap'
export LDAP_SERVICE_IMAPS='imapsecured'
export LDAP_SERVICE_DELIVER='deliver'
export LDAP_SERVICE_LDA='lda'
export LDAP_SERVICE_FORWARD='forward'
export LDAP_SERVICE_SENDER_BCC='senderbcc'
export LDAP_SERVICE_RECIPIENT_BCC='recipientbcc'
export LDAP_SERVICE_MANAGESIEVE='managesieve'
export LDAP_SERVICE_MANAGESIEVES='managesievesecured'
export LDAP_SERVICE_SIEVE='sieve'
export LDAP_SERVICE_SIEVES='sievesecured'
export LDAP_SERVICE_WEBMAIL='webmail'
export LDAP_SERVICE_AWSTATS='awstats'
export LDAP_SERVICE_SHADOW_ADDRESS='shadowaddress'
export LDAP_SERVICE_DISPLAYED_IN_ADDRBOOK='displayedInGlobalAddressBook'
export LDAP_SERVICE_LIB_STORAGE='lib-storage'

# Shared attributes.
export LDAP_ATTR_ACCOUNT_STATUS='accountStatus'
export LDAP_ATTR_MTA_TRANSPORT='mtaTransport'

# Domain admin related.
export LDAP_ATTR_DOMAINADMIN_DN_NAME='domainAdmins'

# Domain related attributes.
export LDAP_ATTR_DOMAIN_RDN='domainName'
export LDAP_ATTR_DOMAIN_ALIAS_NAME='domainAliasName'
export LDAP_ATTR_DOMAIN_ADMIN='domainAdmin'
export LDAP_ATTR_DOMAIN_GLOBALADMIN='domainGlobalAdmin'
export LDAP_ATTR_DOMAIN_BACKUPMX='domainBackupMX'
export LDAP_ATTR_DOMAIN_MAX_QUOTA_SIZE='domainMaxQuotaSize'
export LDAP_ATTR_DOMAIN_MAX_USER_NUMBER='domainMaxUserNumber'
export LDAP_ATTR_DOMAIN_SENDER_BCC_ADDRESS='domainSenderBccAddress'
export LDAP_ATTR_DOMAIN_RECIPIENT_BCC_ADDRESS='domainRecipientBccAddress'
# Values of domain related attributes.
export LDAP_VALUE_DOMAIN_GLOBALADMIN='yes'
export LDAP_VALUE_DOMAIN_BACKUPMX='yes'

# Group related.
export LDAP_ATTR_GROUP_RDN='ou'
export LDAP_ATTR_GROUP_USERS='Users'
export LDAP_ATTR_GROUP_GROUPS='Groups'
export LDAP_ATTR_GROUP_ALIASES='Aliases'
export LDAP_ATTR_GROUP_EXTERNALS='Externals'

# Attributes of group object.
export LDAP_ATTR_GROUP_ACCESSPOLICY='accessPolicy'
export LDAP_ATTR_GROUP_HASMEMBER='hasMember'
export LDAP_ATTR_GROUP_MEMBER='mailForwardingAddress'
export LDAP_ATTR_GROUP_ALLOWED_USER='listAllowedUser'
# Values of group related attributes.
export LDAP_VALUE_GROUP_HASMEMBER='yes'

# Attributes of user object.
export LDAP_ATTR_USER_RDN='mail'
export LDAP_ATTR_USER_PASSWD='userPassword'
export LDAP_ATTR_USER_HOME_DIRECTORY='homeDirectory'
export LDAP_ATTR_USER_STORAGE_BASE_DIRECTORY='storageBaseDirectory'
export LDAP_ATTR_USER_SENDER_BCC_ADDRESS='userSenderBccAddress'
export LDAP_ATTR_USER_RECIPIENT_BCC_ADDRESS='userRecipientBccAddress'
export LDAP_ATTR_USER_BACKUP_MAIL_ADDRESS='backupMailAddress'
export LDAP_ATTR_USER_QUOTA='mailQuota'
export LDAP_ATTR_USER_FORWARD='mailForwardingAddress'
export LDAP_ATTR_USER_RESTRICTION_CLASS='restrictionClass'
export LDAP_ATTR_USER_RESTRICTED_DOMAIN='restrictedDomain'
export LDAP_ATTR_USER_MEMBER_OF_GROUP='memberOfGroup'
export LDAP_ATTR_USER_SHADOW_ADDRESS='shadowAddress'
# Values of user related attributes.
export LDAP_STATUS_ACTIVE='active'

#### END LDAP schema ####
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.