Integration/PureFTPd.iRedMail.with.OpenLDAP/Debian
From iRedMail
(Difference between revisions)
Shake.chen (Talk | contribs) (→Config PureFTPD) |
Shake.chen (Talk | contribs) (→Config the LDAP setting for PureFTPD) |
||
| Line 68: | Line 68: | ||
LDAPHomeDir FTPHomeDir # <- This is new attribute, we will add it | LDAPHomeDir FTPHomeDir # <- This is new attribute, we will add it | ||
LDAPVersion 3 | LDAPVersion 3 | ||
| + | </pre>}} | ||
| + | |||
| + | =Config OpenLDAP= | ||
| + | |||
| + | * Get the schema modify by iredmail | ||
| + | |||
| + | {{cmd|<pre> | ||
| + | #wget http://iredmail.googlecode.com/svn/trunk/extra/pureftpd.schema -P /etc/ldap/schema/ | ||
| + | </pre>}} | ||
| + | |||
| + | * Open /etc/ldap/slapd.conf :include pureftpd.schema after iredmail.schema and Add index for attributes defined in pureftpd.schema: | ||
| + | {{cfg|/etc/ldap/slapd.conf |<pre> | ||
| + | include /etc/ldap/schema/iredmail.schema | ||
| + | include /etc/ldap/schema/pureftpd.schema # <-- Add this line. | ||
| + | |||
| + | |||
| + | # Default index. | ||
| + | # | ||
| + | index objectClass eq,pres | ||
| + | index ou,cn,mail,surname,givenname,telephoneNumber eq,pres,sub | ||
| + | index uidNumber,gidNumber,loginShell eq,pres | ||
| + | index uid,memberUid eq,pres,sub | ||
| + | index nisMapName,nisMapEntry eq,pres,sub | ||
| + | # <-- Add the below | ||
| + | #Index for FTP attrs. | ||
| + | index FTPQuotaFiles,FTPQuotaMBytes eq,pres | ||
| + | index FTPUploadRatio,FTPDownloadRatio eq,pres | ||
| + | index FTPUploadBandwidth,FTPDownloadBandwidth eq,pres | ||
| + | index FTPStatus,FTPuid,FTPgid,FTPHomeDir eq,pres | ||
| + | |||
</pre>}} | </pre>}} | ||
Revision as of 03:25, 29 March 2010
Contents |
Install Pure-FTPd
Install PureFTPD
| Terminal: |
#apt-get install pure-ftpd-ldap |
Find vmail user password
For security reason, we only need to use the vmail user to search ldap, not suggest use the admin to search.
vmail password was random create duiring iredmail install.you can find the password in /etc/postfix/ldap_virtual_mailbox_domains.cf
- Open /etc/postfix/ldap_virtual_mailbox_domains.cf :
| File: /etc/postfix/ldap_virtual_mailbox_domains.cf |
bind_dn = cn=vmail,dc=example,dc=com bind_pw = kZ6uB29mViWKWI9lOH3cGnF7z3Dw3B #cn=vmail password |
Config PureFTPD
- Configure PureFTPd as a standalone daemon (it is currently controlled by inetd)
Open /etc/default/pure-ftpd-common and set correct values:
| File: /etc/default/pure-ftpd-common |
#STANDALONE_OR_INETD=inetd STANDALONE_OR_INETD=standalone #change to standalone |
Open /etc/inetd.conf and comment out the ftp line::
| File: /etc/inetd.conf |
#ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/pure-ftpd-wrapper |
- Make PureFTPd chroot every virtual user in his home directory so he will not be able to browse directories and files outside his home directory.
| Terminal: |
echo "yes" > /etc/pure-ftpd/conf/ChrootEveryone |
- Make PureFTPd create a user's home directory when the user logs in and the home directory does not exist yet.
| Terminal: |
echo "yes" > /etc/pure-ftpd/conf/CreateHomeDir |
- Make that PureFTPd doesn't look up host names which can significantly speed up connections and reduce bandwidth usage.
| Terminal: |
echo "yes" > /etc/pure-ftpd/conf/DontResolve |
Config the LDAP setting for PureFTPD
- Open /etc/pure-ftpd/db/ldap.conf and change the value :
| File: /etc/pure-ftpd/db/ldap.conf |
LDAPServer localhost LDAPPort 389 LDAPBaseDN o=domains,dc=example,dc=com LDAPBindDN cn=vmail,dc=example,dc=com LDAPBindPW kZ6uB29mViWKWI9lOH3cGnF7z3Dw3B #cn=vmail password LDAPDefaultUID 1000 # <- UID of 'vmail' user. LDAPDefaultGID 1000 # <- GID of 'vmail' user. LDAPFilter (&(objectClass=PureFTPdUser)(mail=\L)(FTPStatus=enabled)) LDAPHomeDir FTPHomeDir # <- This is new attribute, we will add it LDAPVersion 3 |
Config OpenLDAP
- Get the schema modify by iredmail
| Terminal: |
#wget http://iredmail.googlecode.com/svn/trunk/extra/pureftpd.schema -P /etc/ldap/schema/ |
- Open /etc/ldap/slapd.conf :include pureftpd.schema after iredmail.schema and Add index for attributes defined in pureftpd.schema:
| File: /etc/ldap/slapd.conf |
include /etc/ldap/schema/iredmail.schema include /etc/ldap/schema/pureftpd.schema # <-- Add this line. # Default index. # index objectClass eq,pres index ou,cn,mail,surname,givenname,telephoneNumber eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub # <-- Add the below #Index for FTP attrs. index FTPQuotaFiles,FTPQuotaMBytes eq,pres index FTPUploadRatio,FTPDownloadRatio eq,pres index FTPUploadBandwidth,FTPDownloadBandwidth eq,pres index FTPStatus,FTPuid,FTPgid,FTPHomeDir eq,pres |
