Knowledge blog

Monday, February 15, 2016

Postfix , Dovecot and Its Integration with LDAP

Postfix is a very popular mail server . It is robust and easy to setup . It acts as a MTA ( mail transfer agent ) that can receive your mail and drop it into a local mailbox .

How to configure postfix:

The packages required to install postfix are postfix , postfix-ldap , postfix -pcre .

#apt-get install postfix postfix-pcre postfix-ldap

The first configuration file for postfix is /etc/postfix/main.cf

#vi /etc/postfix/main.cf

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific: Specifying a file name will cause the first

# line of that file to be used as the name. The Debian default

# is /etc/mailname.

myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)

biff = no

# appending .domain is the MUA's job.

append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings

#delay_warning_time = 4h

# TLS parameters

smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem

smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key

smtpd_use_tls=yes

smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache

smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for

# information on enabling SSL in the smtp client.

myhostname = asim.emergen.org

alias_maps = hash:/etc/aliases

alias_database = hash:/etc/aliases

myorigin = /etc/mailname

mydestination = asim.emergen.org, , localhost

relayhost =

mynetworks = 127.0.0.0/8 192.168.1.0

mailbox_size_limit = 0

mailbox_transport = dovecot

recipient_delimiter = +

inet_interfaces = all

The second configuration for postfix is /etc/mailname . Here we define the fully qualified domain name .

#vi /etc/mailname

asim.emergen.org

The third file is /etc/postfix/master.cf

smtp inet n - n - - smtpd

pickup fifo n - - 60 1 pickup

cleanup unix n - - - 0 cleanup

qmgr fifo n - - 300 1 qmgr

#qmgr fifo n - - 300 1 oqmgr

rewrite unix - - - - - trivial-rewrite

bounce unix - - - - 0 bounce

defer unix - - - - 0 bounce

trace unix - - - - 0 bounce

verify unix - - - - 1 verify

flush unix n - - 1000? 0 flush

proxymap unix - - n - - proxymap

smtp unix - - n - - smtp

relay unix - - - - - smtp

showq unix n - - - - showq

error unix - - - - - error

local unix - n n - - local

virtual unix - n n - - virtual

lmtp unix - - n - - lmtp

anvil unix - - n - 1 anvil

dovecot unix - n n - - pipe

flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}

mailman unix - n n - - pipe

flags=FR user=list

argv=/var/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}

maildrop unix - n n - - pipe

flags=DRhu user=vmail argv=/opt/maildrop/bin/maildrop -d ${recipient}

uucp unix - n n - - pipe

flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)

ifmail unix - n n - - pipe

flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)

bsmtp unix - n n - - pipe

flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender $recipient

scalemail-backend unix - n n - 2 pipe

flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}

gnarwl unix - n n - - pipe

flags=F user=vmail argv=/usr/bin/gnarwl -a $user

smtp-amavis unix - - n - 2 lmtp

-o smtp_data_done_timeout=1200

-o disable_dns_lookups=yes

-o smtp_send_xforward_command=yes

127.0.0.1:10025 inet n - n - - smtpd

-o content_filter=

-o local_recipient_maps=

-o relay_recipient_maps=

-o smtpd_restriction_classes=

-o smtpd_client_restrictions=

-o smtpd_helo_restrictions=

-o smtpd_sender_restrictions=

-o smtpd_recipient_restrictions=permit_mynetworks,reject

-o mynetworks=127.0.0.0/8

-o strict_rfc821_envelopes=yes

After this , start the service

#/etc/init.d/postfix start

To verify whether postfix is working correctly

#telnet localhost 25

Trying 127.0.0.1...

Connected to localhost.localdomain.

Escape character is '^]'.

220 asim.emergen.org ESMTP Postfix (Ubuntu)

Dovecot

Dovcecot acts as an MDA ( mail delivery agent ) .It handles final delivery of messages for a system's local recipients .

The package required to install dovecot is dovecot – common , dovecot – pop3d and dovecot – imapd .

#apt-get install dovecvot-common dovecot-pop3d dovecot-imapd

The main configuration file is

#vi /etc/dovecot/dovecot.conf

protocols = imap imaps pop3 pop3s

#ssl_disable = no

#ssl_cert_file = /etc/postfix/tls/server.pem

#ssl_key_file = /etc/postfix/tls/key.pem

log_timestamp = "%Y-%m-%d %H:%M:%S "

#login_greeting = Dovecot ready.

#max_mail_processes = 1024

mail_extra_groups = vmail

#mail_debug = yes

default_mail_env = maildir:%h:INDEX=/var/dovecot/indexes/%h

disable_plaintext_auth = no

protocol imap {

# mail_plugins = quota imap_quota

# mail_plugin_dir = /usr/lib/dovecot/modules/imap

}

protocol pop3 {

pop3_uidl_format = %08Xu%08Xv

# mail_plugins = quota

# mail_plugin_dir = /usr/lib/dovecot/modules/pop3

}

protocol lda {

# mail_plugins = quota

# mail_plugin_dir = /usr/lib/dovecot/modules/imap

postmaster_address = postmaster@emergen.org

auth_socket_path = /var/run/dovecot-auth-master

log_path = /var/log/dovecot-deliver.log

info_log_path = /var/log/dovecot-deliver.log

}

auth default {

mechanisms = plain

socket listen {

master {

protocols = imap imaps pop3 pop3s

#ssl_disable = no

#ssl_cert_file = /etc/postfix/tls/server.pem

#ssl_key_file = /etc/postfix/tls/key.pem

log_timestamp = "%Y-%m-%d %H:%M:%S "

#login_greeting = Dovecot ready.

#max_mail_processes = 1024

mail_extra_groups = vmail

#mail_debug = yes

default_mail_env = maildir:%h:INDEX=/var/dovecot/indexes/%h

disable_plaintext_auth = no

protocol imap {

# mail_plugins = quota imap_quota

# mail_plugin_dir = /usr/lib/dovecot/modules/imap

}

protocol pop3 {

pop3_uidl_format = %08Xu%08Xv

# mail_plugins = quota

# mail_plugin_dir = /usr/lib/dovecot/modules/pop3

}

protocol lda {

# mail_plugins = quota

# mail_plugin_dir = /usr/lib/dovecot/modules/imap

postmaster_address = postmaster@emergen.org

auth_socket_path = /var/run/dovecot-auth-master

log_path = /var/log/dovecot-deliver.log

info_log_path = /var/log/dovecot-deliver.log

}

auth default {

mechanisms = plain

socket listen {

master {

path = /var/run/dovecot-auth-master

mode = 0600

user = vmail # User running Dovecot LDA

}

passdb pam {

}

# LDAP database

userdb ldap {

args = /etc/dovecot/dovecot-ldap.conf

}

user = vmail

}

plugin {

# Default quota for all users is set to 100 MB with a

# limit of 5000 messages in Mailbox.

# quota = maildir:storage=102400:messages=500

}

64,1 Bot

The second configuration file is

#vi /etc/dovecot/dovecot-ldap.conf

hosts = asim.emergen.org

ldap_version = 3

base = ou=people,dc=asim,dc=emergen,dc=org

scope = subtree

user_attrs = uid,mailMessageStore,,,,,mailQuotaSize=quota

user_filter = (&(&(objectClass=qmailUser)(accountStatus=active))(|(mailAlternateAddress=%u)(mail=%u)(uid=%u)))

user_global_uid = 1005

user_global_gid = 1005

Now, we have to define the authentication type in the file /etc/default/saslauthd .

#vi /etc/default/saslauthd

SunRay Server Setup Ubuntu

File Needed
srss_3.1.1.zip
httpd.conf # for apache
jre-1_5_0_05-linux-i586.bin
sray311fcs-debian.patch.2007-02-02
xmgr-gdm.tar
gdm.conf-custom
10SUNWut
zsunray-init
gdm.conf
step 1.
vi /etc/apt/source.list

deb http://apt-proxy:1010/ubuntu/ feisty main restricted
deb-src http://apt-proxy:1010/ubuntu/ feisty main restricted

deb http://apt-proxy:1010/ubuntu/ feisty-updates main restricted
deb-src http://apt-proxy:1010/ubuntu/ feisty-updates main restricted

deb http://apt-proxy:1010/ubuntu/ feisty universe
deb-src http://apt-proxy:1010/ubuntu/ feisty universe

deb http://apt-proxy:1010/ubuntu/ feisty multiverse
deb-src http://apt-proxy:1010/ubuntu/ feisty multivers

Step 2.
apt-get --purge remove apache2
apt-get install slapd apache sun-java5-jre sun-java5-jdk

step 3.
./ubuntu-srss-install.sh
Restart the machine.

And apply this patch file its very important else you'll get error messgae
tconfig: fatal, Sun Ray Core Services is not installed on this host
cd / && sudo patch -p0 </path/to/sray311fcs-debian.patch.2007-02-02
step 4.
# mkdir /etc/sysconfig
# ln -s /etc/dhcp3/dhcpd.conf /etc/sysconfig/dhcpd
# ln -s /etc/dhcp3/dhcpd.conf /etc/dhcpd.conf
# ln -s /etc/init.d/dhcp3-server /etc/init.d/dhcpd

/opt/SUNWut/sbin/utadm -A 192.168.2.0

-------------------------------------------------------------------
root@srss-desktop:/opt/SUNWut/sbin# /opt/SUNWut/sbin/utadm -A 192.168.3.0
### Configuring /etc/nsswitch.conf
### Configuring Service information for Sun Ray
Selected values for subnetwork "192.168.3.0"
net mask: 255.255.255.0
no IP addresses offered
auth server list: 192.168.3.1
firmware server: 192.168.3.1
Accept as is? ([Y]/N): N
new netmask: [255.255.255.0]
Do you want to offer IP addresses for this subnet? (Y/[N]): Y
new first Sun Ray address: [192.168.3.245] 192.168.3.1
number of Sun Ray addresses to allocate: [254]
auth server list: 192.168.3.1
To read auth server list from file, enter file name:
Auth server IP address (enter <CR> to end list):
If no server in the auth server list responds,
should an auth server be located by broadcasting on the network? ([Y]/N): N
new firmware server: [192.168.3.1]
new router: [192.168.3.1]
Selected values for subnetwork "192.168.3.0"
net mask: 255.255.255.0
first unit address: 192.168.3.1
last unit address: 192.168.3.254
auth server list: 192.168.3.1
firmware server: 192.168.3.1
router: 192.168.3.1
Accept as is? ([Y]/N): Y

Step 5.
/opt/SUNWut/sbin/utadm -L on
/opt/SUNWut/sbin/utrestart

# ln -s /usr/lib/libldap.so.2 /usr/lib/libldap.so.199
# ln -s /usr/lib/liblber.so.2 /usr/lib/liblber.so.199
step 6.
/opt/SUNWut/sbin/utconfig

Continue ([y]/n)?
Enter Sun Ray admin password:
Re-enter Sun Ray admin password:

Configure Sun Ray Web Administration? ([y]/n)?
Enter port number [1660]:
Enter CGI username [utwww]:
Enable remote server administration? (y/[n])? y
Configure Controlled Access Mode? (y/[n])?
Configure this server for a failover group? (y/[n])?
Continue ([y]/n)?

# /etc/init.d/apache restart
# /etc/init.d/zsunray-init start

Test the SRSS Administration setup by viewing http://localhost:1660 in a browser.

step 7.
Commenting all IPV6 entries in /etc/hosts
sed -i -e '/ip6/s/^/#/g' /etc/hosts
Or you can comment by ur self.

Create this file.
vi /etc/modprobe.d/bad_list
and add alias net-pf-10 off

step 8.
# mkdir /tftpboot
Load the firmware images into the /tftpboot directory:
/opt/SUNWut/sbin/utfwadm -A -a -N 192.168.2.240

step 9.
included into the DHCP configuration file to update the firmware version numbering.
sudo sed -i -e 's/3\.0_51\,REV\=2004\.11\.10\.16\.18/3.1_32,REV=2005.08.24.08.55/g' /etc/dhcp3/dhcpd.conf

#grep REV /etc/dhcp3/dhcpd.conf
# SunRay firmware version: 3.1_32,REV=2005.08.24.08.55
option SunRay.NewTVer "3.1_32,REV=2005.08.24.08.55";

# /etc/init.d/dhcp3-server restart
step 10.
Ubuntu uses x.org instead of X11, the following workaround is required:
#ln -s /etc/X11/xorg.conf /etc/X11/XF86Config

To get SunRay variables added to the user's environment on login, add the 10SUNWut script
into the Xsession directory:

# cp 10SUNWut /etc/X11/Xsession.d/.

step 11.
# ln -s /usr/sbin/gdm /usr/sbin/gdm-binary

Edit this file
#vi /etc/init.d/gdm

DAEMON=/usr/sbin/gdm-binary

start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --name gdm-binary $SSD_ARG --
$CONFIG_FILE >/ dev/null 2>&1 || log_end_msg 1

start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE --name gdm-binary $SSD_ARG --
retry 30 >/dev/null 2>&1 log_end_msg 0

start-stop-daemon --stop --signal USR1 --quiet --pidfile \
$PIDFILE --name gdm-binary $SSD_ARG >/dev/null 2>&1
log_end_msg 0

# cp /etc/gdm/gdm.conf /etc/gdm/gdm.conf.back
# cp gdm.conf /etc/gdm/.
step 12.
Reboot the machine and also thin clinet ;)

for more help :- https://help.ubuntu.com/community/UbuntuOnSunRay and is also google ever green.

LTSP(Linux Terminal Server project)

Introduction.

The Linux Terminal Server Project adds thin-client support to Linux servers.

Prerequisited for Installation

Before installing LTSP we need DHCP that must be already installed & configured on your

system.

Installation

DHCP (Dynamic Host Configuration Protocol)

apt-get install dhcp3-server dhcp3-common

After installation just you have to edit a file dhcpd.conf

vi /etc/dhcp3/dhcpd.conf

ddns-update-style none;

option domain-name "domain.com";

option domain-name-servers IP[i.e =192.168.3.1];

next-server IP[i.e=192.168.3.2];

default-lease-time 600;

max-lease-time 7200;

#log-facility local7;

subnet [i.e=192.168.3.0] netmask 255.255.255.0 {

# range [starting] [ending]

range 192.168.3.10 192.168.3.100;

option subnet-mask 255.255.255.0;

option routers 192.168.3.1;

# option broadcast-address 10.5.5.31;

}

NFS

apt-get install nfs-kernel-server

After installation add permissions on any directory to any user. For this open

vi /etc/exports

[Folder name] [Client-IP/Complete Network] / [Netmask](permissions)

/home 192.168.1.0/255.255.255.0(rw)

LTSP

apt-get install ltsp-server

Note : If you find i386 [/opt/ltsp/i386] in your system than remove that.

rm -fr /opt/ltsp/i386

apt-get install atftpd

There are two ways to take all the packges to complete the LTSP installation.

ONE if you have all the updates download as a tar file or second if you have to connect

with the internet and download the updates. It's may be take two or three hours depending on your

internet speed.

If you want to download form internet or for apt server than

ltsp-build-client –mirror http://apt-proxy.emergen.biz:1010/kubuntu

ltsp-build-client uses the ubuntu archive mirrors in order to build an ltsp client for use with the ltsp server.

ltsp-update-sshkeys

ltsp-update-sshkeys updates the current ltsp servers sshkeys in the client chroot. This is required for example if the ltsp server changes ip address.

After performing all these step you have to edit the dhcpd.conf file

Add this line

option-root-path “/opt/ltsp/i386”;

And in the body where you are defining range add this line

filename “/ltsp/pxelinux.0”

After editting dhcpd.conf you have to add two line in exports file.

vi /etc/exports

/opt/ltsp *(ro,no-root-squash,sync)

/var/opt/ltsp/swapfiles *(rw,no-root-squash,sync)

Some times there is some error related with xdmcp bcoz of xdmcp is not enabled bcoz of that you are unable to boot GUI on thin-clients.

for enabling xdmcp

vi /etc/kde3/kdm.kdmre

[xdmcp]

Enable=true ( It was false before)

After this restart

/etc/init.d/nfs-kernel-server restart

/etc/init.d/portmap restart

/etc/init.d/inetd restart

After this execute commad

showmount -e

showmount queries the mount daemon on a remote host for information about the state of the NFS server on that machine. With no options showmount lists the set of clients who are mounting from that host.

After this Open

vi /etc/kd3/kdm/xaccess

Find line like

# * #Any host can get a login windows

remove 1^st hash (number sign) from this line.

After removing the hash sign restart kdm and execute

netstat -anp| grep 177

you should see line like

udp 0 00 6716/kdm

After this restart DHCP & bootup client.

this client'll boot up :)

SECOND If we have downloaded updates as i iso on CD than run

ltspadmin

one menu is appear

===================================================================

Thin Client deployment on SuSe Enterprise 9

This document details the deployment and maintenance using LTSP on Suse Linux Enterprise Server 9.

Introduction

LTSP is an add-on package for Linux that allows you to connect lots of low-powered thin client terminals to a Linux server. Applications typically run on the server, and accept input and display their output on the thin client display.

Prerequisites for Installation of LPST

Before Installing LTSP you need LWP Pearl already installed on your system.

Also you need a TFTP server for LTSP.

Installation

There are two ways to install LTSP 4.1 .

1. LTSP Installer
You can download the LTSP installer, and use that to download the rest of the packages.

2. ISO image
Download the ISO image and use the LTSP Installer to install from that.

We use second method in this document . Download ISO image but you need to run it on Apache or any other web server because it needs an web URL and mount the ISO directory to apache default web folder .

server # mount -o loop /home/noman/LTSP4.1/ltsp-4.1-1.iso /srv/www/htdocs/

Now you have LTSP installer in htdocs folder. Install it first .

server # rpm -ivh ltsp-utils-0.10-0.noarch.rpm

Now Run ltspadmin for LTSP package installation.

server # ltspadmin

Selection main menu is appered.

Select Install and update LTSP package.

LTSP installer Configuration wizard appears.

give your local apache web address for file to retrieve from there else it go on internet to get packages from there.

http://localhost

Specify directory for LTSP client Configuration to place all client files there.

/opt/ltsp

Select All packages to install.

Now select Configure LTSP.

1. Runlevel

2. Interface selection

3. DHCP Configuration

4. TFTP Configuration

5. Portmapper Configuration

6. NFS Configuration

7. XDMCP Configuration

8. Create /etc/hosts entries

9. Create /etc/hosts.allow entries

10. Create /etc/exports entries

11. Create lts.conf files

1. Run Level

Enter run level 5 for GUI Login Mode.

2. Interface selection

Select the Network Interface for clients to connect if you have only one its select .

3. DHCP Configuration

# Sample configuration file for ISC dhcpd

# Make changes to this file and copy it to /etc/dhcpd.conf.sample

ddns-update-style none;

default-lease-time 21600;

max-lease-time 21600;

option ntp-servers 192.168.2.254;

option domain-name "emergen.biz”;

option domain-name-servers 192.168.2.254;

option subnet-mask 255.255.255.0;

option broadcast-address 192.168.2.255;

option routers 192.168.2.249;

option domain-name-servers 192.168.2.249;

option domain-name "ltsp"; # <--Fix this domain name

option root-path "192.168.2.249:/opt/ltsp/i386";

option option-128 code 128 = string;

option option-129 code 129 = text;

subnet 192.168.2.0 netmask 255.255.255.0 {

use-host-decl-names on;

range 192.168.2.60 192.168.2.240;

filename "lts/2.4.26-ltsp-3/pxelinux.0";

option log-servers 192.168.2.249;

}

# Add these two lines to the host entry that needs kernel parameters

# option option-128 e4:45:74:68:00:00; # NOT a mac address

# option option-129 "NIC=ne IO=0x300";

4. TFTP Configuration

Enable TFTP.

5. Portmapper Configuration

Enable Poet Mapping (By default its on)

6. NFS Configuration

Enable NFS (By default its on)

7. XDMCP Configuration

Enable XDMCP (By default its XDM and its on)

8. Create /etc/hosts entries

Create hosts with LTSP installer. Then no need to modify it.

9. Create /etc/hosts.allow entries

Create hosts with LTSP installer. Then no need to modify it.

10. Create /etc/exports entries

Create export list with LTSP installer. Then no need to modify it.

12. Create lts.conf files

Create lts.conf with LTSP installer

USB mount on LTSP

1. vi /opt/ltsp/i386/etc/lts.conf //insert HOTPLUG entry.

SERVER = 10.0.2.51

XSERVER = auto

X_MOUSE_PROTOCOL = "PS/2"

X_MOUSE_DEVICE = "/dev/psaux"

X_MOUSE_RESOLUTION = 400

X_MOUSE_BUTTONS = 3

HOTPLUG = Y

USE_XFS = N

SCREEN_01 = startx

2. Next, download the following two scripts and put them in /usr/local/bin

LDA-setup.sh
LDA-shutdown.sh

3. write it on line 83 of /etc/X11/xdm/Xstartup

# Write utmp, wtmp, and lastlog entries. Note that the `exec' is required

# to hold an exisiting pid in utmp during xsession.

/usr/local/bin/LDA-setup.sh

exec ${BINDIR}/sessreg -l $LINE -h $LOCATION -a $USER

$xmessage -timeout 10 -default okay -center "$0: sessreg failed."

4. write it on line 61 of /etc/X11/xdm/Xreset

# Reset utmp, wtmp, and lastlog entries.

/usr/local/bin/LDA-shutdown.sh

exec ${BINDIR}/sessreg -l $LINE -h $LOCATION -d $USER

$xmessage -timeout 10 -default okay -center "$0: sessreg failed." exit 1

5. following these steps

cp /opt/ltsp/i386/sbin/hotplug /opt/ltsp/i386/sbin/hotplug.old

cp hotplug /opt/ltsp/i386/sbin

cp /opt/ltsp/i386/etc/rc.localdev /opt/ltsp/i386/etc/rc.localdev.old

cp rc.localdev /opt/ltsp/i386/etc

Note: This hotplug program expands on ideas of my previous work and work done by Scott Balneaves.

Zimbra- Debian

It's batter to configure bind9 (DNS) before installing zimbra.

First let's install some prerequisites for Zimbra

# apt-get install perl curl fetchmail libpcre3 libgmp3 libexpat1 libxml2

libtie-ixhash-perl sudo libc6-i686 openssl libstdc++6

Afterwards, unpack the Zimbra .tgz file and start the installer:

# tar -xvf zcs-4.5.6_GA_1044.DEBIAN3.1.tgz

# cd zcs/

# ./install.sh

The installer will ask a few questions. Answer them like this:

Operations logged to /tmp/install.log.4416

Checking for existing installation...

zimbra-ldap...NOT FOUND

zimbra-logger...NOT FOUND

zimbra-mta...NOT FOUND

zimbra-snmp...NOT FOUND

zimbra-store...NOT FOUND

zimbra-apache...NOT FOUND

zimbra-spell...NOT FOUND

zimbra-core...NOT FOUND

PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE SOFTWARE.

ZIMBRA, INC. ("ZIMBRA") WILL ONLY LICENSE THIS SOFTWARE TO YOU IF YOU

FIRST ACCEPT THE TERMS OF THIS AGREEMENT. BY DOWNLOADING OR INSTALLING THE SOFTWARE, OR USING THE PRODUCT, YOU ARE CONSENTING TO BE BOUND BY THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, THEN DO NOT DOWNLOAD, INSTALL OR USE THE PRODUCT.

License Terms for the Zimbra Collaboration Suite:

http://www.zimbra.com/license/collaboration_suite_collective_license_1.0.html

Press Return to continue <-- <ENTER>

Install zimbra-ldap [Y] <-- <ENTER>

Install zimbra-logger [Y] <-- <ENTER>

Install zimbra-mta [Y] <-- <ENTER>

Install zimbra-snmp [Y] <-- <ENTER>

Install zimbra-store [Y] <-- <ENTER>

Install zimbra-spell [Y] <-- <ENTER>

The system will be modified. Continue? [N] <-- y

Main menu

1) Hostname: mail.example.com

2) Ldap master host: mail.example.com

3) Ldap port: 389

4) Ldap password: set

5) zimbra-ldap: Enabled

6) zimbra-store: Enabled

+Create Admin User: yes

+Admin user to create: admin@mail.example.com

****** +Admin Password UNSET

+Enable automated spam training: yes

+Spam training user: spam.tukjrdnaco@mail.example.com

+Non-spam(Ham) training user: ham.rg8fvq6cd4@mail.example.com

+Global Documents Account: wiki@mail.example.com

+SMTP host: mail.example.com

+Web server HTTP port: 80

+Web server HTTPS port: 443

+Web server mode: http

+Enable POP/IMAP proxy: no

+IMAP server port: 143

+IMAP server SSL port: 993

+POP server port: 110

+POP server SSL port: 995

+Use spell check server: yes

+Spell server URL: http://mail.example.com:7780/aspell.php

7) zimbra-mta: Enabled

8) zimbra-snmp: Enabled

9) zimbra-logger: Enabled

10) zimbra-spell: Enabled

r) Start servers after configuration yes

s) Save config to file

x) Expand menu

q) Quit

Address unconfigured (**) items (? - help) <-- 6

Store configuration

1) Status: Enabled

2) Create Admin User: yes

3) Admin user to create: admin@mail.example.com

** 4) Admin Password UNSET

5) Enable automated spam training: yes

6) Spam training user: spam.tukjrdnaco@mail.example.com

7) Non-spam(Ham) training user: ham.rg8fvq6cd4@mail.example.com

8) Global Documents Account: wiki@mail.example.com

9) SMTP host: mail.example.com

10) Web server HTTP port: 80

11) Web server HTTPS port: 443

12) Web server mode: http

13) Enable POP/IMAP proxy: no

14) IMAP server port: 143

15) IMAP server SSL port: 993

16) POP server port: 110

17) POP server SSL port: 995

18) Use spell check server: yes

19) Spell server URL: http://mail.example.com:7780/aspell.php

Select, or 'r' for previous menu [r] <-- 4

Password for admin@mail.example.com (min 6 characters): [8BD.yZtFh] <-- [specify a password for the admin user, e.g. howtoforge]

Select, or 'r' for previous menu [r] <-- <ENTER>

Main menu

1) Hostname: mail.example.com

2) Ldap master host: mail.example.com

3) Ldap port: 389

4) Ldap password: set

5) zimbra-ldap: Enabled

6) zimbra-store: Enabled

7) zimbra-mta: Enabled

8) zimbra-snmp: Enabled

9) zimbra-logger: Enabled

10) zimbra-spell: Enabled

r) Start servers after configuration yes

s) Save config to file

x) Expand menu

q) Quit

*** CONFIGURATION COMPLETE - press 'a' to apply

Select from menu, or press 'a' to apply config (? - help) <-- a

Save configuration data to a file? [Yes] <-- <ENTER>

Save config in file: [/opt/zimbra/config.5762] <-- <ENTER>

Saving config in /opt/zimbra/config.5762...Done

The system will be modified - continue? [No] <-- y

You have the option of notifying Zimbra of your installation.

This helps us to track the uptake of the Zimbra Collaboration Suite.

The only information that will be transmitted is:

The VERSION of zcs installed (zcs-4.5.6_GA_1044.DEBIAN3.1)

The ADMIN EMAIL ADDRESS created (admin@mail.example.com)

Notify Zimbra of your installation? [Yes] <-- [if you want to notify Zimbra of your installation, type y, otherwise n]

Configuration complete - press return to exit <-- <ENTER>

That's it already. To test if all Zimbra services are running, become the zimbra user:

# su zimbra

and run

# zmcontrol status

The output should look like this:

zimbra@mail:~$ zmcontrol status

Host mail.example.com

antispam Running

antivirus Running

ldap Running

logger Running

mailbox Running

mta Running

snmp Running

spell Running

If not all services are started, run

# zmcontrol start

Type exit

Access from the browser.

for user --> http://ipaddress

for administrator --> https://ipaddress:7170

Adding user's through command

# su zimbra

zmprov ca [username@domain] [password] [attribute] [value] [attribute] [value]

# zmprov ca imtiaz@mail.emergen.org imtiaz

You can also add the user's from a file

# vi zimbrausers

ca user1 user1pass

ca user2 user2pass

ca user3 user3pass

ca adminuser adminuserpass zimbraIsAdminAccount TRUE

ca user4 user4pass zimbraMailAlias user_4 zimbraMailAlias user_four zimbraMailAlias user.four

ca nopassuser

Save a file and run

# zmprov < zimbrausers

Configuring external LDAP Authentication

LDAP Filter:

[http://wiki.zimbra.com/index.php?title=LDAP_Authentication]

To set the LDAP query filter, you will need a substitution variable and an attribute on the external LDAP server to search. The substitution variable is obtained from the 'Username' box on the user login page. Possible substitution variables are (e.g., usera@domain.com):

%n = username with @ symbol - returns 'usera@domain.com'

%u = username without the @ - returns 'usera'

%d = domain - returns 'domain.com'

%D = domain as dc=domain,dc=com - this is a common format for directories such as Active Directory and OpenLDAP

Example:

Possible filters for ldap.

uid=%u

LDAP Base Search.

o=corp - Exchange 5.5

o=corp,c=us - Lotus Domino

dc=domain,dc=com - Active Directory, OpenLDAP

ou=Mail Users,dc=domain,dc=com - Active Directory restricting to "Mail Users" organizational unit.

http://www.howtoforge.com/perfect_setup_xen3_debian_p4?s=6fb984c03076b8510d78e22ad3a09c48&

http://www.howtoforge.com/installing_zimbra_collaboration_suite_on_ubuntu

Knowledge blog

Monday, February 15, 2016

Postfix , Dovecot and Its Integration with LDAP

SunRay Server Setup Ubuntu

LTSP(Linux Terminal Server project)

Zimbra- Debian

AWS EC2 - SSH locked with UFW

ClusterMap

Report Abuse