Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-Id: <20051004155351.56c107c1@camus.afm-intra.de>
Date: Tue, 4 Oct 2005 15:53:51 +0200
From: Stanislav <owl@...e.org>
To: owl-users@...ts.openwall.com
Subject: ldap / pam / tcb / popa3d / maildir

Dear Openwall User, 

i am trying to setting up a mail server with owl stable as base
system. First my experiences, 

- postfix setup with Maildir support works fine.

- recompile glibc to include nscd and attach an init script.

So far, all went OK. My users are all on a directory server. For 
that i build openldap and nss/pam stuff for ldap.

- postfix works now fine with that ldap users. (i recompiled
 for alias queries to ldap, not necessary for ldap users)

 $ getent passwd/groups 

shows me that what i want to see.

Now my interferences:

Doing an 'su' to a ldap user works of course for root but showing:

 Account management:- Insufficient credentials 
 to access authentication data

My primary focus is popa3d and not suing. For that i didn't 
try to customize pam.d/su for ldap users (cause i also think its 
to entangled with tcb) but i compiled popa3d with Maildir support
and 

#define AUTH_SHADOW                   1
#define AUTH_PAM_USERPASS             0
#define USE_LIBPAM_USERPASS           0
#undef MAIL_SPOOL_PATH
#define HOME_MAILBOX_NAME             "Maildir"

for local users this works but not for my ldap users.

syslog: "Oct  4 14:19:39 reserved6 popa3d[.]: 
         Authentication failed for ldapuser"

My nsswitch looks like: 

 passwd: files ldap
 shadow: tcb ldap
 group:  files ldap

I tried a couple different configuration of pop3ad 
but no one works. I have no more ideas. What do you say ?


Many thanks in advance,

Stanislav

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.