Penguin
Note: You are viewing an old revision of this page. View the current version.

Over a weekend myself and my CoWorker decided to create a mail system using ActiveDirectory as a backend database for authentication of usernames.

This allows us a single central database for users names/passwords.

Software Configuration:

  • Windows 2003 Datacenter Server
  • Debian Linux 3.0 (woody)
  • Exim 3.35
  • Cyrus 2.1.15
  • Samba 3.0b2

to be continued...

Exim Configuration

We need to two entries to the exim config file (/etc/exim/exim.conf). The director entry (actice_directory_user) takes a (local) email address after alias expansion (remember, order is important) and decides whether the mailbox exists and if so, what transport should be used to deliver the mail. The transport entry (local_delivery_cyrus) will use cyrdeliver to pass the resolved mail to the cyrus mailbox and will return an error if the mailbox doesn't exist.

Directors Section

active_directory_user

driver = aliasfile search_type = ldapm query = "user=\"cn=admin,ou=Accounts,dc=domain,dc=co,dc=nz\" pass=\"Secret12\" \

ldap://adserver.domain.co.nz:389/dc=domain,dc=co,dc=nz?sAMAccountName?sub?(sAMAccountName=$local_part)"

expand transport = local_delivery_cyrus

Transports Section

local_delivery_cyrus
driver = pipe command = /usr/sbin/cyrdeliver $local_part user = cyrus group = mail return_output log_output prefix = suffix =

See LDAPNotes for more information on LDAP Urls / Searches.


CategoryInteroperability