Am 06.01.2014 10:05, schrieb Arnaud Jayet: > Hello, > > first, happy new year ! > > I have a SMTPS server with SASL user authentication based on LDAP > access/search. I have some troubles with the ldap server, so smtps > service is sometimes down because LDAP service is unreachable. > > i would like to add a rescue/secondary backend with a MySQL table to let > users authenticate ever if LDAP is unreachable : > First LDAP access and if the service failed, second MySQL access > > How can i do that, with PAM (pam_ldap + pam_mysql) ? > Thank you for any help or config files samples. > > > Here is my configuration files : > > > main.cf : > > # TLS parameters > smtpd_tls_cert_file=/etc/postfix/certs/smtp.crt > smtpd_tls_key_file=/etc/postfix/certs/smtp.key > smtpd_sasl_auth_enable = yes > broken_sasl_auth_clients = yes > smtpd_sasl_authenticated_header = yes > smtpd_use_tls=yes > > smtpd_recipient_restrictions = permit_mynetworks, > permit_sasl_authenticated, reject_unauth_destination > > ----- > > /etc/postfix/sasl/smtpd.conf : > > pwcheck_method: saslauthd > #mech_list: plain login > mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 > allow_plaintext: true > > ---- > > /etc/default/saslauthd : > > START=yes > DESC="SASL Authentication Daemon" > NAME="saslauthd" > MECHANISMS="ldap" > # Additional options for this mechanism. (default: none) > # See the saslauthd man page for information about mech-specific options. > MECH_OPTIONS="" > # How many saslauthd processes should we run? (default: 5) > # A value of 0 will fork a new process for each connection. > THREADS=5 > > ----- > > /etc/saslauthd.conf : > > ldap_servers: ldap://ldap.univ-lille3.fr > ldap_bind_dn: cn=crir,ou=ldapusers,dc=univ-lille3,dc=fr > ldap_password: xxxxxxxxxxxx > ldap_search_base: ou=people,dc=univ-lille3,dc=fr > ldap_filter: eduPersonPrincipalName=%U > ldap_password_attr: userPassword > > >
perhaps static tables are better or use smtp reciept verify but i am not sure about a good fallback combi with ldap Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
