Hi everyone,
I installed Community Edition for evaluating Scalix (10.0.0.354). One thing important for us would be to use passwords from unix accounts. Therefor I created Scalix users with "omaddu ... -u unixuser --lock-password ..." and changed "pam.d/ual.remote". That is working fine.
Users created in this way are unable to use their personal contacts in Web Access, because they cannot connect to the "o=MyContacts" ldap tree. After manually adjusting their Scalix password in SAC equally to the unix password, this works.
How is authentication for ldap working? Is there a way to use PAM or am I generally wrong with this kind of configuration?
Thanks and sorry for my bad english,
Andreas
PAM: authentification via unix accounts
Moderators: ScalixSupport, admin
-
florian
- Scalix
- Posts: 3852
- Joined: Fri Dec 24, 2004 8:16 am
- Location: Frankfurt, Germany
- Contact:
Yessir.
LDAP's authentication is controlled by the "omslapdeng" PAM config file! This is in the same directory and has the same format as ual.remote. To be complete, you might also want to change the ual.local, pop3 and smtpd.auth PAM config files.
cheers,
Florian.
LDAP's authentication is controlled by the "omslapdeng" PAM config file! This is in the same directory and has the same format as ual.remote. To be complete, you might also want to change the ual.local, pop3 and smtpd.auth PAM config files.
cheers,
Florian.
Florian von Kurnatowski, Die Harder!
-
fra
Florian,
You helped a lot!
One last question on this: There is a nice Technical Note about the Scalix PAM architecture, I just could not find this information. Is there any summary about the relation between services and config files? This is mostly self-explanatory, but for what do I need ual.local, for example?
... maybe I am not clever enough :-)
Many thanks,
Andreas
You helped a lot!
One last question on this: There is a nice Technical Note about the Scalix PAM architecture, I just could not find this information. Is there any summary about the relation between services and config files? This is mostly self-explanatory, but for what do I need ual.local, for example?
... maybe I am not clever enough :-)
Many thanks,
Andreas
-
florian
- Scalix
- Posts: 3852
- Joined: Fri Dec 24, 2004 8:16 am
- Location: Frankfurt, Germany
- Contact:
Hi Andreas,
I believe currently ual.local is used for some command line tools, accessing the user's mailbox, like omtidyu. Authentication in those cases would only apply if the user was to run the tool himself, which is rarely the case nowadays.
In understand that our documentation has some missing bits and pieces there. we're trying to get better. we just launced the CE Raw program, and one purpose of that is to better spread technical information around Scalix. See www.scalix.com/ceraw for details.
Cheers,
Florian.
I believe currently ual.local is used for some command line tools, accessing the user's mailbox, like omtidyu. Authentication in those cases would only apply if the user was to run the tool himself, which is rarely the case nowadays.
In understand that our documentation has some missing bits and pieces there. we're trying to get better. we just launced the CE Raw program, and one purpose of that is to better spread technical information around Scalix. See www.scalix.com/ceraw for details.
Cheers,
Florian.
Florian von Kurnatowski, Die Harder!
-
fra
Who is online
Users browsing this forum: No registered users and 8 guests