Initial Configurations of Windows server 2019
For this section, we are going to use OpenLDAP as a backend to both our Postfix (as an MTA) and Dovecot (as an POP3/IMAP server) users, in order for them to be connected to each other, and help with address lookup and aliases.
Note
OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol ( LDAP). This section doesn’t cover how to install an OpenLDAP server. We will assume that we have one already configured inside our network.
Our OpenLDAP server has the following information as follows:
dn: uid=user,ou=people,dc=packtldap,dc=co,dc=uk
objectClass: posixAccount
objectClass: inetOrgPerson
uid: user1
homeDirectory: /home/user1
userPassword: <passwordhash>For the configuration of the LDAP settings for both of our services, we need to edit and add some options to their configuration files. We will start with Dovecot. We will first open the Dovecot main configuration file with a text editor, then make the necessary changes:
$ sudo nano /etc/dovecot/dovecot.conf
Then we check the following options if any change is needed or, if they don’t exist, we need to add them:
# Define the mail user and group UID and GID
mail_uid = 5000
mail_gid = 5000
# Define the default Authentication method
auth default {
mechanisms = plain
# Define the LDAP database password file
passdb ldap {
args = /etc/dovecot/dovecot-ldap.pass
}
# Define the LDAP database user file
userdb ldap {
args = /etc/dovecot/dovecot-ldap.user
}
# Define the socket Listening parameters
socket listen {
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}Then we need to create the LDAP database files and populate them:
$ sudo nano /etc/dovecot/dovecot-ldap.user
Next, we add the following code with the necessary change, then we save:
hosts = packtldap.co.uk:389
sasl_bind = no
auth_bind = yes
ldap_version = 3
deref = never
base = uid=%n,ou=people,dc=packtldap,dc=co,dc=uk
scope = base
user_attrs = homeDirectory=home
dn = uid=manager,dc=packtldap,dc=co,dc=uk
dnpass = passwordThe following image shows, OpenLDAP serves both inbox and outbox mail services:
We do the same thing for the second LDAP database file:
$ sudo nano /etc/dovecot/dovecot-ldap.pass
Then we add the following code with the necessary change, save the file, and exit:
hosts = packtldap.co.uk:389
sasl_bind = no
auth_bind = yes
ldap_version = 3
deref = never
base = uid=%n,ou=people,dc=packtldap,dc=co,dc=uk
scope = base
dn = uid=manager,dc=packtldap,dc=co,dc=uk
dnpass = passwordWith this step, we can say that Dovecote is successfully configured to use our LDAP server. We proceed to the Postfix configuration. As usual we can edit the main configuration file, /etc/postfix/main.cf using a text editor or we can just use the fast configuration setup command:
$ sudo postconf -e 'accounts_server_host = packtldap.co.uk'
$ sudo postconf -e 'accounts_search_base = ou=people,dc=packtldap,dc=co,dc=uk'
$ sudo postconf -e 'accounts_query_filter = (&(objectClass=inetOrgPerson)(mail=%s))'
$ sudo postconf -e 'accounts_result_attribute = homeDirectory'
$ sudo postconf -e 'accounts_result_format = %s/Mailbox'
$ sudo postconf -e 'accounts_scope = sub'
$ sudo postconf -e 'accounts_cache = yes'
$ sudo postconf -e 'accounts_bind = yes'
$ sudo postconf -e 'accounts_bind_dn = uid=manager,dc=packtldap,dc=co,dc=uk'
$ sudo postconf -e 'accounts_bind_pw = password'
$ sudo postconf -e 'accounts_version = 3'
$ sudo postconf -e 'virtual_transport = virtual'
$ sudo postconf -e 'virtual_uid_maps = static:5000'
$ sudo postconf -e 'virtual_gid_maps = static:5000'
$ sudo postconf -e 'virtual_mailbox_base = /'
$ sudo postconf -e 'virtual_mailbox_maps = ldap:accounts'
$ sudo postconf -e 'virtual_mailbox_domains = packtldap.co.uk'
Then to submit the change, we need to restart both services:
$ sudo systemctl restart postfix.service
$ sudo systemctl restart dovecot.service