[Freeipa-users] FreeIPA Psotfix+Dovecot

Dave Gonzalez dgonzalezh at gmail.com
Thu Jun 26 15:55:36 UTC 2014 

Hello Mr. freeipa-users

On 6/26/2014 2:17 AM, Petr Spacek wrote:
> On 25.6.2014 15:03, Dave Gonzalez wrote:
>> Hey again guys,
>>
>> I know and understand there are topics that draw more interest and 
>> attention
>> than others but I'd really need to insist on a *working*
>> FreeIPA+Postfix+Dovecto tutorial tested by any members of the 
>> community?.
>>
>> I'd like to deploy this setup for my company so that some 20+ users can
>> authenticate OTP-style or SSO-style to Services on my current setup 
>> which
>> include Openfire, Asterisk.
>>
>> I'd really appreciate a bit more attention to something that many 
>> users will
>> like me thank and appreciate.
>
> Hello,
>
> Do you have any particular problem with how-tos in Mail Services section?
> http://www.freeipa.org/page/HowTos#Mail_Services

It's a very very valuable effort which has helped me greatly, so I'm not 
complaining. There's more like misleading information and at some points 
incomplete.

For instance. I could point out that from the Dovecot part the author is 
using the "protocols" statement which is now obsolete. 
(http://www.freeipa.org/page/Dovecot_IMAPS_Integration_with_FreeIPA_using_Single_Sign_On)

quote


    Edit /etc/dovecot/dovecot.conf to allow imap

Find

#protocols = imap pop3 lmtp

and replace with

protocols = imap


end quote

Another is where you add the "mailusers" group and the corresponding 
user, they never mention that you need to get a new ticket with "kinit 
admin"

quote


    Create new IPA group for mailbox access

 From your IPA server, create a new group for your users to store their 
mailbox

[root at ds01 ~]# ipa group-add
  Group name: mailusers
  Description: Mail User Group
  --------------------
  Added group "mailusers"
  --------------------
  Group name: mailusers
  Description: Mail User Group
  GID: 1427200003
[root at ds01 ~]#


end quote

For many people that'd be no problem as some of the users are more 
experienced than others, but for me it was apain to try to debug the 
ticket issue because though I've been a Linux user for a long time am a 
total n00b when it comes to Kerberos, IPA and LDAP.

I promise that when I get my setup done, I've taken notes that I'll add 
to the wiki to help others, I've been struggling to get this setup 
working for two weeks now and the problem is that I need to iumplement 
this for my company to replace existing email system.

Kind regards.

-- Cheers DavidG
>
> The wiki is open to anyone with Fedora account so feel free to fix any 
> bugs you find in the how-tos when you try them.
>
> If you encounter some hard problem then please report which versions 
> you use, what you did, what doesn't work etc. so we can help you.
>
> Have a nice day!
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140626/3187c809/attachment.htm>

More information about the Freeipa-users mailing list