new domains without changes to /etc/kolab/kolab.conf OR "pure" LDAP-only administration
Christian Hügel
christian.huegel at stonebyte.de
Thu Oct 31 07:48:16 CET 2013
Am 31-10-2013 04:22, schrieb Christian Tardif:
> That I can help with.
>
> Once your kolab 3.1 installation is done (I think I've seen it's
> possible in Kolab 3.0, but..), you have to edit/correct a couple of
> things:
>
> 1) You have to download and run this script:
>
> https://github.com/tpokorra/kolab3_tbits_scripts/blob/master/kolab3.1/initMultiDomain.sh
>
> with a single parameter: your cn=Directory Manager password
>
> It will update a number of files...
>
> Oh! You know what? I'm attaching the initMultiDomain.sh script that I
> modified to automate some patches download, in order to make things
> simpler. Because if you don't check the script before running it,
> chances are that it will fail to complete since you'll be missing 4
> patches.
>
> Maybe someone would want to replace the online script with the one I
> just provided? It's the exact same thing, but just easier to run.
>
> Done for the base setup. Now, you can create the domain, and this
> will create another ldap tree... completely isolated from the first
> one. But the creation of the domain won't help much at that point. Log
> out from the Kolab Admin Panel, then log back in. On the top right,
> left from Logout, you'll see a text menu with your default domain (the
> one you created during instalation). Click on it, and you'll get a
> menu allowing to change the domain on which to work. Now, you can
> create a user in the domain you want.
>
> But there's more to do. Actually, the setup-kolab install script does
> not create certificates. So once your user is created, you won't see
> it appear under /var/spool/imap/domain/ structure. Why? Because the
> pykolab script can't log to the imap server since tls is not
> available, as there's no certificates.
>
> Here's the recipe (adapt it for your environment):
>
> * openssl req -new -nodes -out req.pem -keyout key.pem
> * openssl rsa -in key.pem -out new.key.pem
> * openssl x509 -in req.pem -out ca-cert -req -signkey new.key.pem
> -days 3650
> * cp new.key.pem /etc/pki/cyrus-imapd/cyrus-imapd.pem
> * cat ca-cert >> /etc/pki/cyrus-imapd/cyrus-imapd.pem
>
> Now, you have a certificate you can work with. By the time you check,
> your user directory will probably be created. Depending on the distro
> you're using (I assume CentOS), you will probably see a lot of errors
> in .... well, I don't remember the logfile name :-) , but you'll
> see errors complaining that /etc/sasldb2 does not exist. You just
> need to create a dummy file with:
>
> saslpasswd2 /etc/sasldb2
>
> and set appropriate permissions:
>
> chown cyrus /etc/sasldb2
> chmod 640 /etc/sasldb2
>
> Now, you should have a setup to play with.
>
> Cheers!
>
> Christian...
...great. All useful infos at one place. Let´s not forget the 5 minutes
delay when creating another mailbox:
edit /usr/lib/python2.6/site-packages/kolabd/__init__.py line
257 (https://git.kolab.org/pykolab/tree/kolabd/__init__.py#n257)
if len(removed_domains) == 0 and len(added_domains) == 0:
time.sleep(300)
change 300 to 10, so it will not sleep for 5 minutes, only 10 seconds.
Christian
More information about the users
mailing list