Kerio
Aus MHC-Wiki
Based on: http://support.kerio.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=409
Inhaltsverzeichnis |
IMAP Migration
imapsync --regexflag 's/NonJunk//g' --regexflag 's/.*?(?:(\\(?:Answered|Flagged|Deleted|Seen|Draft)\s?)|$)/defined($1)?$1:q()/eg' --subscribed --host1 127.0.0.1 --prot1 143 --user1 USR --password1 PWD --host2 127.0.0.1 --port2 10143 --user2 USR --password2 PWD --prefix2 ALT
Open LDAP
slapd.conf
Add:
include /etc/ldap/schema/kerio-mailserver.schema index kerio-Mail-Address eq index uid eq
nis.schema
Add this:
attributetype ( 1.3.6.1.1.1.1.34 NAME 'groupMemberShip'
EQUALITY caseExactIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype (1.3.6.1.1.1.1.35
NAME ( 'apple-generateduid' )
DESC 'generated unique ID'
EQUALITY caseExactMatch
SUBSTR caseExactSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
above the following, and modify the following to look like this:
# Object Class Definitions
objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount'
DESC 'Abstraction of an account with POSIX attributes'
SUP top AUXILIARY
MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory )
MAY ( userPassword $ loginShell $ gecos $ groupMemberShip $ apple-generateduid $ description ) )
And despite it's not mentioned in the KB article:
objectclass ( 1.3.6.1.1.1.2.2 NAME 'posixGroup'
DESC 'Abstraction of a group of accounts'
SUP top STRUCTURAL
MUST ( cn $ gidNumber )
MAY ( userPassword $ memberUid $ apple-generateduid $ description ) )
apple.map
<mapfile>
<map table="User">
<filter>objectclass=kerio-Mail-User</filter>
<active-attribute>kerio-Mail-Active</active-attribute>
<variable>
<name>Name</name>
<value><attribute>uid</attribute></value>
</variable>
<variable>
<name>Account_enabled</name>
<value><attribute>kerio-Mail-AccountEnabled</attribute></value>
</variable>
<variable>
<name>Auth_type</name>
<value>5</value>
</variable>
<variable>
<name>PIN</name>
<value><attribute>kerio-User-AuthPIN</attribute></value>
</variable>
<variable>
<name>Rights</name>
<value><attribute>kerio-Mail-AdminRights</attribute></value>
</variable>
<variable>
<name>Authorization</name>
<value><attribute>kerio-Mail-Authorization</attribute></value>
</variable>
<variable>
<name>Groups</name>
<value><attribute>groupMemberShip</attribute></value>
</variable>
<variable>
<name>MailAddress</name>
<value><attribute>kerio-Mail-Address</attribute></value>
</variable>
<variable>
<name>ForwardMode</name>
<value><attribute>kerio-Mail-ForwardMode</attribute></value>
</variable>
<variable>
<name>ForwardAddress</name>
<value><attribute>kerio-Mail-ForwardAddress</attribute></value>
</variable>
<variable>
<name>HomeServer</name>
<value><attribute>kerio-Mail-HomeServer</attribute></value>
</variable>
<variable>
<name>Qstorage</name>
<value><attribute>kerio-Mail-QuotaStorage</attribute></value>
</variable>
<variable>
<name>Qmessage</name>
<value><attribute>kerio-Mail-QuotaMessage</attribute></value>
</variable>
<variable>
<name>MaxOutgoingMessageSize</name>
<value><attribute>kerio-Mail-MaxOutgoingMessageSize</attribute></value>
</variable>
<variable>
<name>ReplyToAddress</name>
<value><attribute>kerio-Mail-WebReplyToAddress</attribute></value>
</variable>
<variable>
<name>PreferredAddress</name>
<value><attribute>kerio-Mail-Preferred-Address</attribute></value>
</variable>
<variable>
<name>Fullname</name>
<value><attribute>cn</attribute></value>
</variable>
<variable>
<name>Description</name>
<value><attribute>description</attribute></value>
</variable>
<variable>
<name>Guid</name>
<value><attribute>apple-generateduid</attribute></value>
</variable>
<variable>
<name>LdapDN</name>
<value><dn /></value>
</variable>
</map>
<map table="Group">
<filter>objectclass=kerio-Mail-Group</filter>
<active-attribute>kerio-Mail-Active</active-attribute>
<variable>
<name>Name</name>
<value><attribute>cn</attribute></value>
</variable>
<variable>
<name>MailAddress</name>
<value><attribute>kerio-Mail-Address</attribute></value>
</variable>
<variable>
<name>Rights</name>
<value><attribute>kerio-Mail-AdminRights</attribute></value>
</variable>
<variable>
<name>Authorization</name>
<value><attribute>kerio-Mail-Authorization</attribute></value>
</variable>
<variable>
<name>Description</name>
<value><attribute>displayName</attribute></value>
</variable>
<variable>
<name>Guid</name>
<value><attribute>apple-generateduid</attribute></value>
</variable>
</map>
</mapfile>
gal_apple.map
<mapfile>
<map table="User">
<filter>&(objectclass=kerio-Mail-User)(kerio-Mail-Active=*)(!(kerio-Mail-Authorization=kms.global.address.list.disabled))</filter>
<variable>
<name>Name</name>
<value><attribute>uid</attribute></value>
</variable>
<variable>
<name>Account_enabled</name>
<value><attribute>kerio-Mail-AccountEnabled</attribute></value>
</variable>
<variable>
<name>Fullname</name>
<value><attribute>cn</attribute></value>
</variable>
<variable>
<name>Title</name>
<value><attribute>title</attribute></value>
</variable>
<variable>
<name>TitleBefore</name>
<value><attribute>personalTitle</attribute></value>
</variable>
<variable>
<name>TitleAfter</name>
<value><attribute>generationQualifier</attribute></value>
</variable>
<variable>
<name>GivenName</name>
<value><attribute>givenName</attribute></value>
</variable>
<variable>
<name>MiddleName</name>
<value><attribute></attribute></value>
</variable>
<variable>
<name>Surname</name>
<value><attribute>sn</attribute></value>
</variable>
<variable>
<name>Company</name>
<value><attribute>o</attribute></value>
</variable>
<variable>
<name>Department</name>
<value><attribute>ou</attribute></value>
</variable>
<variable>
<name>HomeAddress</name>
<value><attribute>homePostalAddress</attribute></value>
</variable>
<variable>
<name>BA_pobox</name>
<value><attribute>postOfficeBox</attribute></value>
</variable>
<variable>
<name>BA_room</name>
<value><attribute>roomNumber</attribute></value>
</variable>
<variable>
<name>BA_street</name>
<value><attribute>street</attribute></value>
</variable>
<variable>
<name>BA_city</name>
<value><attribute>l</attribute></value>
</variable>
<variable>
<name>BA_zip</name>
<value><attribute>postalCode</attribute></value>
</variable>
<variable>
<name>BA_state</name>
<value><attribute>st</attribute></value>
</variable>
<variable>
<name>BA_country</name>
<value><attribute>c</attribute></value>
</variable>
<variable>
<name>PN_business</name>
<value><attribute>telephoneNumber</attribute></value>
</variable>
<variable>
<name>PN_home</name>
<value><attribute>homePhone</attribute></value>
</variable>
<variable>
<name>PN_mobile</name>
<value><attribute>mobile</attribute></value>
</variable>
<variable>
<name>PN_isdn</name>
<value><attribute>internationalISDNNumber</attribute></value>
</variable>
<variable>
<name>PN_fax</name>
<value><attribute>facsimileTelephoneNumber</attribute></value>
</variable>
<variable>
<name>PN_pager</name>
<value><attribute>pager</attribute></value>
</variable>
<variable>
<name>PN_telex</name>
<value><attribute>telexNumber</attribute></value>
</variable>
<variable>
<name>PN_ip</name>
<value><attribute>ipPhone</attribute></value>
</variable>
<variable>
<name>PN_other</name>
<value><attribute>otherTelephone</attribute></value>
</variable>
<variable>
<name>PN_otherfax</name>
<value><attribute>otherFacsimileTelephoneNumber</attribute></value>
</variable>
<variable>
<name>Email</name>
<value><attribute>kerio-Mail-Address</attribute><attribute>mail</attribute></value>
</variable>
<variable>
<name>Image</name>
<value><attribute>jpegPhoto</attribute></value>
</variable>
<variable>
<name>UrlWork</name>
<value><attribute>labeledURI</attribute></value>
</variable>
<variable>
<name>UrlOther</name>
<value><attribute>apple-webloguri</attribute></value>
</variable>
<variable>
<name>IM_msn</name>
<value><attribute>apple-imhandle ~ MSN:([^\s]+)</attribute></value>
</variable>
<variable>
<name>IM_icq</name>
<value><attribute>apple-imhandle ~ ICQ:([^\s]+)</attribute></value>
</variable>
<variable>
<name>IM_aim</name>
<value><attribute>apple-imhandle ~ AIM:([^\s]+)</attribute></value>
</variable>
<variable>
<name>IM_yahoo</name>
<value><attribute>apple-imhandle ~ Yahoo:([^\s]+)</attribute></value>
</variable>
<variable>
<name>IM_jabber</name>
<value><attribute>apple-imhandle ~ JABBER:([^\s]+)</attribute></value>
</variable>
<variable>
<name>Description</name>
<value><attribute>description</attribute></value>
</variable>
</map>
<map table="Group">
<filter>&(objectclass=kerio-Mail-Group)(kerio-Mail-Address=*)(!(kerio-Mail-Authorization=kms.global.address.list.disabled))</filter>
<active-attribute>kerio-Mail-Active</active-attribute>
<variable>
<name>GroupName</name>
<value><attribute>cn</attribute></value>
</variable>
<variable>
<name>Account_enabled</name>
<value><attribute>1</attribute></value>
</variable>
<variable>
<name>Email</name>
<value><attribute>kerio-Mail-Address</attribute></value>
</variable>
<variable>
<name>Description</name>
<value><attribute>description</attribute></value>
</variable>
</map>
</mapfile>
mailserver.cfg
Check the red values. My "admin" is in the base and my userser are in "ou=user" and my groups are in "ou=group".
<list name="Ldap">
<listitem>
<variable name="Domain">mhc.loc</variable>
<variable name="ServerName">127.0.0.1</variable>
<variable name="ServerPort">389</variable>
<variable name="BindDn">cn=admin,dc=mhc,dc=loc</variable>
<variable name="BindPassword">D3S:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</variable>
<variable name="MapFile">apple.map</variable>
<variable name="Filter"></variable>
<variable name="UserBaseDn">ou=user,dc=mhc,dc=loc</variable>
<variable name="GroupBaseDn">ou=group,dc=mhc,dc=loc</variable>
<variable name="Description"></variable>
<variable name="Enabled">1</variable>
<variable name="PrimaryRefreshInt">30</variable>
<variable name="LdapNetworkTimeout">10</variable>
<variable name="SecureConnection">0</variable>
<variable name="ConnectionLimit">32</variable>
</listitem>
</list>
LDIF's pre KC7 activation
dn: uid=matthias,ou=user,dc=mhc,dc=loc loginShell: /bin/bash gidNumber: 1000 objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount objectClass: sambaSamAccount objectClass: kerio-Mail-User uid: matthias shadowLastChange: 14655 shadowMax: 99999 gecos: matthias,,, uidNumber: 1000 shadowWarning: 7 homeDirectory: /home/matthias structuralObjectClass: account entryUUID: 6fe05d6e-bda7-102e-923b-d1f2b88b8c7f creatorsName: cn=admin,dc=mhc,dc=loc createTimestamp: 20100306200603Z sambaDomainName: MHC sambaAcctFlags: [XU ] displayName: matthias sambaSID: S-1-5-21-2018185209-228119179-1231484459-3000 cn: Matthias Henze userPassword:: e1NIQX14LzZlRmcyM0FVTDJPakprRDFmdmtNeHBQZlE9 groupMemberShip: info entryCSN: 20100309125853.151605Z#000000#000#000000 modifiersName: cn=admin,dc=mhc,dc=loc modifyTimestamp: 20100309125853Z dn: cn=info,ou=group,dc=mhc,dc=loc memberUid: matthias gidNumber: 2000 objectClass: top objectClass: posixGroup objectClass: kerio-Mail-Group cn: info structuralObjectClass: posixGroup entryUUID: 9bcb3f0c-bfb9-102e-9221-25237e9911c9 creatorsName: cn=admin,dc=mhc,dc=loc createTimestamp: 20100309112110Z kerio-Mail-Address: info entryCSN: 20100309125606.758586Z#000000#000#000000 modifiersName: cn=admin,dc=mhc,dc=loc modifyTimestamp: 20100309125606Z
