1 Topic by nhamilton

  • nhamilton
  • Member
  • Offline
  • Registered: 2018-09-15
  • Posts: 13

Topic: iRedMail - integrate into existing OpenLDAP environment

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.8
- Linux/BSD distribution name and version: Centos 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I have setup an OpenLDAP server environment, and I would like to add iredmail as the mail solution. I've found similar posts/questions regarding integration, but I have not found a clear cut answer. The solutions that I've found don't appear to work, but that is probably because there is a configuration that I have not completed.

Would someone be able to point me in the direction of a post that explains the steps required to add an iredmail server to an existing OpenLDAP environment? Ideally, the mail server would automatically see the existing accounts and provide the ability to create mailboxes for these accounts. I'm not exactly sure how to do this. Thanks in advance.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,792

Re: iRedMail - integrate into existing OpenLDAP environment

Instead of using existing OpenLDAP server, is it possible to migrate data from existing OpenLDAP to iRedMail OpenLDAP?

To answer your question:

*) iRedMail requires 7 LDAP schema files (5 are shipped by OpenLDAP, 1 shipped by Amavisd, one by iRedMail):

core.schema
corba.schema
cosine.schema
inetorgperson.schema
nis.schema
amavisd.schema (names are different on different linux/bsd distros)
iredmail.schema

Your existing OpenLDAP must include them all.

*) OpenLDAP configured by iRedMail has hard-coded structure, and Postfix/Dovecot/iRedAPD/... are configured to query with this structure. for example:

dc=xx,dc=xx
    |- o=domains
        |- domainName=example.com
            |- ou=Groups
            |- ... (omit other containers in same level)
            |- ou=Users
                |- mail=postmaster@example.com
                |- mail=xxx
                |- ...

If you cannot change structure in existing OpenLDAP, you have to update Postfix/Dovecot/iRedAPD/... config files to query against your ldap structure. Besides, iRedAdmin(-Pro) heavily relies on the structure, you cannot manage mail accounts with iRedAdmin(-Pro).

3 Reply by nhamilton

  • nhamilton
  • Member
  • Offline
  • Registered: 2018-09-15
  • Posts: 13

Re: iRedMail - integrate into existing OpenLDAP environment

Thank you. This answers my question.

ZhangHuangbin wrote:

Instead of using existing OpenLDAP server, is it possible to migrate data from existing OpenLDAP to iRedMail OpenLDAP?

To answer your question:

*) iRedMail requires 7 LDAP schema files (5 are shipped by OpenLDAP, 1 shipped by Amavisd, one by iRedMail):

core.schema
corba.schema
cosine.schema
inetorgperson.schema
nis.schema
amavisd.schema (names are different on different linux/bsd distros)
iredmail.schema

Your existing OpenLDAP must include them all.

*) OpenLDAP configured by iRedMail has hard-coded structure, and Postfix/Dovecot/iRedAPD/... are configured to query with this structure. for example:

dc=xx,dc=xx
    |- o=domains
        |- domainName=example.com
            |- ou=Groups
            |- ... (omit other containers in same level)
            |- ou=Users
                |- mail=postmaster@example.com
                |- mail=xxx
                |- ...

If you cannot change structure in existing OpenLDAP, you have to update Postfix/Dovecot/iRedAPD/... config files to query against your ldap structure. Besides, iRedAdmin(-Pro) heavily relies on the structure, you cannot manage mail accounts with iRedAdmin(-Pro).

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,792

Re: iRedMail - integrate into existing OpenLDAP environment

UPDATE: I created a new short tutorial based on my reply in this thread:
https://docs.iredmail.org/openldap.intro.html