Re: LDAP Mail Notice

sync <jiannma@xxxxxxxxx> · Tue, 12 Oct 2010 15:37:40 +0800

On Tue, Oct 12, 2010 at 2:38 PM, Sean Hart <boardnutz@xxxxxxxxxxxxxx> wrote:

          Maybe what i said is not clear, because my English is too pool
          . Please forgive me if  my _expression_ is not precise.

    Doesn't matter what mail server you use, email is email.

           The following  is my environment :

          Workspace Environment : CentOS 5.5  64bits  , Using Openldap
          Server  or 389 LDAP Server 

          Mail Server :  Windows  Mail Server 

          For example :

          If I create the new account called Tim on LDAP Server  , and
          his password is 123456 , and his mail address is tim@xxxxxxxx

          Then will send an E-mail to him to notice his information ,
          like his name and his passowrd.

          So Would someone can give some suggestions ? 

    Before we go any further on this, I'd like to give a very serious
    warning.  It is NEVER a good idea to email a password.  Email is, by
    definition, insecure.  

Thanks for your advice . This is a test for the our company  Intranet .

    I'm not familiar with 389 LDAP Server, and after a quick look, it
    would make sense for me to read up on it.  Anyhow, my advice is
    going to come from the OpenLDAP side of things.

    I would:

      Set up OpenLDAP (make sure to get a real certificate and
        require TLS/SSL)
      If using Samba, set up the smbldap tools
        (http://en.wikipedia.org/wiki/Smbldap-Tools), can be useful even
        if not using samba...
      Start script (I'd use perl, since it's what I'm most familiar
        with)

        Generate username (either collect from input or generate
          somehow
        Generate password (There's a sub for that on the page
          referenced earlier)
        Contemplate making sure that the username is unique, and
          group membership, etc.

        call smbldap-useradd to add the user (add stuff like -m for
          the mail address, check the smbldap-useradd documentation for
          handy switches
        Compose body of email to user (this is probably mostly
          static, but you will most likely want to substitute some
          variables like username, etc
        send the email (sub on the page earlier)
        I repeat, please don't email passwords...  have them call
          you for them or something...  email is the least secure thing
          on the damn planet

      Sit back and have a beer, cuz yer done

    I'm happy to help if you need more. 

I found the solution for sending mail to the new account . 

It may use the perl script which calls the Net::SMTP module or Mail::Sender module  or Mail::Sendmail  module to finish that .

And I had a test  just now and this is ok .

Thanks all ..

    Cheers,

    Sean

_______________________________________________

CentOS mailing list

CentOS@xxxxxxxxxx

http://lists.centos.org/mailman/listinfo/centos

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos