Hi,
I am running a cyrus imap server 2.2.x without virtual domain support.
Usernames are "simple" (fred, bob, ...) and authenticated using SASL
-> saslauthd -> PAM -> /etc/passwd. Mailboxes are in unix hierarchy
style ("user/fred", "user/bob/spam").
Because number of users raises, collisions become more and more
probably. For example, the mail server (postfix) receives mail for
fred@xxxxxxxxxxx and fred@xxxxxxxxxxx (where the two fred's are not
the same person!). Currently there exist user "fred" (for domain1.com)
and user "fred2" (for domain2.net) in /etc/passwd - but this becomes
more and more ugly.
So I wanted to migrate to virtual domain support, so that there are now
two separate users fred@xxxxxxxxxxx and fred@xxxxxxxxxxxx
I know hot to create those virtual mailboxes and how to configure the
cyrus imap server. But how to realize authentication? In the current
configuration using /etc/passwd such usernames ("fred@xxxxxxxxxxx")
are not possible. My preferred solution would be an LDAP server
with a user hierarchy like "cn=fred,ou=domain1.com" and
"cn=fred,ou=domain2.net" etc.
But how do I configure cyrus imapd and/or SASL correctly to achieve
this? The "virtual domain part" of a userid (fred@xxxxxxxxxxx) must
somehow be used as a search filter for the LDAP query that represents
the correct user...
Or maybe this approach is totally gaga, and there are solutions
much better than that?
TIA
Regards
-stefan-
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
