2018-10-02 05:02:22 -05:00
<!DOCTYPE html>
< html >
< head >
< meta http-equiv = "Content-Type" content = "text/html; charset=utf-8" / >
2018-10-02 05:10:03 -05:00
< title > Introduce the OpenLDAP server configured by iRedMail< / title >
2018-10-02 05:02:22 -05:00
< link rel = "stylesheet" type = "text/css" href = "./css/markdown.css" / >
< / head >
< body >
2019-07-13 06:21:55 -05:00
2018-10-02 05:02:22 -05:00
< div id = "navigation" >
< a href = "https://www.iredmail.org" target = "_blank" >
< img alt = "iRedMail web site"
src="./images/logo-iredmail.png"
style="vertical-align: middle; height: 30px;"
/>
< span > iRedMail< / span >
< / a >
2018-10-02 05:10:03 -05:00
// < a href = "./index.html" > Document Index< / a > < / div > < h1 id = "introduce-the-openldap-server-configured-by-iredmail" > Introduce the OpenLDAP server configured by iRedMail< / h1 >
2018-10-02 05:03:27 -05:00
< div class = "toc" >
< ul >
2018-10-02 05:10:03 -05:00
< li > < a href = "#introduce-the-openldap-server-configured-by-iredmail" > Introduce the OpenLDAP server configured by iRedMail< / a > < ul >
2018-10-02 05:03:27 -05:00
< li > < a href = "#ldap-schema-files" > LDAP schema files< / a > < / li >
< li > < a href = "#data-structure" > Data structure< / a > < / li >
< / ul >
< / li >
< / ul >
< / div >
2018-10-02 05:10:03 -05:00
< p > This is a brief introduction of the OpenLDAP server configured by
2018-10-02 05:02:22 -05:00
iRedMail. It may help a little if you want to migrate from/to other LDAP server.< / p >
< h2 id = "ldap-schema-files" > LDAP schema files< / h2 >
2018-10-02 05:07:37 -05:00
< p > iRedMail requires 7 LDAP schema files listed below (1-5 are shipped by
OpenLDAP, no. 6 is shipped by Amavisd, no. 7 is shipped by iRedMail):< / p >
< ol >
2018-10-02 05:02:22 -05:00
< li > core.schema< / li >
< li > corba.schema< / li >
< li > cosine.schema< / li >
< li > inetorgperson.schema< / li >
< li > nis.schema< / li >
< li > amavisd.schema (names are different on different linux/bsd distros)< / li >
< li > iredmail.schema< / li >
2018-10-02 05:07:37 -05:00
< / ol >
2018-10-02 05:02:22 -05:00
< p > If you're migrating to other LDAP server, it must include them all, otherwise
you may not be able to add or update mail accounts.< / p >
< h2 id = "data-structure" > Data structure< / h2 >
< p > OpenLDAP configured by iRedMail has hard-coded / predictable structure, and
Postfix / Dovecot / iRedAPD /... are configured to query LDAP based on this
structure.< / p >
< pre > < code > dc=xx,dc=xx
|- o=domains
|- domainName=example.com
|- ou=Aliases
2018-10-02 05:07:37 -05:00
| mail=alias@example.com
| ...
2018-10-02 05:02:22 -05:00
|- ou=Groups
2018-10-02 05:07:37 -05:00
| mail=list@example.com
| ...
...
2018-10-02 05:02:22 -05:00
|- ou=Users
|- mail=postmaster@example.com
|- mail=xxx
|- ...
< / code > < / pre >
< p > With this predictable structure:< / p >
< ul >
< li >
< p > it's easy to narrow down the query scope, the narrower the scope is, the
better performance you gain.< / p >
< / li >
< li >
< p > no need to performing a query first to get the full dn of ldap object you're
going to modify.< / p >
< / li >
< / ul >
< p > If you don't use this structure:< / p >
< ul >
< li >
< p > you have to update Postfix/Dovecot/iRedAPD/... config files to use different
query scopes and filters.< / p >
< / li >
< li >
< p > The web-based admin panel - iRedAdmin(-Pro) - heavily relies on the
predictable structure, if you use different structure, you cannot manage mail
accounts with iRedAdmin(-Pro).< / p >
< / li >
< / ul > < div class = "footer" >
2019-09-06 00:54:43 -05:00
< p style = "text-align: center; color: grey;" > All documents are available in < a href = "https://github.com/iredmail/docs/" > BitBucket repository< / a > , and published under < a href = "http://creativecommons.org/licenses/by-nd/3.0/us/" target = "_blank" > Creative Commons< / a > license. You can < a href = "https://github.com/iredmail/docs/archive/master.zip" > download the latest version< / a > for offline reading. If you found something wrong, please do < a href = "https://www.iredmail.org/contact.html" > contact us< / a > to fix it.< / p >
2018-10-02 05:02:22 -05:00
< / div >
<!-- Global site tag (gtag.js) - Google Analytics -->
< script async src = "https://www.googletagmanager.com/gtag/js?id=UA-3293801-21" > < / script >
< script >
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'UA-3293801-21');
< / script >
< / body > < / html >