63 lines
1.8 KiB
Markdown
63 lines
1.8 KiB
Markdown
# Introduce the OpenLDAP server configured by iRedMail
|
|
|
|
[TOC]
|
|
|
|
This is a brief introduction of the OpenLDAP server configured by
|
|
iRedMail. It may help a little if you want to migrate from/to other LDAP server.
|
|
|
|
## LDAP schema files
|
|
|
|
iRedMail requires 7 LDAP schema files listed below (1-5 are shipped by
|
|
OpenLDAP, no. 6 is shipped by Amavisd, no. 7 is shipped by iRedMail):
|
|
|
|
1. core.schema
|
|
1. corba.schema
|
|
1. cosine.schema
|
|
1. inetorgperson.schema
|
|
1. nis.schema
|
|
1. amavisd.schema (names are different on different linux/bsd distros)
|
|
1. iredmail.schema
|
|
|
|
If you're migrating to other LDAP server, it must include them all, otherwise
|
|
you may not be able to add or update mail accounts.
|
|
|
|
## Data structure
|
|
|
|
OpenLDAP configured by iRedMail has hard-coded / predictable structure, and
|
|
Postfix / Dovecot / iRedAPD /... are configured to query LDAP based on this
|
|
structure.
|
|
|
|
```
|
|
dc=xx,dc=xx
|
|
|- o=domains
|
|
|- domainName=example.com
|
|
|- ou=Aliases
|
|
| mail=alias@example.com
|
|
| ...
|
|
|- ou=Groups
|
|
| mail=list@example.com
|
|
| ...
|
|
...
|
|
|- ou=Users
|
|
|- mail=postmaster@example.com
|
|
|- mail=xxx
|
|
|- ...
|
|
```
|
|
|
|
With this predictable structure:
|
|
|
|
* it's easy to narrow down the query scope, the narrower the scope is, the
|
|
better performance you gain.
|
|
|
|
* no need to performing a query first to get the full dn of ldap object you're
|
|
going to modify.
|
|
|
|
If you don't use this structure:
|
|
|
|
* you have to update Postfix/Dovecot/iRedAPD/... config files to use different
|
|
query scopes and filters.
|
|
|
|
* The web-based admin panel - iRedAdmin(-Pro) - heavily relies on the
|
|
predictable structure, if you use different structure, you cannot manage mail
|
|
accounts with iRedAdmin(-Pro).
|