Re: doing everything from LDAP

["Alexey Gadzhiev" <alg@mumu.null.ru>]

> On Fri, Nov 19, 1999 at 10:22:08AM +0000, Karl Pitrich wrote:
> > Hi!
> > 
> > I have set up a Freemail/Freeweb Provider System a while ago.
> > 
> > The modules i wrote for the webserver (Roxen) user popen() to ass
> > users to the shadow-passwd system, which is dull.
> > 
> > how can i replace all passwd lookups and the (fqdn)aliases with LDAP?
> > 
> > has somebody done this before? 
> > a config example would be nice, because the doc is weak.
> 
>    I have been doing something like it for quite a while.
> 
>    We (Sonera) have our own in-house libraries for replacing system
>    getpwnam() instance in  libc  with one using our backend databases.
>    In our message stores all users have *same* UID value, so mapping
>    from UID to user is without real meaning.  (No shell accounts ->
>    things are a lot simpler...)
> 
>    Having said that, you perhaps want to cook up such a wrapper function
>    which uses LDAP and can ask for mapping from username to related data.
>    In addition to that, you will propably want to have  fqdnaliases from
>    ldap (or aliases), but that depends more on how many domains you have
>    in use -- e.g. one (or a few equal) domain, or kwazillion domains.
> 
>    I am not (unfortunately) sufficient wizard at general LDAP to answer
>    anything more precise without knowing your setup details.

 We have done this without replacing getpwnam() functions. The idea is to
 use aliases from LDAP or so and home grown local mailer. You map username 
 to some special domain (e. g. user@doman -> user@domain.special-domain)
 and route new address through "routes" or "scheduler.conf" to your 
 local transport agent  which is responsible for storing messages...

 As a result you still able to use plain UNIX users too. And you don't 
 need uid, etc... 

 Alex

> 
> > thank you, Karl
> > -- 
> > Best regards, Karl Pitrich.
> -- 
> /Matti Aarnio	<mea@nic.funet.fi>
>