HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Tips/Tricks/Mods (http://www.howtoforge.com/forums/forumdisplay.php?f=19)
-   -   ispconfig email login with user@domain How to (http://www.howtoforge.com/forums/showthread.php?t=7881)

desmondk 2nd November 2006 21:53

ispconfig email login with user@domain How to
 
For those that want to log into your email with user@domain here it is.
In ispconfig control panel , log in as admin and go to Management -> system config -> settings -> ISP manager ; and change "User Prefix" to [DOMAIN]_

We wil be using couriers userdb for authentication purposes.
Users wil now be added to the system as domain_user using the ispconfig frontend.

Edit authdaemonrc located at /etc/courier/ (on my ubuntu system) and change the line reading authmodulelist so it look like this

Code:

authmodulelist="authuserdb authpam"
Save and restart courier authdaemon.

Here is the code for the script that wil convert the text to user@domain that you would be able to login in with
Code:

#!/bin/bash

delim="_"

OIFS=$IFS
IFS="
"
rm -rf /etc/courier/userdb
touch /etc/courier/userdb
chmod 600 /etc/courier/userdb
for line in `pw2userdb2 | grep -ir user`
do
        domain=$( echo $line | cut -d"$delim" -f1 )
        useruid=$( echo $line | cut -d"$delim" -f2 )
        username=$( echo $useruid | cut -d'    ' -f1 )
        uid=$( echo $useruid | cut -d'  ' -f2 )
        gid=$( echo $line | cut -d"$delim" -f3 )
        home=$( echo $line | cut -d"$delim" -f4 )
        shell=$( echo $line | cut -d"$delim" -f6 )
        password=$( echo $line | cut -d"$delim" -f7)
        echo "$username@$domain $uid|$gid|${home}_$username|$shell|$password|/var/www/www.$domain/user/${domain}_$username/Maildir" >> /etc/courier/userdb
        /usr/lib/courier/makeuserdb
done

IFS=$OIFS

Also replace pw2userdb that is located in /usr/sbin on my system , it may be at a dif location to mine, in that case just use the following command to see where the file is located "which pw2userdb" and replace the code inside with this:
Code:

#! /usr/bin/perl
#
#  Convert /etc/passwd and /etc/shadow to userdb format.
#
#  $Id: pw2userdb.in,v 1.5 2000/07/19 11:55:15 mrsam Exp $
#
# Copyright 1998 - 1999 Double Precision, Inc.  See COPYING for
# distribution information.

use Getopt::Long;

#
#  Some undocumented options here (for vchkpw2userdb)
#

die "Invalid options.\n" unless
        GetOptions("passwd=s" => \$passwd, "shadow=s" => \$shadow,
                "noshadow" => \$noshadow, "nouid" => \$nouid,
                "domain=s" => \$domain, "vpopuid" => \$vpopuid );

($dummy, $dummy, $fixed_uid, $fixed_gid)=getpwnam("vpopmail")
        if $vpopuid;

$passwd="/etc/passwd" unless $passwd =~ /./;
$shadow="/etc/shadow" unless $shadow =~ /./;

$domain="" unless $domain =~ /./;
$domain="\@$domain" if $domain =~ /./;

open(PASSWD, $passwd) || die "$!\n";

while (<PASSWD>)
{
        chop if /\n$/;
        next if /^#/;
        ($acct,$passwd,$uid,$gid,$name,$home,$shell)=split( /:/ );

        ($uid,$gid)=($fixed_uid,$fixed_gid) if $vpopuid;

        $PASSWORD{$acct}=$passwd if $passwd ne "x";
        $UID{$acct}=$uid;
        $GID{$acct}=$gid;
        $HOME{$acct}=$home;
        $SHELL{$acct}=$shell;

        $name =~ s/\|/./g;      # Just in case
        $GECOS{$acct}=$name;
}
close (PASSWD);

if ( -f $shadow && ! $noshadow)
{
        open (SHADOW, $shadow) || die "$!\n";
        while (<SHADOW>)
        {
                next if /^#/;
                ($acct,$passwd,$dummy)=split(/:/);
                $PASSWORD{$acct}=$passwd;
        }
        close (SHADOW);
}

while ( defined ($key=each %UID))
{
        print "$key$domain\tuid=$UID{$key}|gid=$GID{$key}|home=$HOME{$key}" .
                ( $SHELL{$key} =~ /./ ? "|shell=$SHELL{$key}":"") .
                ( $PASSWORD{$key} =~ /./ ? "|systempw=$PASSWORD{$key}":"") .
                ( $GECOS{$key} =~ /./ ? "|gecos=$GECOS{$key}":"") .
                "\n";
        print "$UID{$key}=\t$key\n" unless $nouid;
}



Put he first script in a crontab to remake the userdb file. like this: run the command "crontab -e"
Add into the file:
Code:

*/5 * * * * /location_of_the_script/script_name
And Save.



I am busy changing the script so that it would check to see if there has been any changes made before rebuilding the userdb file and if there wasn't any changes it won't do anything.
Hope this helps some people in the mean time. Still busy improving it.

rojozak 7th November 2006 22:59

Thanks for the suggestion desmondk.

I'm curious if any has given this a try yet? Are there any possible security issues that anyone may see? Does this affect ISPConfig's operation in anyway?

desmond you say you are still working to improve it...is fully functional at this point?

desmondk 8th November 2006 06:54

I can't see any security risks at current and it shouldn't affect the way ispconfig operates in any way. I am currently running this on a live production server with no problems.

Rustin 17th November 2006 02:41

This only applies to pop/imap mail retrieval and not mailuser or client login, right? To log into ispconfig one would have to use <domain>_<username> I assume?
Also, after a new mail account is made it will take at most 5 minutes before you can access it with the xx@xx style username right?
It would be nice to have the script execution tied into mail user creation.
Thanks for the good tip, I'm definately going to give it a try.

falko 17th November 2006 16:42

Quote:

Originally Posted by Rustin
To log into ispconfig one would have to use <domain>_<username> I assume?

No, only customers, resellers and admin can log into ISPConfig, not system users.

oakleeman 21st November 2006 08:34

Anybody know how to do this on Centos 4.4? I've already configured the systems to use DOMAIN_username but can't find any of the files mentioned in the post.

falko 22nd November 2006 16:44

CentOS uses dovecot instead of Courier, therefore the instructions won't work for you.

jwan 29th November 2006 05:21

Quote:

Originally Posted by falko
No, only customers, resellers and admin can log into ISPConfig, not system users.

I tried the procedure...save the script under /etc/mailscript it didn't work

I'm not so good with linux, anyway, found 2 things:
a. the script have to have EXECUTE permission
b. the script should call pw2userdb instead of pw2userdb2

Unfortunately, even after the change, running the script manually gives me:

cut: the delimiter must be a single character
Try `cut --help' for more information.

need help...

OS: ubuntu 6.06
ISPConfig: 2.2.8

Jojo W.

rojozak 29th November 2006 20:06

Hi...Yes, I've been using the script for about a week now and it is working nicely. A few things to note however:

1. Jwan is correct, there is a typo in the original post and it is supposed to be pw2userdb rather than pw2userdb2.

2. The script that builds userdb didn't work for me. I had to modify it some. There were some errors (possibly from the HTML copy) and I had to modify the cut command lines as it was not building my userdb file to proper format. (The uid was not truncating properly, if i recall correctly). I've posted the script that I rewrote below. This has been working great for me on my system.

3. Of course, any users you currently have prior to the switch with the [domain]_ tag will need to be removed and readded (or modified, i suppose if you want to mess with that) in order for them to be able to work with this system. Luckily I had a clean install with only test users before I loaded this and added users for production.

Thanks again for your work desmonddk.

Here's my script:

Code:

#!/bin/bash

delim="_"

OIFS=$IFS
IFS="
"
rm -rf /etc/courier/userdb
touch /etc/courier/userdb
chmod 600 /etc/courier/userdb

for line in `pw2userdb | grep -ir user`
do
        full=$( echo $line )
        domain=$( echo $line | cut -d"$delim" -f1 )
        remain=$( echo $line | cut -d"$delim" -f2,3,4 )
        username=$( echo $remain | cut -d'      ' -f1 )
        remain2=$( echo $remain | cut -d'      ' -f2 )
        uid=$( echo $remain2 | cut -d'|' -f1 )
        gid=$( echo $remain2 | cut -d'|' -f2 )
        home=$( echo $remain2 | cut -d'|' -f3 )
        shell=$( echo $remain2 | cut -d'|' -f4 )
        password=$( echo $remain2 | cut -d'|' -f5)
        echo "$username@$domain $uid|$gid|$home|$shell|$password|/var/www/www.$domain/user/${domain}_$username/Maildir" >> /$
        /usr/lib/courier/makeuserdb
done

IFS=$OIFS


FarrisGoldstein 29th November 2006 23:36

Using the steps above, I get the following error when I run the script:

Code:

cut: the delimiter must be a single character
Try `cut --help' for more information.
cut: the delimiter must be a single character
Try `cut --help' for more information.

the -d flag for cut is expecting a single character, but the code as displayed in rojozak's post shows multiple spaces for the delimiter. Is this just a formatting error for the forum, and if so what is the actual code I should use for the delimiter on those two lines?


All times are GMT +2. The time now is 13:34.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.