Migration from Courier, virtual users

Discussion in 'Installation/Configuration' started by DHDSP, Mar 30, 2009.

  1. DHDSP

    DHDSP New Member

    Hi everyone !

    after ISPC3 has become stable I will be migrating a couple of old servers to a vmware machine running Lenny and hopefully ISPC3. My "old" server has courier-imap and courier-smtp running.

    The old server uses courier "userdb" as the auth file for strictly virtual email users. Can I use this file directly (like in authmodulelist), or can I use the info in the userdb file to generate ISPC3 users another way ? How do I get to see the userdb users in ISPC3 ?

    The password is hashed by the userdbpw command (from AWK script):
    system("echo "$6" | userdbpw | userdb "$5"/"$4"@"$5" set systempw")
    system("echo "$6" | userdbpw -hmac-md5| userdb "$5"/"$4"@"$5" set hmac-md5pw")

    The userdb textfile looks somthing like this:
    [email protected] home=/home/virtmail/testdom.de/testfirstname.testlastname|systempw=aUPc11AXjmoKU|hmac-md5pw=fee57ed3951660332759a9f50712c65bc6a444bcc3aabe559e5830b842a11d41|gid=1001|uid=1001

    Any Ideas would be greatly appreciated, informing 1000 users by plain mail is not really an option.


    PS: A pointer to how ISPC3 implements virtual users would also be great.
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    ISPConfig implements virtual users in a mysql database with crypt password hashes. Your password hashes are not compatible and I guess it is not possible to migrate your system without generating new passwords.
  3. DHDSP

    DHDSP New Member

    Thanks for the answer.

    Now userdbpw is also used in my setup to set the "system pw" for courier, as in my previous post:

    "echo "$6" | userdbpw | userdb "$5"/"$4"@"$5" set systempw"

    A quick look in the sourcecode (I'm not a real programmer) tells me the crypt funtion is used to generate the "system pw" if no md5 or hmac is used.

    like here:

    tail userdbpw.c (from the courier authlib source)


    #if HAVE_CRYPT
    printf("%s\n", crypt(buf, salt));
    return (0);

    now I'm not really sure if the "HAVE_CRYPT" means that userdbpw is called without the option md5 or hmac - but i suppose so.

    Wouldn't these encrypted passwords then be usable? Or am I missing something ?


Share This Page