Stuff I'm Up To

Technical Ramblings

Using LDAP with Active Directory — September 22, 2016

Using LDAP with Active Directory

Getting your Linux box to talk with Active Directory is pretty straight forward. But doing it securely will need you to have installed your CA certificate into your trusted certificates.

Mostly I’ll only setup anything to do with LDAP/Active Directory is a specific application requires it, otherwise I’ll leave out the Windows authentication bit. I generally don’t use LDAP/AD for the SSH PAM type logons and will configure LDAP when a web server or the like uses it, eg. php5-ldap is required.

Continue reading

Adldap2\Adldap2-Laravel — September 14, 2016
Dovecot, Postfix, Virtual Mailboxes and Active Directory — September 3, 2015

Dovecot, Postfix, Virtual Mailboxes and Active Directory

Well turns out that setting this up isn’t really as straight forward as simply treating Active Directory like LDAP. The main reason seems to be the way you need to authenticate and the limitations of doing any kind of user lookup whilst using auth_bind = yes, just doesn’t seem possible.

In order to resolve this is you have to live with having Dovecot use a static userdb table that returns the gid, uid and home – but then when you try to sort Postfix so that it delivers using Dovecot it fails because it cant use a static userdb to work out if the user account/mailbox exists or not.

So a little acceptance of that fact initially seem upsetting, but then when you get down to it anything that uses the smtpd for delivery is going to be checked for a valid mailbox anyhow.

Continue reading

VSFTPD, LDAP (Active Directory) and Virtual Users — August 4, 2015