Homepage | Products | OX Knowledge Base | Support | Try Now | Contact | Company
OX Logo
Results 1 to 7 of 7
  1. #1
    Join Date
    Aug 2011
    Location
    Denmark
    Posts
    4

    Question OX integration question

    Hello

    I'm trying out Open-Xchange for a little hobby project.
    I have version 6.20 CE running on Fedora 14 system.

    The assumption seems to be that OX should be deployed on existing mail server and user database environment.
    While what I am after is a "stand-alone" setup, similar to Zimbra or Citadel.

    If we use Postfix and Dovecot as SMTP and IMAP, could I use the OX SQL database as authentication and user and mailbox look-up? Or do I still need some parallel system for that?

    Any help is appreciated.

  2. #2
    Join Date
    Feb 2007
    Location
    Germany
    Posts
    3,695

    Default

    Hi,

    yep you can use pam-mysql to auth postfix/dovecot against a SQL database (e.g. OX) but iirc you need crypt() passwords for OX users rather than SHA1 (default). The other way around, you can configure OX to authenticate against your IMAP Server via the open-xchange-authentication-imap package.

    Greetings

  3. #3
    Join Date
    Aug 2011
    Location
    Denmark
    Posts
    4

    Default

    Thanks for your reply

    Instead of pam-mysql, what I had in mind was virtual users, aliases and domains stored in MySQL where Postfix/Dovecot performs SQL queries directly. Like the setup you would get with the "Postfix Admin" program.
    My question is then can OX be the primary (only) database for this kind of setup?

  4. #4
    Join Date
    Sep 2007
    Location
    Germany
    Posts
    494

    Default

    That depends a bit on Postfix' and Dovecot's mysql interface.
    Basically that should work but it has at least one issue to resolve which could be a bit tricky.
    Users and especially passwords live in a database which is not "fixed". So by creating/removing users and/or contexts, different users can be saved in different databases (default: oxdatabase_N where N is increased over time) which makes it hard to point the external services to the correct database.
    Offhand I'm not sure how that can be done reliably.

    Wolfgang

  5. #5
    Join Date
    Aug 2011
    Location
    Denmark
    Posts
    4

    Default

    Hello Wolfgang
    Thanks very much for helping.
    That is a good point.
    I think I will look further into the imap authentication approach then.

    Regarding the oxdatabase_N I was wondering about that too, since for OX setup you run registerdatabase with a specific db name (or so I thought), which I granted the MySQL user full access to. When createcontext then failed I granted MySQL user access to the oxdatabase_N db it wanted.
    So I guess in this case another createcontext would fail again with a new db name.

  6. #6
    Join Date
    Feb 2007
    Location
    Germany
    Posts
    3,695

    Default

    Regarding the database names: OX is made for hosting environments where many many contexts exists. To maintain good DB performance and scalability, only a limited amount of contexts are stored at a single database schema. This can be configured at AdminDaemon.properties, default is 1000 iirc. So the "number" at the database name will increase once the 1001th context has been created. The name however will be the same. For authentication purposes and mysql access restrictions, you *could* use wildcards like granting access to "oxdatabase_%" (see the mysql doc for more info on wildcards). This might pose a security risk which is common when using wildcards and permissions.

    I've a setup running OX, dovecot, postfix and postfixadmin myself. It works really nice. Instead of using the OX database for authentication, i use the IMAP authentication capability of OX and auth against the IMAP server which uses the postfixadmin DB as an authentication backend. Since postfixadmin already supports virtual users and multiple domains, this is much less effort than digging around in legacy pam-mysql code. Dovecot comes with mysql authentication capabilities right away.

    Greetings

  7. #7
    Join Date
    Aug 2011
    Location
    Denmark
    Posts
    4

    Default

    Thanks a lot for clarifying that Martin.

    Lots of great possibilities with this nice software

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •