Announcement

Collapse
No announcement yet.

OX integration question

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • OX integration question

    Hello

    I'm trying out Open-Xchange for a little hobby project.
    I have version 6.20 CE running on Fedora 14 system.

    The assumption seems to be that OX should be deployed on existing mail server and user database environment.
    While what I am after is a "stand-alone" setup, similar to Zimbra or Citadel.

    If we use Postfix and Dovecot as SMTP and IMAP, could I use the OX SQL database as authentication and user and mailbox look-up? Or do I still need some parallel system for that?

    Any help is appreciated.

  • #2
    Hi,

    yep you can use pam-mysql to auth postfix/dovecot against a SQL database (e.g. OX) but iirc you need crypt() passwords for OX users rather than SHA1 (default). The other way around, you can configure OX to authenticate against your IMAP Server via the open-xchange-authentication-imap package.

    Greetings

    Comment


    • #3
      Thanks for your reply

      Instead of pam-mysql, what I had in mind was virtual users, aliases and domains stored in MySQL where Postfix/Dovecot performs SQL queries directly. Like the setup you would get with the "Postfix Admin" program.
      My question is then can OX be the primary (only) database for this kind of setup?

      Comment


      • #4
        That depends a bit on Postfix' and Dovecot's mysql interface.
        Basically that should work but it has at least one issue to resolve which could be a bit tricky.
        Users and especially passwords live in a database which is not "fixed". So by creating/removing users and/or contexts, different users can be saved in different databases (default: oxdatabase_N where N is increased over time) which makes it hard to point the external services to the correct database.
        Offhand I'm not sure how that can be done reliably.

        Wolfgang

        Comment


        • #5
          Hello Wolfgang
          Thanks very much for helping.
          That is a good point.
          I think I will look further into the imap authentication approach then.

          Regarding the oxdatabase_N I was wondering about that too, since for OX setup you run registerdatabase with a specific db name (or so I thought), which I granted the MySQL user full access to. When createcontext then failed I granted MySQL user access to the oxdatabase_N db it wanted.
          So I guess in this case another createcontext would fail again with a new db name.

          Comment


          • #6
            Regarding the database names: OX is made for hosting environments where many many contexts exists. To maintain good DB performance and scalability, only a limited amount of contexts are stored at a single database schema. This can be configured at AdminDaemon.properties, default is 1000 iirc. So the "number" at the database name will increase once the 1001th context has been created. The name however will be the same. For authentication purposes and mysql access restrictions, you *could* use wildcards like granting access to "oxdatabase_%" (see the mysql doc for more info on wildcards). This might pose a security risk which is common when using wildcards and permissions.

            I've a setup running OX, dovecot, postfix and postfixadmin myself. It works really nice. Instead of using the OX database for authentication, i use the IMAP authentication capability of OX and auth against the IMAP server which uses the postfixadmin DB as an authentication backend. Since postfixadmin already supports virtual users and multiple domains, this is much less effort than digging around in legacy pam-mysql code. Dovecot comes with mysql authentication capabilities right away.

            Greetings

            Comment


            • #7
              Thanks a lot for clarifying that Martin.

              Lots of great possibilities with this nice software

              Comment

              Working...
              X