Using Apache James Mail server with LDAP

Question

In my LDAP server(ApacheDS)

I have users under ou=users,ou=system.

I wrote the configuration below into James and both server can startup (DS and James).

<repository name="LocalUsers" 
class="org.apache.james.user.ldap.ReadOnlyUsersLDAPRepository" 
ldapHost="ldap://localhost:10389" 
        principal="uid=admin,ou=system" credentials="secret" userBase="ou=users,ou=system" 
userIdAttribute="uid"/>

I understand my configuration is OK because i get warning "users repository is readonly" when i try to add user by james-cli.sh

I added some user directly into LDAP Server, they had DN's,CN's and uid's

I want to ask, how can i login through James(Mail Server) into my users account in LDAP server? What should i write for blah@blah . i think i can use uid for first blah but i can not define domain through James, because its LDAP gate is read only.

score 1 · Accepted Answer · answered Jul 19 '12 at 14:24

STEPS TO AUTHENTICATE JAMES WİTH LDAP(ApacheDS for this case)

Delete record about JPA in James's conf/usersrepository.xml

and add below lines, the last ivew must be like this:

<xml>
 <repository name="LocalUsers" 
class="org.apache.james.user.ldap.ReadOnlyUsersLDAPRepository" 
ldapHost="ldap://localhost:10389" 
        principal="uid=admin,ou=system" credentials="secret" userObjectClass="inetOrgPerson"  userBase="ou=users,ou=system" 
userIdAttribute="uid">
    <UsersDomain>example.com</UsersDomain>  
       <LDAPRoot>dc=example,dc=com</LDAPRoot> 
       <MailAddressAttribute>mail</MailAddressAttribute> 
       <IdentityAttribute>uid</IdentityAttribute> 
       <AuthenticationType>simple</AuthenticationType>
       <ManagePasswordAttribute>TRUE</ManagePasswordAttribute> 
       <PasswordAttribute>userPassword</PasswordAttribute> 
</repository>
</xml>

To explain a little;

In ApacheDS's default construction, there is a root having "dc=example,dc=com"

Because of this, the lines should be added:

<UsersDomain>example.com</UsersDomain>  
<LDAPRoot>dc=example,dc=com</LDAPRoot>

And a domain called "example.com" should be added to James, it saves the info about domains still in JPA.

${james_root}/container-spring/target/appassembler/bin/james-cli.sh -h localhost adddomain example.com

ApacheDS's admin is admin under "ou=system" entry, and its default password is "secret" thus, we need below attributes:

principal="uid=admin,ou=system" credentials="secret"

In ApacheDS when you want to add an entry it requires object classes, it should be selected, "inetOrgPerson" and it put a few more automatically thus the atribute should be aaded in configuration:

userObjectClass="inetOrgPerson"

Users are under entry "ou=users,ou=system" , thus the attribute should be added:

userBase="ou=users,ou=system"

For ApacheDS, userIdAttribute is "uid", thus it is specified:

userIdAttribute="uid"

In ApacheDS new users should be added under "ou=users,ou=system", with a "uid" and a "userPassword" attributes. Also while adding new user, the DN should contain "uid".

While querying James using e.g. POP3,

USER yourUsersUID@example.com
PASS yourUsersPassword

should be used.

Using Apache James Mail server with LDAP

1 Answers1