MyTrueHost launched Web Hosting for Indian clients just in Rs 60/Month with various payment options(netbanking, debit card, credit card,cash card or paypal).
Please Visit at https://www.mytruehost.in

Step-by-step OpenLDAP Installation and Configuration on server side

This tutorial describes how to install and configure an OpenLDAP server and also an OpenLDAP client.
Step by Step Installation and Configuration OpenLDAP Server
openldap 2.2.13-6.4E
System name:   ldap.xyz.com
Domain name:   xyz.com
System IP:     192.168.0.22
Note: Use your domain name and IP instead of xyz.
Easy steps for adding users:
    1. Create unix user
    2. Create unix user’s ldap passwd file
    3. Convert passwd.file to ldif file
    4. Add ldap file to LDAP Directory using ldapadd
Step #1. Requirements
    compat-openldap.i386 0:2.1.30-6.4E
    openldap-clients.i386 0:2.2.13-6.4E
    openldap-devel.i386 0:2.2.13-6.4E
    openldap-servers.i386 0:2.2.13-6.4E
    openldap-servers-sql.i386 0:2.2.13-6.4E
You can install them using the command:
yum install *openldap* -y
Step #2. Start the service
[root@ldap ~]# chkconfig –levels 235 ldap on
[root@ldap ~]# service ldap start
Step #3. Create LDAP root user password
[root@ldap ~]# slappasswd
    New password:
    Re-enter new password:
    {SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW
[root@ldap ~]#
Step #4. Update /etc/openldap/slapd.conf for the root password
[root@ldap ~]# vi /etc/openldap/slapd.conf
    #68 database        bdb
    #69 suffix          “dc=xyz,dc=com”
    #70 rootdn          “cn=Manager,dc=xyz,dc=com”
    #71 rootpw          {SSHA}cWB1VzxDXZLf6F4pwvyNvApBQ8G/DltW
Step #5. Apply Changes
[root@ldap ~]# service ldap restart
Step #6. Create test users
[root@ldap ~]# useradd test1
[root@ldap ~]# passwd test1
    Changing password for user test1.
    New UNIX password:
    Retype new UNIX password:
    passwd: all authentication tokens updated successfully.
[root@ldap ~]# useradd test2
[root@ldap ~]# passwd test2
    Changing password for user test2.
    New UNIX password:
    Retype new UNIX password:
    passwd: all authentication tokens updated successfully.
[root@ldap ~]#
Note: Repeat the same for the rest of users
Step #7. Migrate local users to LDAP
[root@ldap ~]# grep root /etc/passwd > /etc/openldap/passwd.root
[root@ldap ~]# grep test1 /etc/passwd > /etc/openldap/passwd.test1
[root@ldap ~]# grep test2 /etc/passwd > /etc/openldap/passwd.test2
 Note: Repeat the same for the rest of users
Step #8. Update default settings on file /usr/share/openldap/migration/migrate_common.ph
    #71 $DEFAULT_MAIL_DOMAIN = “xyz.com”;
    #74 $DEFAULT_BASE = “dc=xyz,dc=com”;
Step #9. Convert passwd.file to ldif (LDAP Data Interchange Format) file
[root@ldap ~]# /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.root /etc/openldap/root.ldif
[root@ldap ~]# /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.test1 /etc/openldap/test1.ldif
[root@ldap ~]# /usr/share/openldap/migration/migrate_passwd.pl /etc/openldap/passwd.test2 /etc/openldap/test2.ldif
Note: Repeat the same for the rest of users
Step #10. Update root.ldif file for the “Manager” of LDAP Server
[root@ldap ~]# vi /etc/openldap/root.ldif
    #1 dn: uid=root,ou=People,dc=xyz,dc=com
    #2 uid: root
    #3 cn: Manager
    #4 objectClass: account
Step #11. Create a domain ldif file (/etc/openldap/xyz.com.ldif)
[root@ldap ~]# cat /etc/openldap/xyz.com.ldif
    dn: dc=xyz,dc=com
    dc: xyz
    description: LDAP Admin
    objectClass: dcObject
    objectClass: organizationalUnit
    ou: rootobject
    dn: ou=People, dc=xyz,dc=com
    ou: People
    description: Users of xyz
    objectClass: organizationalUnit
Step #12. Import all users in to the LDAP
Add the Domain ldif file
[root@ldap ~]# ldapadd -x -D “cn=Manager,dc=xyz,dc=com” -W -f  /etc/openldap/xyz.com.ldif
    Enter LDAP Password:
    adding new entry “dc=xyz,dc=com”
    adding new entry “ou=People, dc=xyz,dc=com”
[root@ldap ~]#
Add the users:
[root@ldap ~]# ldapadd -x -D “cn=Manager,dc=xyz,dc=com” -W -f  /etc/openldap/root.ldif
    Enter LDAP Password:
    adding new entry “uid=root,ou=People,dc=xyz,dc=com”
    adding new entry “uid=operator,ou=People,dc=xyz,dc=com”
[root@ldap ~]#
[root@ldap ~]# ldapadd -x -D “cn=Manager,dc=xyz,dc=com” -W -f  /etc/openldap/test1.ldif
    Enter LDAP Password:
    adding new entry “uid=test1,ou=People,dc=xyz,dc=com”
[root@ldap ~]#
[root@ldap ~]# ldapadd -x -D “cn=Manager,dc=xyz,dc=com” -W -f  /etc/openldap/test2.ldif
    Enter LDAP Password:
    adding new entry “uid=test2,ou=People,dc=xyz,dc=com”
 [root@ldap ~]#
 Note: Repeat the same for the rest of users
Step #13. Apply Changes
[root@ldap ~]# service ldap restart
Step #14. Test LDAP Server
It prints all the user information:

[root@ldap ~]# ldapsearch -x -b ‘dc=xyz,dc=com’ ‘(objectclass=*)’

 

 

Step-by-step OpenLDAP Installation and Configuration on client side

Step #1. Installation
[root@ldapclient ~]#  yum install authconfig
Step #2. Run the command
[root@ldapclient ~]# authconfig-gtk
Step #3. Settings
         [*] Use LDAP     [*] Use LDAP Authentication
    [Both should be checked]
        Click “Next”.
        [ ] Use TLS
        Server: ldap.xyz.com
        Base DN: dc=xyz,dc=com
        Click “Ok” to confirm.
Note: Use your domain name instead of xyz.

Quit from shell without saving into history

There are many instances when we want to quit from shell without saving any command in history. We might have run by mistake some rookie command and you dont want to disclose it to others.

kill -9 $$ will do the needful as $$ will provide the PID of the current shell.

 

 

Local port range sysctl tuning for high bandwidth Linux servers

Most of the Linux distributions specify local port range from 16384 to 65536 and this may be too low for very high bandwidth and busy boxes, let’s say SMTP, Hosting, POP3/Imap and Proxy servers.
You can adjust this setting by editing /etc/sysctl.conf file and replacing the default:

net.ipv4.ip_local_port_range = 16384 65536

with

net.ipv4.ip_local_port_range = 1024 65536

 

 

 

Squirrelmail error – cannot sending mails

If you are getting an error while sending mails using the webmail client ‘Squirrel mail’;

Server replied: 451 Temporary local problem – please try later.


SOLUTION 

This error is due to the missing entry of the recipient domain in ‘/etc/localdomains’.

$ vi   /etc/localdomains ( Add the domain name in this file)

Then restart the Exim service.

$ /etc/init.d/exim restart

This should fix the error.

NOTE : If you upgraded exim recently, then you should restore the localdomains in order to update the changes.

 

$  cd /etc/
$ ls -al localdomains.eximreset
$ cp localdomains.eximreset  localdomains

 

Now add the domain name and restart the mail service.

 


Upgrading the SquirrelMail

1.  Backup old install:

Make a backup of your current SquirrelMail directory.

For example the httpd document directory is /home/httpd/html, that your SquirrelMail install is located at /home/httpd/html/squirrelmail-1.2.6, and that your new SM version is 1.4.0. Substitute version numbers and names as required.

$ cd /home/httpd/html
$ cp -Rp squirrelmail-1.2.6 squirrelmail-1.2.6.bak

2.  Unarchive new SquirrelMail:

Make sure that you are in your httpd document directory (/home/httpd/html) and then unarchive the SquirrelMail archive (whatever the filename is):

$ tar -zxvf squirrelmail-1.4.0.tar.gz

3.  Copy important files from old install:

The important files to copy are:
A.  Preferences
B.  Config details
C.  Plugins
D.  Themes (if you’ve edited or added any of them)

A.  Preferences
First, copy your preference data over to the new directory.
$ cp squirrelmail-1.2.6.bak/data/* squirrelmail-1.4.0/data

B.  Config details
$ cp squirrelmail-1.2.6.bak/config/config.php squirrelmail-1.4.0/config

C.  Copy plugins
$ cp -Rp squirrelmail-1.2.6.bak/plugins/* squirrelmail-1.4.0/plugins

D.  Copy themes
$ cp squirrelmail-1.2.6.bak/themes/* squirrelmail-1.4.0/themes/

4.  Change permissions:

The web server must have write permission to the data directory.

  $ cd squirrelmail-1.4.0
$ chown -R nobody.nobody data

5.  Run conf.pl:

Run config/conf.pl to see the new configuration options available with the new version, as well as to verify that all of your old options are set properly.

Always save your options

6.  DONE:

That should be all!  The most important part is copying your users’ preference files back into the new data directory.  This will insure that your users will have their old preferences.

 

DB Error: connect failed

While login through horde, you may sometimes get the following error.

ERROR

“A fatal error has occurred:
DB Error: connect failed
[line 411 of /usr/local/cpanel/base/horde/kronolith/lib/Driver/sql.php]
Details have been logged for the administrator.”


One of the reason for this error is due to missing horde DB from Mysql.

RESOLUTION

$> mysql < /usr/local/cpanel/base/horde/scripts/sql/create.mysql.sql

Then run

$> /scripts/resethorde
$> /scripts/fullhordereset

Now do this :–>

cp /usr/local/cpanel/3rdparty/bin/imapd /usr/sbin

touch /var/cpanel/usecpphp

It should fix the error. 🙂

 

Horde Error, Could not connect to database for SQL SessionHandler

1) Open the horde configuration file.

cd /usr/local/cpanel/base/horde/config
vi conf.php

2) Change the following two lines from:
$conf[’sql’][’hostspec’] = ‘localhost’;
$conf[’sessionhandler’][’params’][’hostspec’] = ‘localhost’;

To:

$conf[’sql’][’hostspec’] = ‘localhost:/var/lib/mysql/mysql.sock’;
$conf[’sessionhandler’][’params’][’hostspec’] = ‘localhost:/var/lib/mysql/mysql.sock’;

 

IMAP Login Errors in Horde

When we login to Horde we get IMAP Authentication errors as below

Notice: (null)(): Retrying LOGIN authentication after AUTHENTICATE LOGIN 
failed (errflg=1) in Unknown on line 0

Notice: (null)(): Retrying LOGIN authentication after AUTHENTICATE LOGIN 
failed (errflg=1) in Unknown on line 0

Notice: (null)(): Can not authenticate to IMAP server: AUTHENTICATE LOGIN 
failed (errflg=2) in Unknown on line 0
Fix : 
 
 This issue is happening in many servers and after some research we found that the symlinks passwd.domain.com,shadow.domain.com and the uid.domain.com.gid.domain.com files in /etc/vmail are missing.

take a domain having issue and run the following command

cd /etc/vmail

ls -l|grep domain.com

You should see something like this

-rw-r–r– 1 root root 5 Sep 30 22:52 gid.domain.com

lrwxrwxrwx 1 root root 34 Sep 30 22:30 passwd.domain.com -> /home/user/etc/domain.com/passwd

lrwxrwxrwx 1 root root 34 Sep 30 22:30 shadow.domain.com -> /home/user/etc/domain.com/shadow

-rw-r–r– 1 root root 5 Sep 30 22:52 uid.domain.com

-rw-r–r– 1 root root 0 Sep 30 22:30 vhost.domain.com

If you are missing the above files, you can’t login via imap

We fixed the issue using the following method.

touch /etc/passwd ( You can do this command as it will not recreate the file, it will just update the time stamp of the perticular existing file )

/scripts/updateuserdomains


Horde login error

If you are getting Horde login error in Cpanel like :

Warning: Unknown: write failed: Disk quota exceeded (122) in Unknown on line 0

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of 
session.save_path is correct (/var/cpanel/userhomes/cpanelhorde/sessions) in Unknown on line 0

Then try this Cpanel script :

/scripts/autorepair phpapps_owner_fix

The above script will reset all the quotas for the Cpanel* users.