| Search website: |
|
Advanced Server Software
|
Installation and Setup
This page is broken up in to sections. The first section deals with how to setup the 2 most common NetWin LTD applications which use external authentication modules.
The second section is a list of each module available which will take to to a better detail about the selected module.
If you have any questions or need to know more about any aspect of authentication modules please Email:
Contents
SurgeMail
Before you change SurgeMail to use an external module you should ensure that the module is working correctly. And that you can add, change, check and lookup.
With SurgeMail their is two ways to setup the external module. You can either:
- Use SurgeMail Web Based Admin Interface
SurgeMail comes with a built in admin web server that you can use to change various settings. One of these is the Authentication Module. To check this you need to use your browse and the URL like the following:
https://your.domain.com:7026/cgi/admin.cgi
On the left hand side in SurgeMail, once you are logged into the admin page, is the menu like the one on the left.
If you select Modules, SurgeMail will display a pull down list of standard external modules you can select from.
Note: SurgeMail only comes with a few modules already, but the list contains all the standard modules. So you may still need to download the module that you wish to use.
All modules in SurgeMail are expected to be in the base SurgeMail direcory. (eg: /usr/local/surgemail or c:\surgemail)
- Manually change the SurgeMail.ini
To manually setup SurgeMail you need edit surgemail.ini file. On Linux this file is located in the '/etc' folder on Windows it is located in the 'c:\winnt' or 'c:\windows' folder.
Before you can change the ini file you need to shutdown SurgeMail and change the follow ini setting:
g_authent_process "C:\surgemail\nwauth.exe -path C:\surgemail"
Ensure that you also update the '-path' section as well, as this tells the external module were to locate/place any files it needs, like it's ini file.
Then restart SurgeMail again.
If you do not stop SurgeMail before you you change the file the setting will be lost.
DNews
Before you change DNews to use an external module you should ensure that the module is working correctly. And that you can add, change, check and lookup.
With DNews you can only update it by changing it's ini file.
- Manually change the dnews.ini
To manually setup DNews you need edit dnews.ini file. On Linux this file is located in the '/etc' folder on Windows it is located in the 'c:\winnt' or 'c:\windows' folder.
You need to change the following settings:
auth_spawn c:\dnews\ldapauth.exe -path c:\dnews
Ensure that you also update the '-path' section as well, as this tells the external module were to locate/place any files it needs, like it's ini file.
You need need to tell DNews to reload:
tellnews reload
Currently Available Modules
There are many different type of external authentication modules available. Each module is described in the following table. If you click on the name of the module it will take you to a page giving more deatils about that module.
Link for Details Overview
NWAuth This external authentication module comes in all distribution sets. The source is provided on all platforms and for Windows and most UNIX based platforms it is pre-compiled, as nwauth.exe or nwauth.
This module is the default module that most NetWin Ltd product use. This uses a simple text file were all the users information is stored. All password are encoded using 'crypt'.
This is our recommendation.
UNIXAuth UNIXAuth should ONLY be used if you have an existing mail server whose email accounts are in fact UNIX user accounts, it should not be used otherwise UNLESS you want to give your email users a shell account on your UNIX system. UNIXAuth will only work if run as root. Thus the application using it i.e. SurgeMail needs to be setup to run as root before it can be used.
NTAuth NTAuth is version simular to that of UnNIXAuth expect that the module works only works on Windows systems.
This module should ONLY be used if you have an existing mail server whose email accounts are in fact Window user accounts.
LDAPAuth This module allows your user information to be store in an LDAP database. LDAPAuth should work with any v2 or v3 complient LDAP server.
Recommended LDAP servers:
OpenLDAPMySQLAuth This module interfaces with a MySQL Database.
Recommended MySQL servers: MultiAuth This module allows you to authenticate with several modules simultaneously based on wild card matching and other rules.
This allows you to setup 1 (or more) domains which use differnent database. For example you could setup 2 domain where each domain has seperate LDAP databases. So you setup two LDAPAuth within MultiAuth.
OracleAuth This is our module to talk to an oracle user database.
PAMAuth This is the module to talk to the a Linux PAM module. RadiusAuth This is the module to talk to the a Linux Radius module. DNAuth This is a modified verison of NWAuth which can check and lookup users from a DNews users.dat file. ODBCAuth Our authentication module for talking to an ODBC Driver for a Database (e.g. MS Access, MS SQL Server, ORACLE)
This is only available on NT system only.
TCPAuth TCPAuth is a TCPIP client+server module that will take any other module as its backend. Allows easy authentication across boxes and across platforms. POPAuth POPAuth is a POP proxy authentication module. Allows one or more POP servers to be used for authenticating users.
Testing the Authentication Module
Before you change the main application to use the external authentication module you should first run a few tests over it to ensure that it's working correctly.
The best way is to run the module like this:
./nwauth C: search * S: +OK Search Complete 0 items found out of 0 C: set test@domain test S: +OK test@domain added to database C: set test2@domain test fwd="test@domain" S: +OK test2@domain added to database C: search *@domain S: +DATA test2@domain fwd="test@domain" S: +DATA test@domain S: +OK Search Complete 2 items found out of 2 C: check test2@domain test S: +OK test2@domain config 0 fwd="test@domain" C: lookup test@domain S: +OK test@domain config 0 C: lookup test2@domain S: +OK test2@domain config 0 fwd="test@domain" C: del test2@domain S: +OK Deleted user successfully C: del test@domain S: +OK Deleted user successfully C: quit S: +OKKeep in mind that not all the modules support all the commands, so some might give a valid '-ERR' command.