postfix+courier+mysql+roundcube+password plugin not work

[Keksmusic]

Hello! Adjusted a server under this instruction Ubuntu 10.04: http://howtoforge.org/virtual-users-domains-postfix-courier-mysql-squirrelmail-ubuntu-10.04
I can not adjust a plug-in change of the password for virtual users. I specify in a file roundcube/plugins/password/config.inc.php the data for use of base of users (not roundcube). Can it is necessary make changes to base, but what and how?

roundcubemail/plugins/password/config.inc.php

Code: [Select]

<?php

$rcmail_config['password_driver'] = 'sql';

$rcmail_config['password_confirm_current'] = true;

$rcmail_config['password_minimum_length'] = 0;

$rcmail_config['password_require_nonalpha'] = false;


$rcmail_config['password_db_dsn'] = 'mysql://user:pass@127.0.0.1/base mail users';

// Default: &quot;SELECT update_passwd(%c, %u)&quot;
$rcmail_config['password_query'] = 'SELECT update_passwd(%c, %u)';

#$rcmail_config['password_dovecotpw_method'] = 'CRAM-MD5';

#$rcmail_config['password_dovecotpw_with_method'] = false;

$rcmail_config['password_hash_algorithm'] = 'sha1';

$rcmail_config['password_hash_base64'] = false;


$rcmail_config['password_pop_host'] = 'localhost';

$rcmail_config['password_pop_port'] = 106;


$rcmail_config['password_saslpasswd_args'] = '';


// LDAP and LDAP_SIMPLE Driver options
// -----------------------------------
// LDAP server name to connect to. 
// You can provide one or several hosts in an array in which case the hosts are tried from left to right.
// Exemple: array('ldap1.exemple.com', 'ldap2.exemple.com');
// Default: 'localhost'
$rcmail_config['password_ldap_host'] = 'localhost';

// LDAP server port to connect to
// Default: '389'
$rcmail_config['password_ldap_port'] = '389';

// TLS is started after connecting
// Using TLS for password modification is recommanded.
// Default: false
$rcmail_config['password_ldap_starttls'] = false;

// LDAP version
// Default: '3'
$rcmail_config['password_ldap_version'] = '3';

// LDAP base name (root directory)
// Exemple: 'dc=exemple,dc=com'
$rcmail_config['password_ldap_basedn'] = 'dc=exemple,dc=com';

// LDAP connection method
// There is two connection method for changing a user's LDAP password.
// 'user': use user credential (recommanded, require password_confirm_current=true)
// 'admin': use admin credential (this mode require password_ldap_adminDN and password_ldap_adminPW)
// Default: 'user'
$rcmail_config['password_ldap_method'] = 'user';

// LDAP Admin DN
// Used only in admin connection mode
// Default: null
$rcmail_config['password_ldap_adminDN'] = null;

// LDAP Admin Password
// Used only in admin connection mode
// Default: null
$rcmail_config['password_ldap_adminPW'] = null;

// LDAP user DN mask
// The user's DN is mandatory and as we only have his login,
// we need to re-create his DN using a mask
// '%login' will be replaced by the current roundcube user's login
// '%name' will be replaced by the current roundcube user's name part
// '%domain' will be replaced by the current roundcube user's domain part
// Exemple: 'uid=%login,ou=people,dc=exemple,dc=com'
$rcmail_config['password_ldap_userDN_mask'] = 'uid=%login,ou=people,dc=exemple,dc=com';

// LDAP search DN
// The DN roundcube should bind with to find out user's DN
// based on his login. Note that you should comment out the default
// password_ldap_userDN_mask setting for this to take effect.
// Use this if you cannot specify a general template for user DN with
// password_ldap_userDN_mask. You need to perform a search based on
// users login to find his DN instead. A common reason might be that
// your users are placed under different ou's like engineering or
// sales which cannot be derived from their login only.
$rcmail_config['password_ldap_searchDN'] = 'cn=roundcube,ou=services,dc=example,dc=com';

// LDAP search password
// If password_ldap_searchDN is set, the password to use for
// binding to search for user's DN. Note that you should comment out the default
// password_ldap_userDN_mask setting for this to take effect.
// Warning: Be sure to set approperiate permissions on this file so this password
// is only accesible to roundcube and don't forget to restrict roundcube's access to
// your directory as much as possible using ACLs. Should this password be compromised
// you want to minimize the damage.
$rcmail_config['password_ldap_searchPW'] = 'secret';

// LDAP search base
// If password_ldap_searchDN is set, the base to search in using the filter below.
// Note that you should comment out the default password_ldap_userDN_mask setting
// for this to take effect.
$rcmail_config['password_ldap_search_base'] = 'ou=people,dc=example,dc=com';

// LDAP search filter
// If password_ldap_searchDN is set, the filter to use when
// searching for user's DN. Note that you should comment out the default
// password_ldap_userDN_mask setting for this to take effect.
// '%login' will be replaced by the current roundcube user's login
// '%name' will be replaced by the current roundcube user's name part
// '%domain' will be replaced by the current roundcube user's domain part
// Example: '(uid=%login)'
// Example: '(&(objectClass=posixAccount)(uid=%login))'
$rcmail_config['password_ldap_search_filter'] = '(uid=%login)';

// LDAP password hash type
// Standard LDAP encryption type which must be one of: crypt,
// ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, or clear.
// Please note that most encodage types require external libraries
// to be included in your PHP installation, see function hashPassword in drivers/ldap.php for more info.
// Default: 'crypt'
$rcmail_config['password_ldap_encodage'] = 'crypt';

// LDAP password attribute
// Name of the ldap's attribute used for storing user password
// Default: 'userPassword'
$rcmail_config['password_ldap_pwattr'] = 'userPassword';

// LDAP password force replace
// Force LDAP replace in cases where ACL allows only replace not read
// See http://pear.php.net/package/Net_LDAP2/docs/latest/Net_LDAP2/Net_LDAP2_Entry.html#methodreplace
// Default: true
$rcmail_config['password_ldap_force_replace'] = true;

// LDAP Password Last Change Date
// Some places use an attribute to store the date of the last password change
// The date is meassured in &quot;days since epoch&quot; (an integer value)
// Whenever the password is changed, the attribute will be updated if set (e.g. shadowLastChange)
$rcmail_config['password_ldap_lchattr'] = '';


// DirectAdmin Driver options
// --------------------------
// The host which changes the password
// Use 'ssl://serverip' instead of 'tcp://serverip' when running DirectAdmin over SSL.
$rcmail_config['password_directadmin_host'] = 'tcp://localhost';

// TCP port used for DirectAdmin connections
$rcmail_config['password_directadmin_port'] = 2222;


// vpopmaild Driver options
// -----------------------
// The host which changes the password
$rcmail_config['password_vpopmaild_host'] = 'localhost';

// TCP port used for vpopmaild connections
$rcmail_config['password_vpopmaild_port'] = 89;


// cPanel Driver options
// --------------------------
// The cPanel Host name
$rcmail_config['password_cpanel_host'] = 'host.domain.com';

// The cPanel admin username
$rcmail_config['password_cpanel_username'] = 'username';

// The cPanel admin password
$rcmail_config['password_cpanel_password'] = 'password';

// The cPanel port to use
$rcmail_config['password_cpanel_port'] = 2082;

// Using ssl for cPanel connections?
$rcmail_config['password_cpanel_ssl'] = true;

// The cPanel theme in use
$rcmail_config['password_cpanel_theme'] = 'x';


// XIMSS (Communigate server) Driver options
// -----------------------------------------
// Host name of the Communigate server
$rcmail_config['password_ximss_host'] = 'mail.example.com';

// XIMSS port on Communigate server
$rcmail_config['password_ximss_port'] = 11024;


// chpasswd Driver options
// ---------------------
// Command to use
$rcmail_config['password_chpasswd_cmd'] = 'sudo /usr/sbin/chpasswd 2> /dev/null';


// XMail Driver options
// ---------------------
$rcmail_config['xmail_host'] = 'localhost';
$rcmail_config['xmail_user'] = 'YourXmailControlUser';
$rcmail_config['xmail_pass'] = 'YourXmailControlPass';
$rcmail_config['xmail_port'] = 6017;


// hMail Driver options
// -----------------------
// Remote hMailServer configuration
// true:  HMailserver is on a remote box (php.ini: com.allow_dcom = true)
// false: Hmailserver is on same box as PHP
$rcmail_config['hmailserver_remote_dcom'] = false;
// Windows credentials
$rcmail_config['hmailserver_server'] = array(
    'Server' => 'localhost', // hostname or ip address
    'Username' => 'administrator', // windows username
    'Password' => 'password' // windows user password
);

errors

Code: [Select]

[05-Nov-2010 00:43:32 +0300]: DB Error: MDB2 Error: not found Query: _doQuery: [Error message: Could not execute statement] [Last executed query: SELECT update_passwd('$1$f0rmJR3q$B31Gp1fvlK.b07HeKPJPd.', 'mail@domain')] [Native code: 1305] [Native message: FUNCTION mail.update_passwd does not exist]  in /var/www/roundcubemail/program/include/rcube_mdb2.php on line 650 (POST /webmail/?_task=settings&_action=plugin.password-save?_task=&_action=)

[JohnDoh]

you need to update this config value to the correct query for your setup

$rcmail_config['password_query']

there is more info about it in the readme file in the password plugin folder

[Keksmusic]

Thanks for the answer, I have already understood. At me has earned with such line:

Code: [Select]

$rcmail_config['password_query'] = 'SELECT users SET password=ENCRYPT (%p) WHERE email=%u LIMIT 1';I have correctly understood, what it is necessary to specify in $rcmail_config [' password_db_dsn '] base of users of a mail, instead of base roundcube? It is safe?

[JohnDoh]

yes the dsn should link to the database which hold your email passwords not the rc one. is it safe? that like many things depends on how its done, if you set it up with a restricted user etc then its about as safe as it can be.

[Keksmusic]

Hello! Has established all as on an early server, but does not work, gives out in broad gulls here that:

Code: [Select]

[08-Nov-2010 05:16:00 +0300]: DB Error: _doQuery: [Error message: Could not execute statement]
[Last executed query: PREPARE mdb2_statement_mysql_38d10efbffea608e4e08bbfadb0f3f2d69b1b1ddc FROM 'SELECT users SET password=ENCRYPT(?) WHERE email=\'mail@domain.com\' LIMIT 1']
[Native code: 1064]
[Native message: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'SET password=ENCRYPT(?) WHERE email='mail@domain.com' LIMIT 1' at line 1]
 in /var/www/roundcubemail/program/include/rcube_mdb2.php on line 268 (POST /webmail/?_task=settings&_action=plugin.password-save?_task=&_action=)
In what there can be a reason?

[alec]

Change SELECT to UPDATE

[Keksmusic]

Change SELECT to UPDATE

Thanks, helped.