Migration from Courier, virtual users

Discussion in 'Installation/Configuration' started by DHDSP, Mar 30, 2009.

  1. DHDSP

    DHDSP New Member

    Hi everyone !

    after ISPC3 has become stable I will be migrating a couple of old servers to a vmware machine running Lenny and hopefully ISPC3. My "old" server has courier-imap and courier-smtp running.

    The old server uses courier "userdb" as the auth file for strictly virtual email users. Can I use this file directly (like in authmodulelist), or can I use the info in the userdb file to generate ISPC3 users another way ? How do I get to see the userdb users in ISPC3 ?

    The password is hashed by the userdbpw command (from AWK script):
    ------------------<CUT>--------------------------
    system("echo "$6" | userdbpw | userdb "$5"/"$4"@"$5" set systempw")
    system("echo "$6" | userdbpw -hmac-md5| userdb "$5"/"$4"@"$5" set hmac-md5pw")
    ------------------</CUT>--------------------------

    The userdb textfile looks somthing like this:
    ------------------<CUT>--------------------------
    [email protected] home=/home/virtmail/testdom.de/testfirstname.testlastname|systempw=aUPc11AXjmoKU|hmac-md5pw=fee57ed3951660332759a9f50712c65bc6a444bcc3aabe559e5830b842a11d41|gid=1001|uid=1001
    ------------------</CUT>--------------------------

    Any Ideas would be greatly appreciated, informing 1000 users by plain mail is not really an option.

    TIA
    Peter


    PS: A pointer to how ISPC3 implements virtual users would also be great.
     
    DHDSP, Mar 30, 2009
    #1
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    ISPConfig implements virtual users in a mysql database with crypt password hashes. Your password hashes are not compatible and I guess it is not possible to migrate your system without generating new passwords.
     
    till, Mar 30, 2009
    #2
  3. DHDSP

    DHDSP New Member

    Thanks for the answer.

    Now userdbpw is also used in my setup to set the "system pw" for courier, as in my previous post:

    "echo "$6" | userdbpw | userdb "$5"/"$4"@"$5" set systempw"

    A quick look in the sourcecode (I'm not a real programmer) tells me the crypt funtion is used to generate the "system pw" if no md5 or hmac is used.

    like here:

    tail userdbpw.c (from the courier authlib source)

    --------------------<CUT>------------------------
    salt[1]=userdb_hex64[(unsigned)salt[1]];
    }
    #endif

    #if HAVE_CRYPT
    printf("%s\n", crypt(buf, salt));
    fflush(stdout);
    #endif
    return (0);
    }
    --------------------</CUT>------------------------

    now I'm not really sure if the "HAVE_CRYPT" means that userdbpw is called without the option md5 or hmac - but i suppose so.

    Wouldn't these encrypted passwords then be usable? Or am I missing something ?


    TIA
    Peter
     
    DHDSP, Mar 31, 2009
    #3

Share This Page