Konfigurasi SLAPD
cd freeradius-1.1.6
cp doc/examples/openldap.schema /etc/ldap/schema/
vim /etc/ldap/slapd.conf
##########################################
include /etc/ldap/schema/openldap.schema
##########################################
Konfigurasi FreeRadius
vim /usr/local/etc/raddb/radiusd.conf
ldap {
server = "127.0.0.1"
identity = "cn=budi,dc=ardelindo,dc=com"
password = rahasia
basedn = "dc=ardelindo,dc=com"
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
# base_filter = "(objectclass=radiusprofile)"
#access_attr = "dialupAccess"
edir_account_policy_check=yes
dictionary_mapping = ${raddbdir}/ldap.attrmap
}
authorize {
preprocess
chap
mschap
#digest
#IPASS
suffix
#ntdomain
#eap
#files
#sql
#etc_smbpasswd
ldap
#daily
#checkval
#pap
}
authenticate {
#Auth-Type PAP {
#pap
#}
#Auth-Type CHAP {
#chap
#}
# MSCHAP authentication.
#Auth-Type MS-CHAP {
#mschap
#}
#digest
#pam
#unix
Auth-Type LDAP {
ldap
}
#eap
}
Test Authentifikasi Radius
Sisi Klien
root@ubuntu:~/hotspot/freeradius-1.1.6# radtest budi 23 localhost 0 testing123
Sending Access-Request of id 95 to 127.0.0.1 port 1812
User-Name = "budi"
User-Password = "23"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=95, length=20
Log Server Radius
rad_check_password: Found Auth-Type ldap
auth: type "LDAP"
Processing the authenticate section of radiusd.conf
modcall: entering group LDAP for request 2
rlm_ldap: - authenticate
rlm_ldap: login attempt by "budi" with password "23"
rlm_ldap: user DN: uid=budi,ou=Users,dc=ardelindo,dc=com
rlm_ldap: (re)connect to 127.0.0.1:389, authentication 1
rlm_ldap: bind as uid=budi,ou=Users,dc=ardelindo,dc=com/23 to 127.0.0.1:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: user budi authenticated succesfully
modcall[authenticate]: module "ldap" returns ok for request 2
modcall: leaving group LDAP (returns ok) for request 2
Sending Access-Accept of id 129 to 127.0.0.1 port 44721
Finished request 2
Going to the next request
--- Walking the entire request list ---
Lokasi Ardelindo Aples Depok
Senin, 27 Juli 2009
Minggu, 26 Juli 2009
Authentifikasi SMTP postfix TLS
Setup Postfix TLS Encryption
mkdir /etc/postfix/ssl
cd /etc/postfix/ssl
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
nano /etc/postfix/main.cf
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
/etc/init.d/postfix restart
Konfigurasi Dovecot TLS
vim /etc/dovecot/dovecot.conf
ssl_disable = no
ssl_key_file = /etc/postfix/ssl/smtpd.key
ssl_cert_file = /etc/postfix/ssl/smtpd.crt
ssl_key_password = admin
ssl_ca_file = /etc/postfix/ssl/cacert.pem
Konfigurasi Mail Client Evolution
mkdir /etc/postfix/ssl
cd /etc/postfix/ssl
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
nano /etc/postfix/main.cf
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
/etc/init.d/postfix restart
Konfigurasi Dovecot TLS
vim /etc/dovecot/dovecot.conf
ssl_disable = no
ssl_key_file = /etc/postfix/ssl/smtpd.key
ssl_cert_file = /etc/postfix/ssl/smtpd.crt
ssl_key_password = admin
ssl_ca_file = /etc/postfix/ssl/cacert.pem
Konfigurasi Mail Client Evolution
Senin, 13 Juli 2009
Authentifikasi SMTP Postfix SASL & Database MySQL
Sekarang kita bahas cara membuat authentifikasi SMTP postfix SASL yang terintegrasi dengan database MySQL (masih berhubungan dengan artikel postfix admin sebelumnya).
Dengan authentifikasi SASL, email client bisa melakukan relay dari sembarang IP, sebelum mengirimkan email ke SMTP pengguna akan ditanyakan username dan password virtual domain.
Oke kita langsung aja, langkah pertama adalah melakukan instalasi library sasl ...
Instalasi Paket SASL
Autorun SASLAUTHD
Buat Direktori Postfix SASL
Test Authentifikasi Postfix
Setup Evolution Email SASL
Test Authentifikasi SASL Evolution Mail
Dengan authentifikasi SASL, email client bisa melakukan relay dari sembarang IP, sebelum mengirimkan email ke SMTP pengguna akan ditanyakan username dan password virtual domain.
Oke kita langsung aja, langkah pertama adalah melakukan instalasi library sasl ...
Instalasi Paket SASL
apt-get install postfix-tls sasl2-bin libsasl2 libsasl2-modules libpam-mysql openssl
Konfigurasi PAM SMTP
vim/etc/pam.d/smtp
auth required pam_mysql.so user=postfix passwd=yourpass host=127.0.0.1 db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1
account sufficient pam_mysql.so user=postfix passwd=yourpass host=127.0.0.1 db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1
vim/etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
log_level: 5
Autorun SASLAUTHD
vim /etc/default/saslauthd
START=yes
MECHANISMS="pam"
OPTIONS="-c -r -m /var/spool/postfix/var/run/saslauthd"
Buat Direktori Postfix SASL
mkdir /var/spool/postfix/var/
mkdir /var/spool/postfix/var/run/
mkdir /var/spool/postfix/var/run/saslauthd
chown -R root:sasl /var/spool/postfix/var/
chmod 710 /var/spool/postfix/var/run/saslauthd
adduser postfix sasl
ln -s /var/spool/postfix/var/run/saslauthd /var/run/saslauthd
Konfigurasi Postfix SMTP
vim/etc/postfix/main.cf
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination
Test Authentifikasi Postfix
root@aples-desktop:~# telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 aples-desktop.bengkel-linux.co.cc ESMTP Postfix (Ubuntu)
ehlo aples-desktop.bengkel-linux.co.cc
250-aples-desktop.bengkel-linux.co.cc
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
Setup Evolution Email SASL
Test Authentifikasi SASL Evolution Mail
Kamis, 09 Juli 2009
Ubuntu Virtual Web Hosting
APACHE VIRTUAL HOSTING
Virtual hosting dipergunakan saat kita mengelola beberapa domain hanya dengan 1 IP publik. Pada apache web server konfigurasi virtual domain ada dua macam, pertama berbasis IP, yaitu kita membuat ip alias pada web server dan kedua berbasis nama, yaitu kita membuat nama virtual pada direktif httpd.conf. Pada bagian ini kita bahas cara membuat virtual domain berbasis nama pada apache web server, langkah pembuatan adalah sebagai berikut.
Buat user hosting dengan perintah
useradd -s /bin/false -m hosting
useradd -s /bin/false -m tux
passwd hosting
passwd tux
Login ke user hosting / tux dan buat direktori
mkdir public_html
mkdir cgi-bin
mkdir -p var/log
touch var/log/access.log
touch var/log/error.log
echo “Test Page Website Linux.Co.Id” >> public_html/index.html
UserDir
vim /etc/apache2/mods-enabled/dir.conf
UserDir public_html
UserDir enabled hosting tux
Options ExecCGI
SetHandler cgi-script
vim /etc/apache2/sites-enabled/000-default
NameVirtualHost *
ServerName www.hosting.net.id
DocumentRoot /home/hosting/public_html
ErrorLog /home/hosting/var/log/error.log
TransferLog /home/hosting/var/log/access.log
ServerAdmin budi@hosting.net.id
ServerName hosting.net.id
DocumentRoot /home/hosting/public_html
ErrorLog /home/hosting/var/log/error.log
TransferLog /home/hosting/var/log/access.log
ServerAdmin budi@hosting.net.id
ServerName www.tux.net.id
DocumentRoot /home/tux/public_html
ErrorLog /home/tux/var/log/error.log
TransferLog /home/tux/var/log/access.log
ServerAdmin budi@tux.net.id
ServerName tux.net.id
DocumentRoot /home/tux/public_html
ErrorLog /home/tux/var/log/error.log
TransferLog /home/tux/var/log/access.log
ServerAdmin budi@tux.net.id
FTP SERVER
Untuk melakukan manajemen content web server pelanggan harus melakukan upload data ke public_html user melalui ftp server. Tahap instalasi ftp server pada Ubuntu cukup mudah. Berikut ini langkah instalasi dan konfigurasi ftp server pada ubuntu.
Perintah instalasi proftpd.
apt-get install proftpd
Kemudian kita konfigurasi file /etc/proftpd.conf
ServerName "ProFTPD Default Installation"
ServerType standalone
DefaultServer on
AllowStoreRestart on
Port 21
Umask 022
MaxInstances 30
User nobody
Group apache
DefaultRoot ~
RequireValidShell off
AllowOverwrite on
PersistentPasswd off
Restart ProFTPD
/etc/init.d/proftpd restart
Login sebagai user hosting melalui ftp client
Senin, 06 Juli 2009
Ubuntu Virtual Domain Postfix Admin, Dovecot dan MySQL
Sekarang akan kita bahas cara membuat virtual domain dengan menggunakan postfix admin, dovecot dan database mysql.
Langkah yang perlu kita tempuh adalah:
1. Download source postfix admin di
http://sourceforge.net/projects/postfixadmin/
2. kemudian extraxt di direktori /var/www/
root@budi-desktop:~# cd /var/www/
root@budi-desktop:/var/www# tar xzf /home/ardelindo/Desktop/postfixadmin-2.2.1.1.tar.gz
root@budi-desktop:/var/www# mv postfixadmin-2.2.1.1/ postfix
root@budi-desktop:/var/www# chown -R www-data.www-data /var/www
3. Install aplikasi utama
root@budi-desktop:~# apt-get install postfix postfix-msql php5-imap dovecot-pop3d dovecot-imapd php5-mysql squirrelmail
4. Buat database postfix
root@budi-desktop:~# mysql
mysql> create database postfix;
mysql> grant all privileges on postfix.* to 'postfix'@'localhost' identified by 'postfixpassword';
mysql> grant all privileges on postfix.* to 'postfix'@'127.0.0.1' identified by 'postfixpassword';
mysql> exit
5. Setup config.inc.php postfixadmin
root@budi-desktop:~# vim /var/www/postfix/config.inc.php
// Database Config
// mysql = MySQL 3.23 and 4.0
// mysqli = MySQL 4.1
// pgsql = PostgreSQL
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfix';
$CONF['database_password'] = 'postfixpassword';
$CONF['database_name'] = 'postfix';
$CONF['database_prefix'] = '';
6. Setup postfix admin
buka web browser firefox kemudian buka URL
http://127.0.0.1/postfix/setup.php
setelah selesai hapus setup.php
root@budi-desktop:~# rm -fr /var/www/postfix/setup.php
7. Konfigurasi MySQL postfix
vim /etc/postfix/mysql_virtual_alias_maps.cfuser = postfix
password = postfixpassword
hosts = 127.0.0.1
dbname = postfix
table = alias
select_field = goto
where_field = address
vim /etc/postfix/mysql_virtual_mailbox_maps.cfuser = postfix
password = postfixpassword
hosts = 127.0.0.1
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
#additional_conditions = and active = '1'
vim /etc/postfix/mysql_virtual_mailbox_limit_maps.cfuser = postfix
password = postfixpassword
hosts = 127.0.0.1
dbname = postfix
table = mailbox
select_field = quota
where_field = username
#additional_conditions = and active = '1'
vim /etc/postfix/mysql_relay_domains_maps.cfuser = postfix
password = postfixpassword
hosts = 127.0.0.1
dbname = postfix
table = domain
select_field = domain
where_field = domain
additional_conditions = and backupmx = '1'
vim /etc/postfix/mysql_virtual_domains_maps.cfuser = postfix
password = postfixpassword
hosts = 127.0.0.1
dbname = postfix
table = domain
select_field = domain
where_field = domain
#additional_conditions = and backupmx = '0' and active = '1'
8. Konfigurasi /etc/postfix/main.cfchgrp postfix /etc/postfix/mysql_*.cf
chmod 640 /etc/postfix/mysql_*.cf
groupadd -g 5000 vmail
useradd -m -g vmail -u 5000 -d /home/vmail -s /bin/bash vmail
vim /etc/postfix/main.cf
# Virtual Mailbox Domain Settings
myhostname = ubuntu
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_limit = 51200000
virtual_minimum_uid = 5000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_transport = virtual
# Additional for quota support
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the your maildir has overdrawn your diskspace
quota, please free up some of spaces of your mailbox try again.
virtual_overquota_bounce = yes
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination =
relayhost =
#mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mynetworks = all
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
9. Konfigurasi Dovecot POP3 dan IMAP4
vim /etc/dovecot/dovecot.conf
protocols = imap pop3
disable_plaintext_auth = no
default_mail_env = maildir:/home/vmail/%u/
first_valid_uid = 5000
first_valid_gid = 5000
# SQL database
passdb sql {
# Path for SQL configuration file
args = /etc/dovecot/dovecot-sql.conf
}
# SQL database
userdb sql {
# Path for SQL configuration file
args = /etc/dovecot/dovecot-sql.conf
}
vim /etc/dovecot/dovecot-sql.conf
driver = mysql
connect = host=127.0.0.1 dbname=postfix user=postfix password=postfixpassword
default_pass_scheme = CRYPT
user_query = SELECT maildir, 5000 AS uid, 5000 AS gid FROM mailbox WHERE username = '%u'
password_query = SELECT password FROM mailbox WHERE username = '%u'
10. Test Dovecot POP3 dan IMAP4
/etc/init.d/dovecot restart
root@budi-desktop:~# telnet 127.0.0.1 110
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
+OK Dovecot ready.
user admin@beruk.com
+OK
pass 12345
+OK Logged in.
list
+OK 2 messages:
1 562
2 619
.
quit
+OK Logging out.
Connection closed by foreign host.
root@budi-desktop:~#
SMTP SASL AUTHENTICATION
apt-get install sasl2-bin libsasl2-modules-sql cyrus-clients-2.2
vim /etc/postfix/main.cfsmtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks,
permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_policy_service
# modify the existing smtpd_sender_restrictions
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks,
reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit
# then add these
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
vim /etc/postfix/sasl/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: postfix
sql_passwd: postfixpassword
sql_database: postfix
sql_select: select passwd from mailbox where username='%u@%r' and active = 1
Sabtu, 04 Juli 2009
Openoffice 3.0 Google Documents Extension
Pada blog kali ini kita akan bahas cara upload file pekerjaan ke Google dokumen, sehingga kita bisa sharing file melalui internet dengan pengguna email google maupun yang lain.
1. Langkah pertama adalah download google document extension di
http://extensions.services.openoffice.org/project/ooo2gd
2. Kemudian install melalui extension manager, Tools -> Extension Manager -> Add
3. Langkah berikutnya buka dokumen yang akan kita upload
4. Klik icon upload Google Docs pada openoffice isikan username dan password kemudian OK.
5. Buka Google Docs melalui web browser firefox kemudian klik list file yang kita simpan, sehingga tampil editor google dokumen.
1. Langkah pertama adalah download google document extension di
http://extensions.services.openoffice.org/project/ooo2gd
2. Kemudian install melalui extension manager, Tools -> Extension Manager -> Add
3. Langkah berikutnya buka dokumen yang akan kita upload
4. Klik icon upload Google Docs pada openoffice isikan username dan password kemudian OK.
5. Buka Google Docs melalui web browser firefox kemudian klik list file yang kita simpan, sehingga tampil editor google dokumen.
Jumat, 03 Juli 2009
Solusi Login YM dari pidgin linux...
Kalian pasti mengalami masalah ketika login ke Yahoo Messenger melalui Pidgin linux. Ini ada solusi dengan mengganti alamat URL default YM ke alamat baru server China.
Alamat baru: cn.scs.msg.yahoo.com
Atau bisa lihat di gambar bawah ini:
Alamat baru: cn.scs.msg.yahoo.com
Atau bisa lihat di gambar bawah ini:
Langganan:
Komentar (Atom)
