The blindingly quick version of this install is as follows:


1) Install RedHat Fedora Core 2.

2) Remove some RPMs and add others.

3) Install Winbind and configure.

4) Install Cyrus SASL, configure, and test.

5) Install Cyrus IMAPD, configure, and test.

6) Install Postfix, configure, and test.

7) Install Apache, configure, and test

8) Install Postgres. configure and test

9) Install OpenGroupware, configure, and test.

The devil, of course, is in the details. First of all, what I wanted was a drop-in replacement for a Microsoft Exchange Server for a simple single-domain business with three Domain Controllers that includes some 500 users in three locations.

I wanted the resulting machine to be able to do POP, IMAP, SMTP Authentication, Webmail, Calendaring, Global and Personal Contact Lists, and I wanted it to be able to authenticate against the Windows Domain Controllers, and I wanted it to be as compatible as possible with Windows Outlook/Mozilla Thunderbird/Ximian Evolution.

1) Install Redhat Fedora Core 2

I am assuming you know how to install RedHat from CD. This document will not go into great detail for the benefit of a first-time installer. That information can be found elsewhere.

I burned the ISOs from RedHat's website, http://download.fedora.redhat.com/pub/fedora/linux/core/2/i386/iso/, onto 4 CDs, although I only had to use the first three.
Booting up from the first CD , basically just follow the INSTALL program through the installation process. I used the graphic-based install rather than the text-based installation even though I did not install X on my machine. It isn't necessary.

I used a custom install, taking pretty much everything out. However, since a lot of include files and extra libraries are necessary, I used the "Development Tools" options to install a lot of "libxxxx-devel" RPMs. If you can get the Install process not to install Sendmail, so much the better, as otherwise you will have to uninstall it by hand.

I also set the Firewall option to "No Firewall" because I didn't want the hassle of configuring "iptables" afterward. That may not be what everyone else wants. Make sure you install "lynx" with the Text-Based Internet option, or you'll want to install it later. It isn't absoulutely necessary, but Lynx turned out to be a timesaver for me many times.

2) Remove some RPMs and add others.

Since you will, in the future, be compiling Cyrus-SASL, Cyrus-IMAPD, Postfix, and PostgreSQL from source, it would be good for you to remove whatever RPMs of these programs were installed by the Installation process. You will need custom compilations of these programs for various reasons. So, take out the Cyrus RPMS

rpm -qa | grep cyrus will let you know which ones have been installed

NB - Before you remove the Cyrus-SASL rpms, locate the shared library libsasl.so.7.1.8 and copy it into a safe place. When you have finished removing the SASL, recopy it back into its original location. OpenLDAP depends on this library.

and

rpm -ev cyrus-sasl, etc.,

will remove them.
Also remove Sendmail if it got installed.

rpm -ev sendmail

I also removed whatever dependent programs were installed. On my machine, they were "mutt" and "fetchmail".

So, what I found I had to remove were all Cyrus RPMS (imapd and sasl) and any RPM for any MTA such as Postfix or Sendmail.

BTW - There were a mountain of dependencies for the Cyrus-SASL RPM. I had to force-erase the RPM. When you reinstall Cyrus-SASL from source, the right libraries will be installed in the right places and no dependencies will be broken.

Now, since you will also be compiling Apache from source to allow Perl and PHP support, also remove httpd RPMS.

I also had to add several RPMS, especially Perl modules and development packages. Check to see if you have these packages installed:

openssl-devel
pam-devel
openldap-devel
db4-devel

and maybe

krb5-devel

I added a bunch of other Perl-oriented RPMs as well, but I don't know if they were strictly necessary;

perl-CGI
perl-Crypt-SSLeay
perl-DBD-Pg
perl-DBI
perl-Digest-HMAC
perl-Digest-SHA1
perl-HTML-Parser
perl-HTML-Tagset
perl-LDAP
perl-Time-HiRes
perl-TimeDate
perl-URI
perl-XML-Dumper
perl-XML-Encoding

...just because its better to have something and not need it than to need something and not have it.

3) Install and Configure Winbind

Winbind is a Samba client that will allow Unix users to map against a set of Users on a Windows NT/2000 domain. You can make it as simple or as complex as you care to. I chose to keep it simple, because I didn't want a lot of local users on the Cyrus-OGo box. What I wanted, of course, was for the Cyrus-OGo box to offer services to authenticated domain users.

You can read more about Winbind here. The documentation in this link deals with Samba 3.0, but we are going to be using Samba 2.2. Please keep that ind.

If you don't have the Samba-client RPM, install it. This is the only Samba software you will need.

rpm -iv samba-client-3.0.3-5.i386.rpm

However, you will also need a Samba configuration file in a place where Winbind is expecting to find it. I put mine in /etc/samba.smb.conf. You don't need all the file-and-directory sharing options, but you do need the options explaining how to map Active Directory users to Unix users. Here is my smb.conf file:

security = domain
workgroup = %MYDOMAIN%
netbios name = %MYNAME%
password server = %MYPDC%
encrypt passwords = yes
template homedir = /home/default
template shell = /home/default
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes

Note: The last line is particularly useful if you are going to provide services for only one domain. Without this line, you will have to provide the domain name alomg with the user name if you want to authenticate the user, i.e. in the form DOMAIN\user, and, as usual, the backslash can cause all kinds of problems in the Unix world.

Now, I found it useful to put the name and IP address of my PDC in the /etc/samba/lmhosts as well as the /etc/hosts file. It is important that the Cyrus-OGo box be able to locate your PDC by the name you put in the smb.conf file.

Now, the /etc/nsswitch.conf file needs to be modified so that if the username is not found in the standard UNIX files, the Cyrus-OGo box will query Winbind for authentication.

passwd: files winbind
shadow: files
group: files winbind

And you will need to join the Cyrus-OGo box to your domain. The command for this in Samba 2.2 is different from the one in Samba 3.0. Samba 2.2 does not have the Windows [i]net[/i] commands that Samba 3.0 does.

The command to join the domain is

smbpasswd -j MYDOMAIN -r MYPDC -U Administrator

and you should receive a message saying that you have joined the domain. Now you can try some commands to see if Winbind is set up correctly:

wbinfo -t This command will let you know if the shared secret between the PDC and your Cyrus-OGo box is OK.
wbinfo -u will show you a list of your domain users.

I also found an init.d script for Winbind:

#####################################################
#!/bin/sh
#
# chkconfig: - 91 35
# description: Starts and stops the Samba winbind daemon
#              #
# pidfile: /var/cache/samba/winbind.pid
# config:  /etc/samba/smb.conf


# Source function libraries
if [ -f /etc/init.d/functions ] ; then
  . /etc/init.d/functions
elif [ -f /etc/rc.d/init.d/functions ] ; then
  . /etc/rc.d/init.d/functions
else
  exit 0
fi

# Avoid using root's TMPDIR
unset TMPDIR

# Source networking configuration.
. /etc/sysconfig/network

if [ -f /etc/sysconfig/samba ]; then
   . /etc/sysconfig/samba
fi

# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0

# Check that smb.conf exists.
[ -f /etc/samba/smb.conf ] || exit 0

RETVAL=0


start() {
        KIND="Winbind"
        echo -n $"Starting $KIND services: "
        daemon winbindd "$WINBINDOPTIONS"
        RETVAL=$?
        echo
        [ $RETVAL -eq 0 ] && touch /var/lock/subsys/winbindd || RETVAL=1
        return $RETVAL
}

stop() {
        echo
        KIND="Winbind"
        echo -n $"Shutting down $KIND services: "
        killproc winbindd
        RETVAL=$?
        [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/winbindd
        echo ""
        return $RETVAL
}

restart() {
        stop
        start
}

reload() {
        echo -n $"Reloading smb.conf file: "
        killproc winbindd -HUP
        RETVAL=$?
        echo
        return $RETVAL
}

rhstatus() {
        status winbindd
}

case "$1" in
  start)
        start
        ;;
  stop)
        stop
        ;;
  restart)
        restart
        ;;
  reload)
        reload
        ;;
  status)
        rhstatus
        ;;
  condrestart)
        [ -f /var/lock/subsys/winbindd ] && restart || :
        ;;
  *)
        echo $"Usage: $0 {start|stop|restart|reload|status|condrestart}"
        exit 1
esac

exit $?
######################################################

4) Install Cyrus SASL, configure, and test.

Cyrus SASL and Cyrus IMAPD are very complex pieces of software. I used Luc De Louw's document as a template for how to install the Cyrus software and the Postfix software on my machine. Much of what I have here comes from his document and I hope he doesn't mind if I quote it here, making a few modifications.

The biggest difference is that I am not using MySQL for the Cyrus backend.

Download Cyrus SASL and Cyrus IMAP from the Carnegie-Mellon site. I used an older version of SASL when I found out that the most recent version had some compatibility problems.

Download Cyrus SASL 2.1.19

On most systems there is no cyrus user or mail group by default. Check for a free UID, usually daemons are running with UIDs less that 100. As example I am using UID 3096. I used the Cyrus user for both Postfix and Cyrus. Please pay strict attention to the permissions on the directories in which these programs store files because this will almost always cause problems!!!

groupadd mail
useradd -u 3096 -d /usr/cyrus -g mail cyrus
passwd whatever

Now for building and installing Cyrus SASL

tar -xvzf cyrus-sasl-2.1.19.tar.gz
cd cyrus-sasl-2.1.18

./configure \
--enable-plain \
--enable-login \
--disable-krb4 \
--disable-otp \
--disable-cram \
--disable-digest \
--with-saslauthd=/var/run/saslauthd \
--with-pam=/lib/security \
--with-dblib=berkeley \
--with-openssl \
--with-plugindir=/usr/local/lib/sasl2

make
make install

Now compile the "testsaslauthd" program:

mkdir -p /var/run/saslauthd

cd saslauthd
make testsaslauthd
cp testsaslauthd /usr/local/bin

echo /usr/local/lib/sasl2 >> /etc/ld.so.conf
ldconfig

The SASL library is installed in /usr/local/lib/sasl2 but some programs are expecting SASL in /usr/lib/sasl2. So it is a good idea to create a symbolic link:

ln -s /usr/local/lib/sasl2 /usr/lib/sasl2

In order to test the SASL mechanism, you will have to configure PAM to use Winbind for the IMAP service. My /etc/pam.d/imap file reads as follows:

######################################################
auth sufficient pam_winbind.so
auth sufficient pam_unix_auth.so try_first_pass

account required pam_winbind.so
account sufficient pam_unix_acct.so
#######################################################

After this, you can start the SASL Authentication daemon from the command line using the debugging option:

/usr/local/sbin/saslauthd -V -c -a pam &

and check the authentication daemon using "testsaslauthd". Use a user from the /etc/password file first.

testsaslauthd -u cyrus -p whatever

You should get a response - 0: OK "Success"

Then, try a domain user's name and password:

testsaslauthd -u domainuser -p domainpasswd

Hopefully, you will get the same message. If not, you should have a lot of information in your logs to help you out. I put ouput from this process into secure.log using the local6.debug option in /etc/syslog.conf, but you can look at it in /var/log/messages if you want to. I was several days in hell looking for bugs here, an it was mostly due to incorrect permissions and bad compiles. I hope you have an easier time.


5) Install Cyrus IMAPD, configure, and test

I used Cyrus-IMAPD 2.1.17 for my box. Once again, just a bit behind the cutting edge.

Compile and install Cyrus IMAP:

tar -xvzf cyrus-imapd-2.1.17.tar.gz
cd cyrus-imapd-2.1.17

export CPPFLAGS="-I/usr/include/et /usr/kerberos/include"

./configure \
--with-sasl=/usr/local/lib \
--with-perl \
--with-auth=unix \
--with-openssl \
--without-ucdsnmp

make depend
make
make install

You will now have to create two configuration files: /etc/imapd.conf and /etc/cyrus.conf and modify your /etc/services file. Make sure all these services exist in your /etc/services file:

pop3 110/tcp
imap 143/tcp
imaps 993/tcp
pop3s 995/tcp
sieve 2000/tcp

Here is Luc's (and my) /etc/imapd.conf file:

postmaster: cyrus
configdirectory: /var/imap
partition-default: /var/spool/imap
# admins: cyrus # no admins!
allowanonymouslogin: no
allowplaintext: yes
sasl_mech_list: PLAIN
servername: ogo-imap.domain.com
autocreatequota: 10000
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
dracinterval: 0
drachost: localhost
sasl_pwcheck_method: saslauthd
sievedir: /usr/sieve
sendmail: /usr/sbin/sendmail
sieve_maxscriptsize: 32
sieve_maxscripts: 5
tls_ca_file: /var/imap/server.pem
tls_cert_file: /var/imap/server.pem
tls_key_file: /var/imap/server.pem

In order to administer the Cyrus IMAP server through the "cyradm" utility, it will be necessary to have a /etc/imapd-local.conf file as well. Just copy the /etc/imapd.conf, but make the "cyrus" local user an administrator.

It is up to you to create a TLS certificate. I use the same one for both the Web and for IMAPS. Here is a quick cookbook guide on how to do this from Luc's document:

openssl req -new -nodes -out req.pem -keyout key.pem
openssl rsa -in key.pem -out new.key.pem
openssl x509 -in req.pem -out ca-cert -req -signkey new.key.pem -days 999
NB- Don't set a passphrase on this certificate.

mkdir /var/imap

cp new.key.pem /var/imap/server.pem
rm new.key.pem
cat ca-cert >> /var/imap/server.pem

chown cyrus:mail /var/imap/server.pem
chmod 600 /var/imap/server.pem

echo tls_ca_file: /var/imap/server.pem >> /etc/imapd.conf
echo tls_cert_file: /var/imap/server.pem >> /etc/imapd.conf
echo tls_key_file: /var/imap/server.pem >> /etc/imapd.conf

Luc's /etc/cyrus.conf file works perfectly. It is as follows:

# standard standalone server implementation

START {
  # do not delete this entry!
  recover       cmd="ctl_cyrusdb -r"

  # this is only necessary if using idled for IMAP IDLE
#  idled                cmd="idled"
}

# UNIX sockets start with a slash and are put into /var/imap/socket<
SERVICES {
  # add or remove based on preferences<
  imap          cmd="/usr/cyrus/bin/imapd" listen="206.72.212.243:imap" prefork=0
  imapdomain    cmd="/usr/cyrus/bin/imapd" listen="10.150.1.224:imap" prefork=0
  imaplocal     cmd="/usr/cyrus/bin/imapd -C /etc/imapd-local.conf" listen="127.0.0.1:imap" prefork=0
  imaps         cmd="/usr/cyrus/bin/imapd -s" listen="206.72.212.243:imaps" prefork=0
  imapslocal    cmd="/usr/cyrus/bin/imapd -C /etc/imapd-local.conf" listen="127.0.0.1:imaps" prefork=0
  pop3          cmd="/usr/cyrus/bin/pop3d" listen="pop3" prefork=0
  pop3s         cmd="/usr/cyrus/bin/pop3d -s" listen="pop3s" prefork=0
  sieve         cmd="/usr/cyrus/bin/timsieved" listen="206.72.212.243:sieve" prefork=0
  sievelocal    cmd="/usr/cyrus/bin/timsieved -C /etc/imapd-local.conf listen="127.0.0.1:sieve" prefork=0

  # at least one LMTP is required for delivery
#  lmtp         cmd="lmtpd" listen="lmtp" prefork=0
  lmtpunix      cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0
 
# this is only necessary if using notifications
#  notify       cmd="notifyd" listen="/var/imap/socket/notify" proto="udp" prefork=1
}

EVENTS {
  # this is required
  checkpoint    cmd="/usr/cyrus/bin/ctl_cyrusdb -c" period=30

  # this is only necessary if using duplicate delivery suppression
  delprune      cmd="/usr/cyrus/bin/ctl_deliver -E 3" period=1440

  # this is only necessary if caching TLS sessions
  tlsprune      cmd="/usr/cyrus/bin/tls_prune" period=1440

#######################################################
#!/bin/bash
#
# Cyrus startup script

case "$1" in
    start)
        # Starting SASL saslauthdaemon
        /usr/local/sbin/saslauthd -c -a pam&

        # Starting Cyrus IMAP Server
        /usr/cyrus/bin/master &
        ;;

    stop)

        # Stopping SASL saslauthdaemon
        killall saslauthd

        # Stopping Cyrus IMAP Server
        killall /usr/cyrus/bin/master
        ;;

    *)

        echo "Usage: $0 {start|stop}"
        exit 1
        ;;

esac
#############################################

# DO NOT SHARE THE POSTFIX QUEUE BETWEEN MULTIPLE POSTFIX INSTANCES.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args 
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd
628       inet  n       -       n       -       -       qmqpd  (1)
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       n       300     1       nqmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
#
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# maildrop. See the Postfix MAILDROP_README file for details.
#

maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#

old-cyrus unix  -       n       n       -       -       pipe

  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
# Cyrus 2.1.5 (Amos Gouaux)
cyrus     unix  -       n       n       -       -       pipe
  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}  (2)
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = cyrus(1)

myhostname = exchangekiller.yourdomain.com
mydomain = yourdomain.com
myorigin = $mydomain
mydestination = $mydomain(2)

unknown_local_recipient_reject_code = 450
mynetworks_style = host
mailbox_transport = lmtp:unix:/var/imap/socket/lmtp(3)
debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop

manpage_directory = /usr/local/man
sample_directory = /etc/postfix
readme_directory = /etc/postfix

smtpd_sasl_auth_enable = yes(4)
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes

#   Server Certificate:
#   Point SSLCertificateFile at a PEM encoded certificate.  If
#   the certificate is encrypted, then you will be prompted for a
#   pass phrase.  Note that a kill -HUP will prompt again.  Keep
#   in mind that if you have both an RSA and a DSA certificate you
#   can configure both in parallel (to also allow the use of DSA
#   ciphers, etc.)
SSLCertificateFile /var/imap/server.pem
#SSLCertificateFile /usr/local/httpd/conf/ssl.crt/server-dsa.crt

#   Server Private Key:
#   If the key is not combined with the certificate, use this
#   directive to point at the key file.  Keep in mind that if
#   you've both a RSA and a DSA private key you can configure
#   both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /var/imap/server.pem
#SSLCertificateKeyFile /usr/local/httpd/conf/ssl.key/server-dsa.key

#   Server Certificate Chain:
#   Point SSLCertificateChainFile at a file containing the
#   concatenation of PEM encoded CA certificates which form the
#   certificate chain for the server certificate. Alternatively
#   the referenced file can be the same as SSLCertificateFile
#   when the CA certificates are directly appended to the server
#   certificate for convinience.
#SSLCertificateChainFile /usr/local/httpd/conf/ssl.crt/ca.crt

#   Certificate Authority (CA):
#   Set the CA certificate verification path where to find CA
#   certificates for client authentication or alternatively one
#   huge file containing all of them (file must be PEM encoded)
#   Note: Inside SSLCACertificatePath you need hash symlinks
#         to point to the certificate files. Use the provided
#         Makefile to update the hash symlinks after changes.
#SSLCACertificatePath /usr/local/httpd/conf/ssl.crt

#! /bin/sh
               # postgresql    This is the init script for starting up the PostgreSQL
               #               server

               # chkconfig: 345 85 15
               # description: Starts and stops the PostgreSQL backend daemon that handles \
               #              all database requests.
               # processname: postmaster
               # pidfile: /var/run/postmaster.pid
               #

               # Source function library.
               . /etc/rc.d/init.d/functions

               # Get config.
               . /etc/sysconfig/network

               # Check that networking is up.
               # Pretty much need it for postmaster.
               [ ${NETWORKING} = "no" ] && exit 0

               [ -f /usr/local/bin/postmaster ] || exit 0

               # This script is slightly unusual in that the name of the daemon (postmaster)
               # is not the same as the name of the subsystem (postgresql)

               # See how we were called.
               case "$1" in
               start)
               echo -n "Checking postgresql installation: "
               # Check for the PGDATA structure
               if [ -f /usr/local/pgsql/data/PG_VERSION ] && [ -d /usr/local/pgsql/data/base/1 ]
               then
               # Check version of existing PGDATA

               if [ `cat /usr/local/pgsql/data/PG_VERSION` != '7.3' ]
               then
               echo "old version. Need to Upgrade."
               echo "See /usr/doc/postgresql-6.5.2/README.rpm for more information."
               exit 1
               else
               echo "looks good!"
               fi

               # No existing PGDATA! Initdb it.

               else
               echo "no database files found."
               if [ ! -d /usr/local/pgsql ]
               then
               mkdir -p /usr/local/pgsql
               chown postgres.postgres /usr/local/pgsql
               fi
               su -l postgres -c '/usr/local/bin/initdb  --pgdata=/usr/local/pgsql'
               fi

               # Check for postmaster already running...
               pid=`pidof postmaster`
               if [ $pid ]
               then
               echo "Postmaster already running."
               else
               #all systems go -- remove any stale lock files
               rm -f /tmp/.s.PGSQL.* > /dev/null
               echo -n "Starting postgresql service: "
               su -l postgres -c '/usr/local/bin/postmaster -D /usr/local/pgsql/data >/var/log/postgres.log 2>&1 &'
               sleep 1
               pid=`pidof postmaster | awk '{print $3}'`
               if [ $pid ]
               then
               echo -n "postmaster [$pid]"
               touch /var/lock/subsys/postgresql
               echo $pid > /var/run/postmaster.pid
               echo
               else
               echo "failed."
               fi
               fi
               ;;
               stop)
               echo -n "Stopping postgresql service: "
               killproc postmaster
               sleep 2
               rm -f /var/run/postmaster.pid
               rm -f /var/lock/subsys/postgresql
               echo
               ;;
               status)
               status postmaster
               ;;
               restart)
               $0 stop
               $0 start
               ;;
               *)
               echo "Usage: postgresql {start|stop|status|restart}"
               exit 1
               esac
                
               exit 0

AddType application/x-httpd-php php
AddType application/x-httpd-php-source php

LoadModule perl_module modules/mod_perl.so

LoadModule ngobjweb_module /usr/local/lib/opengroupware.org-1.0a/WebServer/mod_ngobjweb.so


SetHandler ngobjweb-adaptor
SetAppPort 20000


Alias /OpenGroupware10a.woa/WebServerResources/ /usr/local/share/opengroupware.org-1.0a/www/


SetHandler ngobjweb-adaptor
SetAppPort 23000

{
    LDAPInitialBindDN = "cn=cyrus,ou=LDAP Admins,dc=mydomain,dc=com";
    LDAPInitialBindPW = whatever;
    LDAPInitialBindSpecific = YES;
    LDAPLoginAttributeName = sAMAccountName;
    LSAdaptor = PostgreSQL;
    LSAuthLDAPServer = "mypdc.mydomain.com";
    LSAuthLDAPServerRoot = "dc=mydomain,dc=com";
    LSConnectionDictionary = {
        databaseName = ogo;
        hostName = localhost;
        password = "";
        port = 5432;
        userName = ogo;
    };
    LSUseLowercaseLogin = YES;
    Languages = (
        English
    );
    NGBundlePath = "/usr/local/lib/opengroupware.org-1.0a/";
    TimeZoneName = EST;
}

{
    WOPort = "*:20000";
}