Differences

This shows you the differences between two versions of the page.

--- web_интерфейс_к_почте [2024/01/03 11:01]
val [Roundcube]
+++ web_интерфейс_к_почте [2024/05/04 05:09] (current)
val [Roundcube]
@@ Line 21: / Line 21: @@
 $config['default_host'] = 'localhost';
 $rcmail_config['mail_domain'] = 'corpX.un';
+...
+//https://treeone.ru/roundcube-smtp-error-code-1-connection-failed-after-upgrade-debian/
+//or add port 587 to mta
+$config['smtp_server'] = 'localhost:25';
 ...
 </code><code>
@@ Line 50: / Line 54: @@
   'user_specific' => false,   // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
-  'base_dn'       => 'ou=People,dc=corpX,dc=un',
+//  'base_dn'       => 'ou=People,dc=corpX,dc=un',
-////  'base_dn'       => 'cn=Users,dc=corpX,dc=un',
+  'base_dn'       => 'cn=Users,dc=corpX,dc=un',
 //  'base_dn'       => 'dc=corpX,dc=un',
-//  'bind_dn'       => 'cn=Administrator,cn=Users,dc=corpX,dc=un',
+  'bind_dn'       => 'cn=Administrator,cn=Users,dc=corpX,dc=un',
-//  'bind_pass'     => 'Pa$$w0rd',
+  'bind_pass'     => 'Pa$$w0rd',
   'search_filter'  => '',   // e.g. '(&(objectClass=posixAccount)(uid=%u))'
@@ Line 104: / Line 108: @@
 </code>
-=== OAuth2 аутентификация ===
+=== OpenID аутентификация ===
   * [[https://goauthentik.io/integrations/services/roundcube/|This integration describes how to use Roundcube's oauth support with authentik to automatically sign into an email account]]
@@ Line 110: / Line 114: @@
   * [[https://github.com/roundcube/roundcubemail/wiki/Configuration:-OAuth2|Configuration: OAuth2]]
   * [[https://www.roundcubeforum.net/index.php?topic=29984.0|[SOLVED] Keycloak and Roundcube problem]]
+<code>
+debian12# cat /var/lib/roundcube/config/config.inc.php
+</code><code>
+...
+$config['oauth_provider'] = 'generic';
+$config['oauth_provider_name'] = 'Keycloak corp13';
+$config['oauth_client_id'] = "any-client";
+$config['oauth_client_secret'] = "anystring";
+$config['oauth_auth_uri'] = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/auth";
+$config['oauth_token_uri'] = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/token";
+$config['oauth_identity_uri'] = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/userinfo";
+$config['oauth_verify_peer'] = false;
+$config['oauth_scope'] = "email profile openid";
+$config['oauth_auth_parameters'] = [];
+$config['oauth_identity_fields'] = ['preferred_username'];
+$config['oauth_login_redirect'] = false;
+$config['login_password_maxlen'] = 4096;
+</code><code>
+debian12# cat /usr/share/roundcube/program/include/rcmail_oauth.php
+</code><code>
+...
+         //$oauth_token_uri     = $this->options['token_uri'];
+         //$oauth_client_id     = $this->options['client_id'];
+         //$oauth_client_secret = $this->options['client_secret'];
+         //$oauth_identity_uri  = $this->options['identity_uri'];
+       $oauth_token_uri     = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/token";
+       $oauth_client_id     = "any-client";
+       $oauth_client_secret = "anystring";
+       $oauth_identity_uri  = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/userinfo";
+...
+</code>
+  * Сервер dovecot [[Сервер dovecot#OAuth аутентификация]]
 ===== Дополнительные материалы =====

Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Differences

Page Tools