Weblogic-next, virtual domains and SSL
Hi
Current versions of WL (6.1 and below) do not support distinct
Certificates for each virtual domain. This means that we cannot
support multiple secure sites (HTTP-S based) using the virtual domain feature
in WL. And this affects us as we are an ASP, and our customers need distinct domain
names.
Another issue is that the security realm (RDBMS, File, whatever)
is shared amongst the virtual domains, so the authentication
database is essentially common for all our customers.
Will these problems be fixed in the upcoming major release of
WebLogic ? I'd greatly appreciate it someone within WL can
send me an answer - group post/private. (I'm also trying the sales/support channels).
thanx
-john mani
director, engineering
6D
smcnulty,
You are referring to Cyrus ACLs which apply to IMAP and not SMTP. As I said IMAP logins work just fine, it was SMTP that didn't accept the user. User creation with WGM works well, no problems here. Your tips may surely be of help to someone having IMAP/POP issues.
pterobyte:
Alex saved the day (again). You were certainly right that postfix didn't even know about the configurations I made in /etc/postfix/virtual. Everything is working fine now and I am only waiting for my DNS transfer to finally carry over. I only need to setup a backup MX, nothing more to do.
Thanks
MacLemon
PS: Sorry, the system chokes an error upon awarding stars and marking as solved. Will try again at a later date.
Message was edited by: MacLemon, added note about problems marking as solved and awarding stars.
Similar Messages
-
Virtual Domains and Aliases - the sequel
Ok pterobyte
I have successfully set up virtual domains and aliases on several systems including Mac OS 10.4 - now i'm trying to set up a brand new xserve to host a local domain and several virtual domains...
I have followed pterobytes method of creating virtual domains and aliases etc. However, whether I use /etc/postfix/aliases (for local users) or /etc/postfix/virtual for virtual users - I cannot get the mail to go to two addresses at the same time.
The mail.log only records the mail being sent to local mail box.
Here's an example:
local user example (remote.com is a remote domain where mail should be forwarded to as well as sent to local mail box.)
#aliases
local_guy [email protected], [email protected]
virtual user example
#virtual
[email protected] virtual_guy, [email protected]
"virtual.com" is set up as a virtual domain in SA Mail and mail.virtual.com is that users mail server in WGM.
BTW in pterobyte's latest pdf manual shortname 3 says "shortname3-x: aliases for e-mail address under shortname2" what does that mean?
As I said mail delievers correctly locally but does NOT go to the remote address. Does anyone have a clue what else I can look at?
anyone?
anyone?
Pterobyte?
PowerBook G4, MacBook, various servers Mac OS X (10.4.3)sorry I missed the colon in the posted message:
it is local_guy: [email protected], [email protected]
Here's the postconf -n (I restored the aliases file back to default last night - i've been working on the virtual forward.)
Thans for getting back so fast...
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debugpeerlevel = 2
enableserveroptions = yes
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailboxsizelimit = 0
mailbox_transport = cyrus
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mapsrbldomains =
messagesizelimit = 52428800
mydestination = $myhostname,localhost.$mydomain,localhost
mydomain = iplanitonline.com
mydomain_fallback = localhost
myhostname = mail.iplanitonline.com
mynetworks_style = host
newaliases_path = /usr/bin/newaliases
queue_directory = /private/var/spool/postfix
readme_directory = /usr/share/doc/postfix
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpdclientrestrictions = permit_mynetworks rejectrblclient sbl-xbl.spamhaus.org rejectrblclient relays.ordb.org permit
smtpdpw_server_securityoptions = cram-md5,login,plain
smtpdrecipientrestrictions = permitsasl_authenticated,permit_mynetworks,reject_unauthdestination,permit
smtpdsasl_authenable = yes
smtpdtls_keyfile =
smtpduse_pwserver = yes
unknownlocal_recipient_rejectcode = 550
virtualmailboxdomains = hash:/etc/postfix/virtual_domains
virtual_transport = lmtp:unix:/var/imap/socket/lmtp
MacBook (BootCamp), various Macs and servers Mac OS X (10.4.7) -
Virtual domains and their installation
Hello again Alex,
and anyone else able to enlighten me.
Thank you all for your help the last time I was in need.
I'm setting up Postfix by editing the postfix files directly without using server admin due to it's limitations. Especially since I'm using an external GW in a DMZ along with an internal server delivering the mail.
And now I would like to add virtual domains using "Postfix virtual MAILBOX example: separate domains, non-UNIX accounts". Is this possible with OS X?
I have read what is on postfix.org, I have read what is in Alex's installation guide but there are a few things I'm not getting.
I've created the virtual domains and all that stuff but I'm not getting the creation of user access. Do you mean I actually need to create each and every user acessing mail in Workgroup manager?
Could you point me to some information that bypasses the use of server admin but is still usefull in setting up mail under OS X. I don't want to use SA since I do not want to ruin my manual setup of the Postfix files.
Kind regards
HansAre you then saying it would be easier to define the
users in workgroup manager and use a couple of
aliases for each user acessing mail?
Definitely easier, but with the limitations you already know.
Is it possible, using this method to use names like
[email protected], [email protected] etc. rather than
[email protected], [email protected] etc.
Sure, just follow my tutorial.
And when
logging into the mailservice do I then have to use
the full [email protected] as a user login name to
access the virtual mailboxes?
Yes, full name with domain.
And is it correct to assume that when using the
server for more than one domain I need to define the
first as a local domain and the rest as virtual
domains?
Yes (if you want to have "hans" as a different user in each domain).
Alex
P.S. Just make a backup fo main.cf so you can copy paste changes that might get hosed by Server Admin. Once your setup is complete, adding users through WGM or aliases through /etc/postfix/virtual will not touch main.cf -
Configuration fails to save a lot (related to custom domain and SSL)
Attempting to add a custom domain and then to apply an SSL certificate to that domain result in a lot of errors. The sequence of events that led to this screenshot http://cl.ly/image/2w1V2m0x3N0U were:
Add a custom domain (failed)
Attempt to add the same custom domain again (failed)
Attempt to add the same custom domain again (succeeded)
Attempt to assign an SSL certificate to that domain (failed)
I was performing similar actions on Monday with similar results...a lot of failures with some successes and no apparent reason for the failures and no different actions leading to the successes. On Monday I refreshed the page in the browser a lot, but it
didn't seem to help. During the above sequence, I didn't refresh the page.We have been having the same issue with regards to custom SSL bindings and certs in our staging environment. No matter how I choose to enter the information or how many times I try, the save button is nonfunctional and navigating away from the page discards
my changes. -
Weblogic server 9.2 and SSL server certificate for the wrong site
I turned on SSL service for a weblogic 9.2 server and later on changed the hostname of the machine that weblogic was running on. So the hostname that my SSL server certificate was issued to has now became an invalid hostname. But my weblogic server continues to run SSL service without any exception. I can still access my web applications thru the SSL port (except of course I get a warning for the server certificate every time that it is for the "wrong site"). My question is this: should weblogic 9.2 verify the hostname in the server certificate and stop SSL service if the certificate is for the wrong site? Or is verifying the certificate strictly the job of the browser? Just want to make sure there is nothing wrong with my SSL configuration. Thanks.
So you are saying that something is wrong with my weblogic 9.2 ssl configuration? And that given a server certificate issued to a different hostname, my weblogic server should NOT be servicing ssl request and/or it should throw some sort of exception during startup? Thanks for clarifying.
-
Difference between WebLogic 6.1 Domain and WebLogic 7.0 Domain
What is most reliable way of differentiating WebLogic 6.1 Domain with WebLogic
7.0 domain? WebLogic 6.1 Domain meaning interrelated set of WebLogic 6.1 servers.
A server in a domain listed within config.xml when started with WebLogic 6.1 binaries
become WebLogic 6.1 server and when started with WebLogic 7.0 binaries become
WebLogic 7.0 server.
Is there any thing in config.xml file that differentiate the domain affront?I think in ur classpath /weblogic classpath ,u have the jar file of weblogic5.1. make sure to remove all classpath setting of weblogic5.1
-
Virtual mail domain and POP problem
Hi all,
I am currently on my 7th or 8th install of 10.5 server, so far without managing to make a working mailsetup with virtual domains and virtual users. That is, it works when my customers use an IMAP-client (or webmail via squirrelmail), but it doesn't work when using a POP-client. I have yet to discover the cause of my problems, as the server-logs show perfectly good logins – but unfortunately nothing gets downloaded to the client.
I currently host 15 domains, which until my purchase of 10.5 server were hosted on a computer running 10.4 client-version with dovecot as mailserver, a custom DNS-setup and various custominstalled supporting apps. On the old client, everything was running smoothly (albeit slowly, due to the old hardware), but as I have stated, on my new server I can't get POP-access to work.
When I do a fresh install of 10.5 server, I can log in to the accounts on the primary domain with either POP3 or IMAP, but as soon as I set up a virtual domain, POP-access to all accounts ceases to function.
I suspect Cyrus configuration to be the main culprit, since everything else seems to work as expected, but having no previous experience with cyrus, I have yet to find a solution.
If anyone has any pointers to a good source of cyrus-IMAP knowledge, I would be very grateful for any help.
/LarsHi Alex,
This is really strange, and it's also really bugging me!
I use OD. If I add several shortnames to a user, fqn and not-fqn, I can only log in with the first shortname and any of the fqn-names. However, only the login using the first shortname recieves any mail.
I dont know if you have any explanation as to why my setup doesn't include a /etc/postfix/virtual file or a virtualaliasmaps statement in main.cf, which is the only difference in my system that I registered compared to your guide.
This is some lines from mailaccess.log when logging in to an account using Outlook Express in XP (user info masked):
Dec 7 22:50:05 server pop3[84858]: login: [192.168.2.3] comexampleuser plaintext User logged in
Dec 7 22:51:15 server pop3[84858]: login: [192.168.2.3] [email protected] plaintext User logged in
Dec 7 22:51:25 server pop3[84858]: login: [192.168.2.3] [email protected] plaintext User logged in
Dec 7 22:51:35: --- last message repeated 3 times ---
Dec 7 22:51:46 server pop3[84858]: login: [192.168.2.3] [email protected] plaintext User logged in
Dec 7 22:52:16: --- last message repeated 2 times ---
Dec 7 22:52:44 server pop3[84858]: login: [192.168.2.3] [email protected] plaintext User logged in
Dec 7 22:56:01 server pop3[84946]: login: [192.168.2.3] [email protected] plaintext User logged in
Dec 7 22:57:04 server pop3[84946]: login: [192.168.2.3] [email protected] plaintext User logged in
The log level is set to "Information", and as you can see all logins appear to be successful. However, only the first login using the comexampleuser login receives any mail (and I sent more mails inbetween to make sure something would register, of course).
Here's the relevant part from mail.log:
Dec 7 22:51:04 server postfix/smtpd[84875]: connect from unknown[192.168.2.3]
Dec 7 22:51:04 server postfix/smtpd[84875]: 4A362F8F58: client=unknown[192.168.2.3], sasl_method=CRAM-MD5, [email protected]
Dec 7 22:51:04 server postfix/cleanup[84880]: 4A362F8F58: message-id=<[email protected]>
Dec 7 22:51:04 server postfix/qmgr[81164]: 4A362F8F58: from=<[email protected]>, size=602, nrcpt=1 (queue active)
Dec 7 22:51:04 server postfix/smtpd[84884]: connect from localhost[127.0.0.1]
Dec 7 22:51:04 server postfix/smtpd[84884]: B4844F8F67: client=localhost[127.0.0.1]
Dec 7 22:51:04 server postfix/cleanup[84880]: B4844F8F67: message-id=<[email protected]>
Dec 7 22:51:04 server postfix/smtpd[84884]: disconnect from localhost[127.0.0.1]
Dec 7 22:51:04 server postfix/qmgr[81164]: B4844F8F67: from=<[email protected]>, size=1112, nrcpt=1 (queue active)
Dec 7 22:51:04 server postfix/smtp[84882]: 4A362F8F58: to=<[email protected]>, orig_to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.47, delays=0.03/0.02/0.01/0.41, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as B4844F8F67)
Dec 7 22:51:04 server postfix/qmgr[81164]: 4A362F8F58: removed
Dec 7 22:51:04 server postfix/pipe[84886]: B4844F8F67: to=<[email protected]>, relay=cyrus, delay=0.14, delays=0.01/0.03/0/0.1, dsn=2.0.0, status=sent (delivered via cyrus service)
Dec 7 22:51:04 server postfix/qmgr[81164]: B4844F8F67: removed
Dec 7 22:52:04 server postfix/smtpd[84875]: disconnect from unknown[192.168.2.3]
And here are the lines from system.log:
Dec 7 22:50:05 server pop3[84858]: login: [192.168.2.3] comexampleuser plaintext User logged in
Dec 7 22:51:15 server pop3[84858]: login: [192.168.2.3] [email protected] plaintext User logged in
Dec 7 22:51:25 server pop3[84858]: login: [192.168.2.3] [email protected] plaintext User logged in
Dec 7 22:51:35: --- last message repeated 3 times ---
Dec 7 22:51:46 server pop3[84858]: login: [192.168.2.3] [email protected] plaintext User logged in
Dec 7 22:52:16: --- last message repeated 2 times ---
Dec 7 22:52:44 server pop3[84858]: login: [192.168.2.3] [email protected] plaintext User logged in
Dec 7 22:53:14: --- last message repeated 2 times ---
Dec 7 22:56:01 server pop3[84946]: login: [192.168.2.3] [email protected] plaintext User logged in
Dec 7 22:57:04 server pop3[84946]: login: [192.168.2.3] [email protected] plaintext User logged in
bash-3.2# cat /etc/imapd.conf
admins: cyrusimap
configdirectory: /var/imap
partition-default: /var/spool/imap
unixhierarchysep: yes
altnamespace: yes
servername: server.skovgaarddesign.dk
sievedir: /usr/sieve
sendmail: /usr/sbin/sendmail
lmtpdowncasercpt: 1
unixgroupenable: 0
berkeleytxnsmax: 400
berkeleylocksmax: 20000
berkeley_cachesize: 8192
berkeleymax_logregion: 2048
berkeleymax_logfile: 10240
berkeleymax_logbuffer: 2048
tlskeyfile: /etc/certificates/Default.key
quotawarn_frequencydays: 1
tlscertfile: /etc/certificates/Default.crt
enablequotawarnings: yes
imapauth_crammd5: yes
popauthapop: yes
logrolling_daysenabled: 0
logrollingdays: 1
imapauthlogin: yes
imapauthplain: yes
imapauthgssapi: yes
lmtpover_quota_permfailure: yes
tlsserveroptions: use
popauthgssapi: yes
bash-3.2# cat /etc/cyrus.conf
# standard standalone server implementation
START {
# do not delete this entry!
recover cmd="ctl_cyrusdb -r"
# this is only necessary if using idled for IMAP IDLE
idled cmd="idled"
# UNIX sockets start with a slash and are put into /var/imap/socket
SERVICES {
# add or remove based on preferences
imap cmd="imapd" listen="imap" prefork=0
imaps cmd="imapd -s" listen="imaps" prefork=0
pop3 cmd="pop3d" listen="pop3" prefork=0
pop3s cmd="pop3d -s" listen="pop3s" prefork=0
sieve cmd="timsieved" listen="sieve" prefork=0
# at least one LMTP is required for delivery
# lmtp cmd="lmtpd" listen="lmtp" prefork=0
lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0
# this is only necessary if using notifications
# notify cmd="notifyd" listen="/var/imap/socket/notify" proto="udp" prefork=1
EVENTS {
# this is required
checkpoint cmd="ctl_cyrusdb -c" period=30
# this is only necessary if using duplicate delivery suppression
delprune cmd="cyr_expire -E 3" at=0400
# this is only necessary if caching TLS sessions
tlsprune cmd="tls_prune" at=0400
LIMITS {
imaplimit value=0
And here are the output of ps U _cyrus when logging in via POP (I have removed the IMAP-lines, as I doubt they are necessary, but feel free to correct me if I'm mistaken).
bash-3.2# ps U _cyrus
PID TT STAT TIME COMMAND
19062 ?? Ss 1:08.79 /usr/bin/cyrus/bin/cyrus-quota -r
81174 ?? Ss 0:01.32 master -l 256
81177 ?? S 0:02.04 idled
85071 ?? Ss 0:00.03 /sbin/launchd
85073 ?? S 0:00.03 pop3d: [192.168.2.3] [email protected] user.firstname^lastname@exampl
I hope some of the above will provide some clues.
/Lars -
Running Virtual Domains on Mac OSX Server and Postfix
Just purchased Mac OS Server X and Installed it. I am begining to setup mail servevices and this is my question.I have been using FreeBSD 5.3 and Postfix. In the main.cf I had setup 3 virtual Domains and used Canonical Maps and virtual alias to get my mail to the proper mailboxes. Now do I have to do that here in the terminal screen manually adding the canonical maps and virtual alias in the main.cf or does Server admin do it automacticly when I setup the virtual domains?
Thanks
PowerMac G4 Digital Audio 533 Mhz. Mac OS X (10.4.2)You can either go the manual editing route you were used to or use Server Admin. The results will be similar, but the approach different. Server Admin defines virtual domains differently (This is possible because postfix allows for different implementations.
I have written a Tutorial on OS X Virtual Mail Domains. You can download it here: http://osx.topicdesk.com/downloads/ -
Hi all,
Iam having this problem with Virtual Hosts and SSL.
The subdomains work fine but the problem is when you try to connect to the one with SSL then you get "ssl_error_rx_record_too_long"
Its not a permission error and the certificate is created with the ssh.mydomain.com as FQDN name if that is of any importance
Listen 443
<VirtualHost 172.16.2.250:80>
DocumentRoot /srv/http/www
ServerName www.mydomain.com
</VirtualHost>
<VirtualHost 172.16.2.250:80>
DocumentRoot /srv/http/glype
ServerName proxy.mydomain.com
</VirtualHost>
<VirtualHost 172.16.2.250:80>
DocumentRoot /srv/http/forum
ServerName forum.mydomain.com
</VirtualHost>
<VirtualHost 172.16.2.250:443>
DocumentRoot /srv/http/ssh
ServerName ssh.mydomain.com
SSLEngine ON
SSLCertificateKeyFile "/etc/httpd/certs/server.key"
SSLCertificateFile "/etc/httpd/certs/server.crt"
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://localhost:8100/
ProxyPassReverse / http://localhost:8100/
</VirtualHost>
Iam grateful for all the help i can recieve.neddie_seagoon wrote:SSL needs to run on a dedicated IP (and responds to all https requests on that IP) so you can't have multiple vhosts with SSL on the same IP. You would need to bring up more IPs and then configure your other vhosts to use them.
fyi: recent builds of apache and openssl can now do SNI.
http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
Also, if you use wildcard certificates, and your vhosts are all subdomains of the same top level domain, then that would work too. I have done this a few times before. Apache squaks a little when it starts up, but it works fine.
But in the general case, and when using older builds of apache, you are correct regarding the ip requirements.
Last edited by cactus (2009-08-29 18:44:16) -
Awhile back I was posting quite a bit about mac mail and Windows AD questions. That was in prepartion to move a client from Powweb hosted pop/exchange to they're own Mail server.
I'm converting them this week but there was something I wanted to make sure could happen.
They essentially have 3 domains. Domain1 is the primary. Domain2 and Domain3 are for other purposes but all recieve mail most of which is forwarded.
Most of domain2 are just forwards to accounts on the primary. So that's just adding the [email protected] to the user's account? Does the gui create the alias in postfix automatically?
Domain3 however are not forwards. They are accounts for the owner's family domain. I'm guessing the best thing is to just create a seperate user account for those accounts and keep them seperate?
To allow this to be setup seperately on clients and devices (iphone, android, etc) should i just create a seperate accounts? user1 for [email protected] and user1a [email protected]? If there is a better way to accomplish besides a second user account I'm all for that.
My next question; users that have addresses for domain1 and domain2 listed on their account have the ability to respond with either address? That's using an email client like outlook or thunderbird? This isn't really a necessity as domain2 email addresses are just forwards in powweb to domain1 addresses. I was curious.
User1
[email protected]
[email protected]If you have the email service turned on, creating a user automatically creates an email account under the domain that was setup for email. Apple does have virtual domains, both web and email. I've only worked with web virtual domains and that was very little. Basically to get two websites running.
I've never worked with the email virtual domain so I'm not sure how it works. Email virtual domains are setup in the server admin app under the advanced tab. My personal email server is Axigen running on Fedora Core which handles multiple domains (not virtual) which is why I have not looked at virtual email domains on Lion Server.
The WGM>Accounts>selected user>info tab is for Open Directory information to my knowledge. Not sure how, or even if, that interacts with the email service. -
Mailman + Postfix + Virtual Domains
I'm going nuts trying to get this thing working... I spent the best part of yesterday getting Postfix and Courier working with Virtual Domains and a PostgreSQL backend. That's all working fine.
Now I've spent about the last 5 - 6 hours trying to get Mailman working -- obviously without any luck.
Can someone point me in the right direction? I tried installing from source, and following the 'official' installation manual, but that doesn't cover Virtual Domains very well (obviously not well enough to get it working at least).
*Then* I realized that their's a package in EXTRA for Mailman, so I wiped the source install I did, and installed the package, but I'm still stuck.
I think the main part of my problem, is the manual says that I should have a 'data/virtual-mailman' in the mailman installation directory, but I don't, and can't find any information on how it is created!
At the end of the day, I just need a single damn mail list on one of my virtual domains for a dozen people -- if anyone has an easier solution than this, please suggest!windowbreaker wrote:
Also, what's the output of
postconf virtual_maps virtual_alias_maps
Let me be sure I understand your situation. You currently have postfix setup with virtual domains and mysql. You are successfully able to send/receive emails from your virtual accounts, correct?
Correct.
postconf: warning: virtual_maps: unknown parameter
virtual_alias_maps = hash:/etc/postfix/virtual_alias, pgsql:/etc/postfix/pgsql-virtual-forwards.cf
And the contents of /etc/postfix/pgsql-virtual-forwards.cf
hosts = localhost
user = postfix
password = MY_PASSWORD
dbname = db_postfix
query = SELECT forward_to FROM aliases WHERE email = '%s'
/etc/postfix/virtual_alias
MAILER-DAEMON: postmaster
postmaster: root
bin: root
daemon: root
named: root
nobody: root
uucp: root
www: root
ftp-bugs: root
postfix: root
manager: root
dumper: root
operator: root
abuse: postmaster
decode: root
root: [email protected]
windowbreaker wrote:In that case, you're probably trying to have postfix process all email sent to, say, [email protected], by mailman. In which case you need to pass that email message to a mailman command, right? I'm sure I got some things wrong, so go ahead and clear them up so I can give you detailed advice.
Correct. My domain in question is ryla9810.org which has one alias that forwards to my gmail account (phil@), and I need one mail list with a dozen members (team@). The forward works, but the maillist is causing me grief
Thanks for all your input so far -
Set up virtual domain without Server Admin?
Hello all--
I need to set up mail service for a second domain on our Xserve. Don't want to use Server Admin, because by now I've tweaked postfix, cyrus, amavisd, spamassassin, etc so much that I'm afraid using Server Admin to make any config changes will break things. So can anyone point me to a thread or another website with instructions/tutorials on how to configure virtual host/virtual domains/local host aliases, etc without the use of Server Admin? Many thanks--If you want to keep the same structure for your virtual domains and continue using WGM then there is little you need to do.
Create the users in WGM as virtual users (will need a shortname [email protected])
Edit /etc/postfix/virtual_domains and add the domain followed by a space andd "allow"
Issue sudo postmap /etc/postfix/virtual_domains
Issue sudo postfix reload
That's it.
If you want to use actual postfix style virtual domains then www.postfix.org is a good starting point. -
Mailman virtual domains configuration - Anyone has been successfull?
Hello,
Is there any one out there that has manage to configure Mailman to work with virtual domains in a Mac OS X Server 10.3.9 enviroment??
Anyone??
I've tryied every setup and read everything in the web about postfix and mailman and I just cant get it to work.
If there is anyone out there that could show me his configuration I would mostly greatfull.If I keep the aliases and the virtual-mailman hashes
in the postfix configuration I can have lists running
for local and virtual domains, right?
And we can have lists with the same name? And even
with the same name of the users in WG?
Once again, you can have the same name, be it for a user, be it for a list only ONCE per domain. A list and a user address are the same thing to postfix (they only difference is that a list adress is aliased to a mailman script). So they cannot exist twice in the same domain, but they can coexist in seperate VIRTUAL domains. Not in local host aliases.
In order to this works I must have in SA, Mail,
Advanced Settings, the virtual domain listed in the
local host alias?
Absolutely NOT! Virtual domains and local host aliases must be kept separate. -
Apache Virtual Hosts and Weblogic 5.1SP6
Running:
WebLogic Server 5.1.0 w/ Service Pack 6
Solaris 7
Hello, I've been reading through the newsgroups and saw alot of information on
setting up apache and weblogic to handle virtual hosts, but am still having problems
getting it to work.
I have 2 domains that will be served up by one instance of Apache using NameBased
virtual hosts and I would like to have our one instance of WebLogic 5.1SP6 handle
them as well.
Excerpt from my httpd.conf file:
NameVirtualHost 216.xx.x.xx:80
<VirtualHost vcstgws011:80>
ServerName vcstgws011.domain1.com
Port 80
DocumentRoot /opt/vci-10.8/webapps/www
DirectoryIndex index.jsp
<Directory "/opt/vci-10.8/webapps/www">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost vcstgws011:80>
ServerName www.domain2.com
Port 80
DocumentRoot /opt/vci-10.8/webapps/www/dsl
DirectoryIndex index.jsp
<Directory "/opt/vci-10.8/webapps/www">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
Under my default server configuration I have the WebLogic stuff:
<IfDefine WL>
WebLogicCluster vcstgas011.domain1.com:7001
Debug on
DebugConfigInfo on
ConnectTimeoutSecs 60
HungServerRecoverSecs 300
Debug on
DebugConfigInfo on
<Files *.jsp>
SetHandler weblogic-handler
</Files>
<Location /weblogic>
SetHandler weblogic-handler
PathTrim /weblogic
</Location>
<Location /servlet>
SetHandler weblogic-handler
</Location>
<Location /Admin*>
SetHandler weblogic-handler
</Location>
<Location /j_security_check>
SetHandler weblogic-handler
</Location>
</IfDefine>
And here's an excerpt from my weblogic.properties file:
# HTTPD
weblogic.httpd.enable=true
# DocumentRoot configuration
weblogic.httpd.defaultWebApp=/opt/vci-10.8/webapps/www
weblogic.httpd.indexDirectories=true
Any help would be appreciated.
Thanks,
MarkAnyone have success with Name-Based virtual hosts using same instance of WebLogic?
"Mark Mangano" <[email protected]> wrote:
>
Running:
WebLogic Server 5.1.0 w/ Service Pack 6
Solaris 7
Hello, I've been reading through the newsgroups and saw alot of information
on
setting up apache and weblogic to handle virtual hosts, but am still
having problems
getting it to work.
I have 2 domains that will be served up by one instance of Apache using
NameBased
virtual hosts and I would like to have our one instance of WebLogic 5.1SP6
handle
them as well.
Excerpt from my httpd.conf file:
NameVirtualHost 216.xx.x.xx:80
<VirtualHost vcstgws011:80>
ServerName vcstgws011.domain1.com
Port 80
DocumentRoot /opt/vci-10.8/webapps/www
DirectoryIndex index.jsp
<Directory "/opt/vci-10.8/webapps/www">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost vcstgws011:80>
ServerName www.domain2.com
Port 80
DocumentRoot /opt/vci-10.8/webapps/www/dsl
DirectoryIndex index.jsp
<Directory "/opt/vci-10.8/webapps/www">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
Under my default server configuration I have the WebLogic stuff:
<IfDefine WL>
WebLogicCluster vcstgas011.domain1.com:7001
Debug on
DebugConfigInfo on
ConnectTimeoutSecs 60
HungServerRecoverSecs 300
Debug on
DebugConfigInfo on
<Files *.jsp>
SetHandler weblogic-handler
</Files>
<Location /weblogic>
SetHandler weblogic-handler
PathTrim /weblogic
</Location>
<Location /servlet>
SetHandler weblogic-handler
</Location>
<Location /Admin*>
SetHandler weblogic-handler
</Location>
<Location /j_security_check>
SetHandler weblogic-handler
</Location>
</IfDefine>
And here's an excerpt from my weblogic.properties file:
# HTTPD
weblogic.httpd.enable=true
# DocumentRoot configuration
weblogic.httpd.defaultWebApp=/opt/vci-10.8/webapps/www
weblogic.httpd.indexDirectories=true
Any help would be appreciated.
Thanks,
Mark -
RDS - .local domain and external users. Best way to get rid of SSL warnings
I am evaluating MS RDS as a possible solution for a VDI implementation at the college I work for. When we setup our AD years ago we set it up as a .local domain. I am running into issues with the .local machine name on the connection broker for
external users. I know for internal domain systems we can setup the self signed .local cert as a trusted root cert to bypass the self signed untrusted warning but for the bulk of our users which will be using systems external to our domain they
will get the SSL warning about the self signed certificate when they try to connect to a remote app or a desktop.
Initially I thought if I setup a local AD CA that we could setup a trust relationship with the SSL cert. After further reading I believe that this would only work for systems internal to our domain and we would still have the issue with external devices.
The other option would be to tell our users to click the box to never display the warning message again and to go on or to add the self signed cert to their trusted list. Of course when ever you ask the user to do something there will be issues. We
have also found that in our testing that we can not seem to connect via the web portal with a macbook. We get an error that there is a problem with the trust relationship with the server after we login and click on an app or a desktop to connect. We
have been able to connect with iOS devices.
We could of course rename the .local domain to a .edu domain which would permit us to use our wildcard certificate but that is a major undertaking that we don't want to cross at the moment. I think I might have some up with a solution and wanted to
bounce the idea off of those on this forum.
If we setup a second domain on campus that is not a .local. Join the non internet facing RDS systems to this new domain that would have a SSL cert that was trusted and then setup a full trust relationship between the two domains such that users and
systems in one domain could communicate with the systems in the other domain would that remove the certificate warnings for external users?Hi AKlein,
Initially I thought if I setup a local AD CA that we could setup a trust relationship with the SSL cert. After further reading I believe that this would only work for systems internal to our domain and we would
still have the issue with external devices.
Just add the root CA certificate of the internal CA into Trusted Root Certification Authorities store on external clients manually (or through group policy if there is an external domain), then SSL certificate warning would be gone.
We could of course rename the .local domain to a .edu domain which would permit us to use our wildcard certificate but that is a major undertaking that we don't want to cross at the moment.
Yes, renaming domain is not recommended due to its complexity.
If we setup a second domain on campus that is not a .local. Join the non internet facing RDS systems to this new domain that would have a SSL cert that was trusted and then setup a full trust relationship between
the two domains such that users and systems in one domain could communicate with the systems in the other domain would that remove the certificate warnings for external users?
If you are setting up a new domain with two way trust, then root CA certificate of the internal CA still needs to be distributed manually (or through group policy). If you are setting up a child domain, then enterprise CA would be trusted within the same
forest.
As long as there are enough external users and devices to manage, an external private network exists and extra domain management tasks are acceptable, then setting up a new domain is a good choice since domain provides secure boundary.
Or, you could just create a new site from the other network location, which saves you from creating a new domain, new users and trust.
Best Regards,
Amy
Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Maybe you are looking for
-
Updating T'code ME23N using BAPI's
Dear All, I am updating T'code ME23N using BAPI " BAPI_PO_CHANGE". First i m tried in SE37 there its not updating it giving error like " PO could not be changed using the Enjoy-BAPI" for this i m trying in 4.6c. Here i have to update only two chec
-
Hello, At work we need to scan hundreds of old forms and store the data in the fields onto new forms. Doing this by hand would be very time consuming. How could I go about using Acrobat's OCR to pull the data from the respective fields, and dump it i
-
Problem with restore win8 after change hardware. (GT70 0ND-492US)
Hi everyone! I have de notebook model GT70 0ND-492US this came with one msata ssd with 128gb and i add other the same model for use super raid, that came with win8, but i make the downgrade to win7. But now i cant make the recovery to win8 with ori
-
Editing/creating a custom dictionary
I have some custom dictionaries in my Apple Dictionary application. I'm looking for a way to edit them (change font colors, line spaces, etc.), but I don't fin any program that can edit dictionaries or let me even create one myself. Any ideas?
-
Retrieving files from Mac on Ext HD (from Time Machine) on PC
I bought an external HD (Maxtor OneTouch4) and out of the box connected it to my MacBook and used Time Machine to backup my machine. I would like to access files from the hard drive on a PC machine (Windows XP) but Windows does not recognize the hard