[Emerald] Re: Help with virtual domains and Emerald

Dale E. Reed Jr. ( (no email) )
Thu, 01 Apr 1999 13:24:28 -0800

DAN TANG wrote:
>
> We are using mailsite 3.2.0 , but we do not use Emerald dll, we use generic
> database mailbox.

With Emerald and Mailsite you do NOT use the Emerald Authentication
DLL. Mailsite has support out of the box for Emerald.

> In Emerald Database we create a view as following:
> Create View MailSite
> AS
> select substring(email,1,charindex('@',email)-1) as MailBox,
> s.FirstName as FullName,
> Password,
>
> substring(email,charindex('@',email)+1,datalength(email)-charindex('@',email
> )) as Domain
> from subaccounts s, masteraccounts m
> where s.CustomerID=m.CustomerID
> and DateAdd(dd,m.Extension,maExpireDate)>= getdate()

Emerald 2.5 comes with all the stored procedures needed to do this.
In Mailsite, when configuring the Database connector, select "Emerald
Radius Database" and not the generic setup. You also have to configure
an External system in Emerald (use the generic export) and then
associate services to that External System. Lastly, make sure you
use that External System ID when configuring the DB interface in
the Mailsite console.

> The reason we are doing:
> Firstly is the simplicity on the operators, since he/she only need to fill
> in the email address on SubAccounts.

By Default the operators do not even need to do that? The Email
addresses are defaulted via the domain/group configuration.

> Secondly is for performance reason. You can see the SQL statement only open
> 2 tables, and under SQL 6.5, the view is compiled instead of store
> procedure only be parsed, so everytime you pass new paremeter, the procedure
> has to be recompiled and reload to memory. Think about you have a busy mail
> server and you need to recompile and reload the store procedure to the
> memory :-(. (At moment we have 120 ports, and run RADIUS/EMERALD on
> Pentium 166Mhz, 128MB RAM, 4GB IBM 5400rpm WideSCSI hard disk on Windows NT
> Terminal Server, so I could change user at home, pretty daring!)

I think you are mistaken here and don't realy understand how mailsite
works. Mailsite doesn't read the list into memory upon startup. Rather
mailsite executes your SQL Statement, replacing the respective parts
with the user that it wants. Yours might be good for listing all the
users, but it doesn't replace (or work) what you should be using for
Emerald.

> Thirdly, we can have email address different from login name and domain but
> use same password. The client can change the email password through WEB
> console which comes with MailSite and at same time change the dialup
> password. Because the minimum password length in Emerald sometimes is very
> annoying, and we have to take extra time to explain to customer.(Yep, we are
> very mean and lean :-().

You can already do this with Emerald by putting the email field what
you want it to be. There is a noted issue about how to get Emerald
and Mailsite to allow the user to have a different email than the
domain their group is in.

You can change the minimum password length and restrictions in
the Emerald Admin.

> Forthly, it is easier to maintain than use Emerald Authetication DLLs,
> obviously it is less technically involve than use Emerald DLL. And we could
> apply same knowledge to our customers.

As I noted earlier, there IS NO Emerald DLL that you need to use with
Mailsite and not is there anything to maintain?

-- 

Dale E. Reed Jr. Emerald and RadiusNT__________________________________________IEA Software, Inc. www.iea-software.com

For more information about this list, including removal,please see http://www.iea-software.com/maillist.html