Jay Lee skrev:
On Mon, February 27, 2006 11:51 am, Tony Earnshaw wrote:
I'm an OpenLDAP fiend, have been so for 4-5 years. OpenLDAP 2.3.20 delta
syncrepl is the heart of our 5-IBM eSeries-server high-school (1150+ users)
RHAS4/Smooth Wall/LTSP/mail/Samba 2.0.21 network.
I'm using: RHEL4 x86-64, Openldap client libs from RHEL4, Novell
eDirectory 8.6.2 LDAP servers, whitebox hardware. This is a certified WFM
(works for me) configuration :)
I've worked with Courier IMAP/maildrop for 3 years and was one of the
first to adopt and configure LDAP-based authlib on my 2 test rigs, when it
appeared. Both for Courier IMAP and maildrop. Obviously I've proved that I
can configure both for LDAP. authlib worked perfectly on RHAS3.
Other than a minor compile error that Sam quickly fixed when RHEL4 came
out, I've found no compatability issues when moving boxes from RHEL3 to
RHEL4.
As soon as I upgraded both test rigs to RHAS4, Courier authlib compiled
but would not work with LDAP any more. I'd tried for at least 6 months to
get it working. Debug level 2 output to /var/log/maillog indicated that my
authldaprc was incorrectly configured. It did this through standalone
Courier IMAP 3.0.7 to authlib 0.58. Baloney. The Courier
authlib daemon was the only thing on the system that did this, Samba (3.0
all versions), Postfix (2.2 and 2.3), maildrop 1.7.0 etc. all worked
perfectly.
What did it say, what did your authldaprc look like?
My authldaprc is standard, it works on all 3 RHAS4 machines, now that
I've installed the working rpm om them all.
Test rigs are an IBM ThinkPad T23 and a Compaq E700, both notebooks -
e.g. IDE.
Courier could care less as long as the OS presents the filesystem to Courier.
Indeed :)
Last week I installed RHAS4 on an IBM eSeries x256 SCSI RAID5 IBM
ServRaid controller mail/OpenLDAP server. Began on Monday (school
vacation). Courier authlib 0.58 rpms made on my test servers gave the same
errors as above. I tried dovecot (0.99-11 and 1.0.3beta) but ... hmmm ...
dovecot ... doesn't seem to like our virtual LDAP setup :
/home/vmail/group/user/Maildir ... nuff said about dovecot. Postfix 2.3
LDAP worked, maildrop standalone worked, everything worked, just not
authlib LDAP. No, I can't use authlib PAM - doesn't work with our virtual
mailbox LDAP setup with quotas.
What doesn't work, what error do you get with verbose logging?
Doesn't matter any more - as I wrote, if the rpms are compiled on the
one machine and installed on the others, authdaemond/authldap work, not
the other way around.
Friday around 4 pm, in sheer despair (school began again today, Monday)
I built authlib 0.58 (rpm) on the new server, instead of using the rpm
from my test server. Glory be, it worked (authtest, first). Everything
works now. rpms made on the new server work on both my test servers (so I
doubt that this is system-specific, e.g. libraries etc). Courier IMAP
4.0.6 built on one of the test machines works on the new server (but
that has nothing to do with LDAP, of course).
So something changed... now you have the task of finding out what that
something was...
No, thanks. I've been at it for 6 months or more. I simply wanted
comments - thanks for yours, Jay :)
Can any RHAS4 boffin on this list even indicate why Courier authlib rpms
built on one machine work on all machines and those built on another don't
work on any machines? For the record, the new machine was built from RHAS4
update 2 CDROMs and immediately up2dated before any further installs; one
test server is pure RHAS4 original and one is RHAS4 partially up2dated to
update 2. I've bothered the list once before about this (about 6 months
ago), but the only answer I got was from Brian Candler (BSD person, bless
him) and I always had the feeling that this was a Red Hat problem and I
had to solve it on my own.
My personal feeling is that you should generate the RPMS for a box on that
box itself to be 100% the libs/arch/whatnot matches perfectly. Although
RPMs generated on RHEL4u1 or RTM should work on u2,
Ok, agreed, but in my case it's the opposite - rpms built on a freshly
up2dated u2 machine work on the virgin OSs, and those built on the 2 2
others don't work on any of them ...
I wouldn't try it.
You should *never* attempt to use RPMS generated on an older RHEL3 or
Fedora box on RHEL4 or vice versa.
No ...
Sam recommends setting up a identical
test box and generating the RPMS on that since he's old school unix and
doesn't think a production server should ever have a compiler installed on
it (I'm not so sound in my Unix doctrine so I just generate the RPMS on
the production server).
Having said all this, I've had exactly 1 problem between RHEL4 and
Courier, that being fixed by Sam with a quick change in the include files,
this was a few weeks after RHEL4 RTM came out...
Ok, I accept that as a valuable comment, thanks
One other thing to consider: Courier-authlib has switched to using
LDAP_URI in the authldaprc file instead of LDAP_SERVER, are you defining
this?
As I said, my authldaprc works with authlib .58. I not only use
LDAP_URI, I've even found out it can be an ldapi URI (Unix socket).
Short of that, your going to need to post some more details about what
errors your actually getting...
As I wrote, I'm not getting any errors with the rpms that work; those
that don't have identical configs, debugging at level 2 to maillog says
that authldaprc is incorrectly configured - but it's exactly the same as
that with the rpms that do work ...
Best,
--Tonni
--
Tony Earnshaw
Email: [EMAIL PROTECTED]
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
Courier-imap mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
