in the last few day I try to migrate a mail server from Postgresql authentication to ldap, actualy ldap work and postfix accept mail and send mail after verify user and domain against ldap. my problem is courier imap.
when I try with kmail to see my mails the server give me this information:
Codice:
Apr 1 10:32:27 onet001 imapd: Connection, ip=[::ffff:192.168.0.203]
Apr 1 10:32:27 onet001 slapd[9118]: connection_get(13): got connid=226
Apr 1 10:32:27 onet001 slapd[9118]: connection_read(13): checking for input on id=226
Apr 1 10:32:27 onet001 slapd[9118]: connection_read(13): TLS accept error error=-1 id=226, closing
Apr 1 10:32:27 onet001 slapd[9118]: connection_closing: readying conn=226 sd=13 for close
Apr 1 10:32:27 onet001 slapd[9118]: connection_close: conn=226 sd=13
Apr 1 10:32:27 onet001 authdaemond: ldap_simple_bind_s failed: Can't contact LDAP server
Apr 1 10:32:27 onet001 imapd: LOGIN FAILED, [EMAIL PROTECTED], ip=[::ffff:192.168.0.203]
Apr 1 10:32:27 onet001 imapd: authentication error: Input/output error
Apr 1 10:32:31 onet001 pop3d: Connection, ip=[::ffff:192.168.0.203]
Apr 1 10:32:31 onet001 slapd[9118]: connection_get(13): got connid=227
Apr 1 10:32:31 onet001 slapd[9118]: connection_read(13): checking for input on id=227
Apr 1 10:32:31 onet001 slapd[9118]: connection_read(13): TLS accept error error=-1 id=227, closing
Apr 1 10:32:31 onet001 slapd[9118]: connection_closing: readying conn=227 sd=13 for close
Apr 1 10:32:31 onet001 slapd[9118]: connection_close: conn=227 sd=13
Apr 1 10:32:31 onet001 authdaemond: ldap_simple_bind_s failed: Can't contact LDAP server
Apr 1 10:32:31 onet001 pop3d: LOGIN FAILED, user=ronzanid, ip=[::ffff:192.168.0.203]
Apr 1 10:32:31 onet001 pop3d: authentication error: Input/output error
as you can see i try with imap and pop3.
my configuration is the follow:
Codice:
cat /etc/courier/authlib/authdaemonrc | grep -v "#"
authmodulelist="authldap" authmodulelistorig="authuserdb authshadow authldap authcustom" daemons=5 authdaemonvar=/var/lib/courier/authdaemon DEBUG_LOGIN=2 DEFAULTOPTIONS=""
Codice:
cat /etc/courier/authlib/authldaprc | grep -v "#"
LDAP_SERVER ldap01.oword.it
LDAP_PORT 636
LDAP_PROTOCOL_VERSION 3
LDAP_BASEDN cn=MYDOMAIN, cn=it
LDAP_BINDDN cn=ldapadm, dc=MYDOMAIN, dc=it
LDAP_BINDPW MYSECRET in cleattext
LDAP_TIMEOUT 5
LDAP_MAIL uid
LDAP_HOMEDIR homeDirectory
LDAP_MAILDIR mailbox
LDAP_DEFAULTDELIVERY defaultDelivery
LDAP_FULLNAME cn
LDAP_CLEARPW clearPasswor
LDAP_DEREF never
LDAP_TLS 0
Codice:
cat /etc/openldap/slapd.conf | grep -v "#"
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/amavisd-new.schema
include /etc/openldap/schema/authldap.schema
include /etc/openldap/schema/rootit.schema
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
loglevel 1
threads 8
idletimeout 14400
password-hash {md5}
database bdb
suffix "dc=oword,dc=it"
rootdn "cn=ldapadm,dc=oword,dc=it"
rootpw {MD5}6qdo9w8mZi27afAyUL80OQ==
directory /var/lib/openldap-dataTLSCertificateFile /etc/ssl/ldap.pem TLSCertificateKeyFile /etc/openldap/ssl/ldap.pem TLSCACertificateFile /etc/ssl/ldap.pem
cachesize 10000 checkpoint 256 15
access to attrs="userPassword" by dn="uid=root,ou=people,dc=oword,dc=it" write by anonymous auth by self write by * none
access to *
by dn="uid=root,ou=People,dc=oword,dc=it" write
by dn="uid=postfix,ou=People,dc=oword,dc=it" read
by dn="postfix,ou=system,dc=oword,dc=it" read
by * read
My first problem is to understand how to follow the instruction found in the configuration file about the debugging, in the file there is:
Codice:
##NAME: DEBUG_LOGIN:0 # # Dump additional diagnostics to syslog # # DEBUG_LOGIN=0 - turn off debugging # DEBUG_LOGIN=1 - turn on debugging # DEBUG_LOGIN=2 - turn on debugging + log passwords too # # ** YES ** - DEBUG_LOGIN=2 places passwords into syslog. # # Note that most information is sent to syslog at level 'debug', so # you may need to modify your /etc/syslog.conf to be able to see it.
I have Syslog-ng and I think (but i'm not so sure) all information are write to /var/log/message.
Codice:
cat /etc/syslog-ng/syslog-ng.conf | grep -v "#"
options {
long_hostnames(off);
sync(0);stats(43200);
};
source src { unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); };
destination messages { file("/var/log/messages"); };
destination console_all { file("/dev/tty12"); };
log { source(src); destination(messages); };
log { source(src); destination(console_all); };
probably with more logging information the problem will be more clear..... I hope :-)
thanks in advane for any suggestion...
Dario
------------------------------------------------------- This SF.net email is sponsored by Demarc: A global provider of Threat Management Solutions. Download our HomeAdmin security software for free today! http://www.demarc.com/info/Sentarus/hamr30 _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
