hi !
after an update of courier-authlib from 0.58 to 0.59, ldap authentication
doesn't seem to work anymore (authtest / maildrop / ...).
the system is based on fedora core 2, with openldap 2.1.29-1 ; we use both
userdb and ldap authentication (we're slowly migrating from userdb to ldap)
; we use our own ldap schema.
courier-authlib is from a custom made rpm, but exactly the same environment
is used to build both 0.58 and 0.59 versions ; no configuration changes have
been made. the system is a i686 (p4) with a 2.6.9-42.0.2.EL centos/rhel4
kernel
with 0.58, a debug trace for the user [EMAIL PROTECTED] (who is only in ldap)
shows :
authuserdb: trying this module
userdb: looking up '[EMAIL PROTECTED]'
userdb: entry not found
authuserdb: REJECT - try next module
authldap: trying this module
using search filter: [stripped a long search filter here]
one entry returned, DN: uid=yoyo,ou=Users,dc=acme,dc=com
authldaplib: sysusername=<null>, sysuserid=501, sysgroupid=501,
homedir=/home/vmail/acme.com/yoyo, [EMAIL PROTECTED], fullname=Yoyo,
maildir=/home/vmail/acme.com/yoyo, quota=<null>, options=<null>
Authenticated: sysusername=<null>, sysuserid=501, sysgroupid=501,
homedir=/home/vmail/acme.com/yoyo, [EMAIL PROTECTED], fullname=Yoyo,
maildir=/home/vmail/acme.com/yoyo, quota=<null>, options=<null>
while with 0.59:
received userid lookup request: [EMAIL PROTECTED]
authuserdb: trying this module
userdb: looking up '[EMAIL PROTECTED]'
userdb: entry not found
authuserdb: REJECT - try next module
authldap: trying this module
selected ldap protocol version 3
binding to LDAP server as DN '<null>'
stopping authdaemond children
restarting authdaemond children
modules="authuserdb authldap", daemons=5
Uninstalling authuserdb
Uninstalling authldap
Installing libauthuserdb
Installing libauthldap
Installation complete: authldap
relevant configuration files:
$ grep -v '^\(#\|$\)' authdaemonrc
authmodulelist="authuserdb authldap"
authmodulelistorig="authuserdb authpam authpgsql authldap authmysql
authcustom authpipe"
daemons=5
authdaemonvar=/var/spool/authdaemon
DEBUG_LOGIN=1
DEFAULTOPTIONS=""
LOGGEROPTS="-name=authlib -facility=local1"
LDAPTLS_CACERT=/etc/obs/certs/obs-cacert.pem
LDAPTLS_REQCERT=demand
$ grep -v '^\(#\|$\)' authldaprc
LDAP_URI ldaps://svc-ldap-01.acme.com, ldaps://svc-
ldap-02.acme.com
LDAP_PROTOCOL_VERSION 3
LDAP_BASEDN dc=acme,dc=com
LDAP_TIMEOUT 5
LDAP_AUTHBIND 1
LDAP_MAIL mail
LDAP_FILTER [a_long_ldap_filter_here]
LDAP_DOMAIN acme.com
LDAP_GLOB_UID 501
LDAP_GLOB_GID 501
LDAP_HOMEDIR obsMailDirectory
LDAP_MAILDIR obsMailDirectory
LDAP_DEFAULTDELIVERY defaultDelivery
LDAP_FULLNAME cn
LDAP_DEREF never
LDAP_TLS 0
any clue ?
there's no problem doing more tests - it's just that until now courier
updates worked seamlessly, so we don't have a test environment - just
upgrading the packages on the production server at night, so it may take
some time to provide more debug / do more tests
anyway, thanks for a great software !
ivan
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
