On 08/02/2010 02:17 AM, Goutam Baul wrote:
We are using courier authlib for authenticating our users. User details
are stored in Active Directory (Windows Server 2008). The base DN of
Active Directory is dc=tibs,dc=edu,dc=in
...
But when we are doing courier authentication by using the command
authtest we get "Authentication FAILED: Input/output error"
Check the authdaemon logs for an error that looks like:
emailmap: %d entries returned from search %s (but we need exactly 1)
If you search the top level of an AD LDAP tree, you'll get referrals.
Courier probably needs to be patched to deal with AD. You can try the
patch I've attached. I haven't tested it. I haven't even tried to
compile it.
--- authldaplib.c.orig 2010-08-12 22:17:53.246186037 -0700
+++ authldaplib.c 2010-08-12 22:22:27.253592841 -0700
@@ -1007,6 +1007,19 @@
ldapconnfailure();
return (-1);
}
+
+ /* Disable referrals entirely if they won't be followed */
+ if (my_ldap.deref == LDAP_DEREF_NEVER &&
+ ldaperror(ldrc = ldap_set_option(my_ldap_fp, LDAP_OPT_REFERRALS,
+ LDAP_OPT_OFF)) != LDAP_SUCCESS)
+ {
+ const char *s=ldap_err2string(ldrc);
+
+ err("ldap_set_option(REFERRALS) failed: %s", s);
+ authldapclose();
+ ldapconnfailure();
+ return (-1);
+ }
#endif
/* Bind to server */
------------------------------------------------------------------------------
This SF.net email is sponsored by
Make an app they can't live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
