Hi Jason, Seems that the server is being found as shown in snippet below.
>> Dec 13 11:53:30 server slapd[2030]: conn=1000 fd=11 closed (TLS >> negotiation failure) Best Regards Martin On 2013-01-06 13:57, Jason Johnson wrote: > Hi Martin > > No, I haven't managed to. No problem about the delay, I was just > concerned that my mails weren't actually reaching the list. > > My LDAP server is set up to only run ldaps, which seems to only > listen > on 636. When I check netstat I don't see anything listening on the > normal ldap port. And to be safe, I tried leaving out the port > configuration from my DSPAM config and then the error is that no ldap > server was found. > > On Wed, Jan 2, 2013 at 10:14 AM, Martin Wheldon > <martin.whel...@greenhills-it.co.uk [12]> wrote: > >> Hi Jason, >> >> Have you managed to get this working if not. You seem to be asking >> DSPAM to attempt a StartTLS connection on the SSL port 636. Usually >> you >> would use StartTLS on the standard ldap port. >> >> Sorry about the delay replying, holidays and all that. >> >> Best Regards >> >> Martin Wheldon >> >> On 2012-12-21 16:31, Jason wrote: >> > So no one is running dspam on Debian squeeze with LDAP user >> lookups? >> > >> > Sent from my iPhone >> > >> > On Dec 13, 2012, at 12:11 PM, Jason Johnson >> >>> <jason.johnson....@gmail.com [1] [4]> wrote: >> > >> >> Ok, I checked the link. On debian the ldap.conf file is >> /etc/ldap >> >> and all programs in the system seem to understand this some how >> (I >> >> haven't yet found where this is being set and I don't see >> LDAPCONF >> >> being set). But just in case, I made a symlink in /usr/local/etc >> for >> >> openldap in case dspam was still using that somehow. Still >> nothing. >> >> I've tried everything I can think of and all I get from the log >> >> files is: >> >> >> >> Dec 13 11:53:30 server slapd[2030]: conn=1000 fd=11 closed (TLS >> >> negotiation failure) >> >> Dec 13 11:53:30 server dspam[1977]: External Lookup: Backend >> >> initialization failure: Can't contact LDAP server >> >> >> >> This is all I've ever gotten so I can't even tell if it's using >> the >> >> certificates or what. >> >> >> >> My dspam.d/extlookup.conf is: >> >> >> >> ExtLookup on # Turns on/off external lookup >> >> ExtLookupMode strict # available modes are 'verify', 'map' and >> >> 'strict'. >> >> # 'strict' enforces both verify and map >> >> ExtLookupDriver ldap # Currently only ldap and program are >> >> supported. >> >> # There are plans to support both MySQL and Postgres. >> >> ExtLookupServer localhost # Can either be a database hostname or >> >> the full path to >> >> # an executable lookup program and its arguments. >> >> ExtLookupPort 636 # Desired port when connecting to the lookup >> >> database. >> >> ExtLookupDB "ou=people,dc=myserver,dc=com" # Can either be an >> LDAP >> >> search base or a database name (TODO). >> >> ExtLookupQuery "(&(objectClass=posixAccount)(uid=%u))" # Can >> either >> >> be an LDAP search filter or an SQL query (TODO) >> >> ExtLookupLDAPAttribute "uid" # Attribute to be used when >> >> ExtLookupDriver is 'ldap' >> >> # and ExtLookupMode 'map' or 'strict' >> >> ExtLookupLDAPScope sub # Can be set to 'base', 'sub' or 'one'. >> Only >> >> used when ExtLookupDriver is 'ldap'. >> >> ExtLookupLDAPVersion 3 # Sets the LDAP protocol version (1, 2 or >> 3) >> >> ExtLookupLogin "cn=myuser,ou=administrators,dc=myserver,dc=com" >> # >> >> Login to be used when connecting to any direct database backend. >> >> ExtLookupPassword "mypassword" # Password to use with >> >> ExtLookupLogin. >> >> ExtLookupCryptox tls # Sets the use of TLS on backend >> communication >> >> (only compatible with LDAPv3) >> >> >> >> Has anyone gotten this working on Debian Squeeze? >> >> >> >> Sincerely >> >> Jason >> >> >> >> On Mon, Nov 26, 2012 at 8:31 PM, Quanah Gibson-Mount >> >>>> <qua...@zimbra.com [2] [3]> wrote: >> >> >> >>> --On Saturday, November 24, 2012 1:51 PM +0100 Jason Johnson >> >>>>> <jason.johnson....@gmail.com [3] [1]> wrote: >> >>> >> >>>> I assume the problem is that the LDAP library isn't finding >> >>>> where the >> >>>> certs are. Is there any way for me to tell it? >> >>> >> >>> >> >> >> > >> > >> > > <http://www.openldap.org/software/man.cgi?query=ldap.conf&apropos=0&sektion=0&manpath=OpenLDAP+2.4-Release&format=html >> [4] >> >>> [2]> >> >>>>> >> >>> --Quanah >> >>> >> >>> -- >> >>> >> >>> Quanah Gibson-Mount >> >>> Sr. Member of Technical Staff >> >>> Zimbra, Inc >> >>> A Division of VMware, Inc. >> >>> -------------------- >> >>> Zimbra :: the leader in open source messaging and collaboration >> > >> > >> > Links: >> > ------ >> > [1] mailto:jason.johnson....@gmail.com [5] >> > [2] >> > >> > >> > > http://www.openldap.org/software/man.cgi?query=ldap.conf&apropos=0&sektion=0&manpath=OpenLDAP+2.4-Release&format=html >> [6] >> > [3] mailto:qua...@zimbra.com [7] >> > [4] mailto:jason.johnson....@gmail.com [8] >> >> > > ------------------------------------------------------------------------------ >> Master Java SE, Java EE, Eclipse, Spring, Hibernate, JavaScript, >> jQuery >> and much more. Keep your Java skills current with LearnJavaNow - >> 200+ hours of step-by-step video tutorials by Java experts. >> SALE $49.99 this month only -- learn more at: >> http://p.sf.net/sfu/learnmore_122612 [9] >> _______________________________________________ >> Dspam-user mailing list >> Dspam-user@lists.sourceforge.net [10] >> https://lists.sourceforge.net/lists/listinfo/dspam-user [11] > > !DSPAM:9,50e97c2633231193159094! > > Links: > ------ > [1] mailto:jason.johnson....@gmail.com > [2] mailto:qua...@zimbra.com > [3] mailto:jason.johnson....@gmail.com > [4] > > http://www.openldap.org/software/man.cgi?query=ldap.conf&apropos=0&sektion=0&manpath=OpenLDAP+2.4-Release&format=html > [5] mailto:jason.johnson....@gmail.com > [6] > > http://www.openldap.org/software/man.cgi?query=ldap.conf&amp;apropos=0&amp;sektion=0&amp;manpath=OpenLDAP+2.4-Release&amp;format=html > [7] mailto:qua...@zimbra.com > [8] mailto:jason.johnson....@gmail.com > [9] http://p.sf.net/sfu/learnmore_122612 > [10] mailto:Dspam-user@lists.sourceforge.net > [11] https://lists.sourceforge.net/lists/listinfo/dspam-user > [12] mailto:martin.whel...@greenhills-it.co.uk ------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. SALE $99.99 this month only -- learn more at: http://p.sf.net/sfu/learnmore_122412 _______________________________________________ Dspam-user mailing list Dspam-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspam-user
