------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=568 Summary: ldap lookups seem to require a TLS capable LDAP server Product: Exim Version: 4.63 Platform: Other OS/Version: Linux Status: NEW Severity: bug Priority: high Component: Lookups AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] CC: [email protected] I'm trying to lookup entries in a Lotus Domino LDAP server from an Exim ACL. The query works just fine whith an cli ldap client: root# ldapsearch -H ldap://ladoix -x -b 'o=genomex,c=fr' '(|(cn=o.delemar)(shortname=o.delemar)(uid=o.delemar)([EMAIL PROTECTED]))' dn -LLL dn: CN=Olivier Delemar,OU=DL,OU=Meylan,O=Genomex,C=FR (please note the '-x' option which means "Use simple authentication instead of SASL.") but fails in the acl: 18:37:21 20141 using ACL "acl_check_rcpt" 18:37:21 20141 processing "warn" 18:37:21 20141 expanding: ldap://ladoix/o=genomex,c=fr?uid?sub?(|(cn=${local_part})(shortname=${local_part})(uid=${local_part})([EMAIL PROTECTED])) 18:37:21 20141 result: ldap://ladoix/o=genomex,c=fr?uid?sub?(|(cn=odelmar)(shortname=odelmar)(uid=odelmar)([EMAIL PROTECTED])) 18:37:21 20141 search_open: ldap "NULL" 18:37:21 20141 search_find: file="NULL" 18:37:21 20141 key="ldap://ladoix/o=genomex,c=fr?uid?sub?(|(cn=odelmar)(shortname=odelmar)(uid=odelmar)([EMAIL PROTECTED]))" partial=-1 affix=NULL starflags=0 18:37:21 20141 LRU list: 18:37:21 20141 internal_search_find: file="NULL" 18:37:21 20141 type=ldap key="ldap://ladoix/o=genomex,c=fr?uid?sub?(|(cn=odelmar)(shortname=odelmar)(uid=odelmar)([EMAIL PROTECTED]))" 18:37:21 20141 database lookup required for ldap://ladoix/o=genomex,c=fr?uid?sub?(|(cn=odelmar)(shortname=odelmar)(uid=odelmar)([EMAIL PROTECTED])) 18:37:21 20141 LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=0 dereference=0 referrals=on 18:37:21 20141 perform_ldap_search: ldap URL = "ldap://ladoix/o=genomex,c=fr?uid?sub?(|(cn=odelmar)(shortname=odelmar)(uid=odelmar)([EMAIL PROTECTED]))" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0 18:37:21 20141 after ldap_url_parse: host=ladoix port=389 18:37:21 20141 ldap_initialize with URL ldap://ladoix:389/ 18:37:21 20141 initialized for LDAP (v3) server ladoix:389 18:37:21 20141 LDAP_OPT_X_TLS_TRY set 18:37:21 20141 binding with user=NULL password=NULL 18:37:21 20141 failed to bind the LDAP connection to server ladoix:389 - ldap_bind() returned -1 18:37:21 20141 lookup deferred: failed to bind the LDAP connection to server ladoix:389 - ldap_bind() returned -1 I'm wondering if "LDAP_OPT_X_TLS_TRY set" is not the point. I have another install with an OpenLDAP, SSL capable LDAP server, and my ldap lookups (in router rules) work like a charm. Regards, Olivier Delemar -- Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email -- ## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
