Re: Postfix, SASL and LDAPDB

Wed, 19 May 2010 16:35:41 -0700 

On Thu, May 20, 2010 at 12:23:46AM +0200, Julien Vehent wrote:

> On Wed, 19 May 2010 14:36:24 -0400, Victor Duchovni
> <victor.ducho...@morganstanley.com> wrote:
> > 
> > This looks different from my recollection of the the smtpd.conf you
> > posted, you may want to make sure that the "sasl_ldapdb_id" and
> > passwords are the same, and I don't know what "auto_transition"
> > does, but it may be pertinent also.
> 
> I tried the following 'smtpd.conf':
> 
> ----
> # cat smtpd.conf
> pwcheck_method: auxprop
> auxprop_plugin: ldapdb
> mech_list: DIGEST-MD5 PLAIN LOGIN
> sasl_ldapdb_uri: ldap://localhost
> sasl_ldapdb_id: postfix
> sasl_ldapdb_pw: f4oi6u87j687qzer613bv867zq43o
> sasl_ldapdb_mech: DIGEST-MD5
> ----

Why did you change "cyrus" to "postfix"? Does this "postfix"
user have the same rights as "cyrus" to do proxy authentication?

> 
> auth plain xxxXXXXXxxxxxXXXXX
> May 20 00:11:07 samchiel postfix/smtpd[25547]: xsasl_cyrus_server_first:
> sasl_method plain, init_response xxxXXXXXxxxxxXXXXX
> May 20 00:11:07 samchiel postfix/smtpd[25547]: xsasl_cyrus_server_first:
> decoded initial response
> May 20 00:11:07 samchiel postfix/smtpd[25547]: SASL authentication debug:
> could not find auxprop plugin, was searching for 'ldapdb'
> May 20 00:11:07 samchiel postfix/smtpd[25547]: SASL authentication debug:
> could not find auxprop plugin, was searching for 'ldapdb'

Is your SMTP server chrooted? Have you configured a non-default
Cyrus plugin search path?

> Once again, I checked all my packages, and I think I have everything
> installed. Particularly 'ldapdb' for sasl2:
> 
> ----
> # ls -l /usr/lib/sasl2/ |grep ldapdb
> -rw-r--r-- 1 root root 13748 Dec 29 01:10 libldapdb.a
> -rw-r--r-- 1 root root   976 Dec 29 01:10 libldapdb.la
> lrwxrwxrwx 1 root root    19 May 10 12:18 libldapdb.so ->
> libldapdb.so.2.0.23
> lrwxrwxrwx 1 root root    19 May 10 12:18 libldapdb.so.2 ->
> libldapdb.so.2.0.23
> -rw-r--r-- 1 root root 14556 Dec 29 01:10 libldapdb.so.2.0.23

Well, the SMTP server may be chrooted, or may be looking outside
/usr/lib/sasl2.

-- 
        Viktor.

P.S. Morgan Stanley is looking for a New York City based, Senior Unix
system/email administrator to architect and sustain our perimeter email
environment.  If you are interested, please drop me a note.

Reply via email to