On Fri, Sep 03, 2010 at 04:07:13PM -0500, Seann wrote: >> Enable LDAP debugging to see more logging. The OpenLDAP library will >> return this error when the peer certificate CommonName does not match >> the hostname you specify, but there could be other errors. >> >>> When I use the LDAPS URI, I get this: >>> >>> Sep 2 09:46:55 server postfix/postmap[4659]: warning: dict_ldap_connect: >>> Unable to bind to server ldaps://AD.domain.net:636 as CN=admin,CN=Users, >>> DC=domain,DC=net: -1 (Can't contact LDAP server) >> Is anyone home on port 636? Does "openssl s_client" work? >> > Yes, there is a listener on 636, as I use it for other LDAPS queries. I > haven't a clue how to turn on debuging for LDAP, is it the same flags as > the main postfix system debugging?
http://www.postfix.org/ldap_table.5.html describes the "debuglevel" parameter. The value "2" seems to be a useful level of LDAP verbosity. -- Viktor.
