Hi, check that your /var/qmail/control/qmail-smtpd.rules have something like
:allow,SMTPAUTH="" On Fri, Mar 30, 2012 at 12:10 AM, Bob Miller <b...@computerisms.ca> wrote: > greetings > > I have been trying to get qmail-ldap to work with samba4's Active > Directory implementation. It seems that all parts are working with the > exception of smtpauth. > > WHAT WORKS: When I send a mail to the system, it successfully verifies > if a user exists and denies if the user doesn't exist. qmail-ldaplookup > -m/-u both run without error and report what I would expect to see. > When I set samba4 into a debug mode, I can see the ldb query coming > through in the logs. In fairness, those logs do not report success or > failure of the lookup, or the values returned, but the fact that things > work indicate the ldap communication to samba4 was a success. I also > take these successes to mean my ~controls/ldap* files are set up > correctly. I can also use ldbsearch to verify my user/pass info is > correct. > > SMTPAUTH: I have compiled with TLS and enabled SMTPAUTH="TLSREQUIRED", I > can verify the encryption is working because when I rename the cert, I > get an error in qmail's logs when it is not working (presumably thanks > to TLSDEBUG). I gather from what I have read that that is all I need to > do. There were mentions in the life with qmail-ldap that some extra > arguments are required in the run script, but I found some mailing list > post that says that is not required. > > BROKEN:When I try to send a authenticated mail using thunderbird, I see > the following in qmail logs: > > auth login > authentication failed: authentication failure > > However, the samba4 logs continue to indicate a valid search query is > being made. When I base64-encode my user/pass and use telnet to test > the smtp connection, I get the exact same symptoms as using thunderbird; > the samba4 logs indicate a good search string and the qmail logs say > authentication failure. > > TRIED: I have scoured the mailing lists, there are those who say active > directory works out of the box just by modifying qmail-ldap.h, there are > those who say you need to modify qldap.c and/or qmail-ldaplookup.c in > order to account for userAccountControl. Over the last days, I have > tried any patches/suggestions that could apply to samba4 (as opposed to > windows server), but not one of them has solved this problem. > > In the interest of not making this a novel nobody wants to read, I will > leave out the remaining details on what I have done and which articles I > have referenced, but I can make that info available. > > If anyone can get me pointed in the right direction, I would truly > appreciate it... > > -- > Bob Miller > 867-334-7117 / 867-633-3760 > http://computerisms.ca > b...@computerisms.ca > Network, Internet, Server, > and Open Source Solutions > -- > nbari
