Postfix & OpenLDAP
in [Postfix]
|
From: spamvoll on 2 Feb 2010 09:03 hi.. my postfix checks against openldap. postfix first uses the ldap-aliases.cf to check if its a valid user email, that works. then i tried to use the same ldap-aliases.cf for smtpd_sender_login_maps But that doesnt work. I get a: postfix/local[7683]: warning: dict_ldap_connect: Unable to bind to server ldaps://ldap.example.com:636 as cn=postfix server,ou=Server,dc=example,dc=com: -1 (Can't contact LDAP server) [root(a)testmail postfix]# postmap -q myname(a)example.com ldap:/etc/postfix/ldap-aliases.cf myldapuid [root(a)testmail postfix]# postmap -q myname(a)example.com ldap:/etc/postfix/ldap-check_mail.cf myldapuid [root(a)testmail postfix]# postmap -q myname(a)example.com ldap:/etc/postfix/ldap-relay_domains.cf [root(a)testmail postfix]# postmap -q example.com ldap:/etc/postfix/ldap-relay_domains.cf example.com,ex-ample.com any ideas ?
From: Wietse Venema on 2 Feb 2010 09:13 spamvoll(a)googlemail.com: > hi.. > > my postfix checks against openldap. > postfix first uses the ldap-aliases.cf to check if its a valid user > email, that works. > then i tried to use the same ldap-aliases.cf for smtpd_sender_login_maps > > But that doesnt work. > I get a: > postfix/local[7683]: warning: dict_ldap_connect: Unable to bind to > server ldaps://ldap.example.com:636 as cn=postfix > server,ou=Server,dc=example,dc=com: -1 (Can't contact LDAP server) > > [root(a)testmail postfix]# postmap -q myname(a)example.com Don't run the test as root. Wietse
From: Victor Duchovni on 2 Feb 2010 09:29 On Tue, Feb 02, 2010 at 09:13:36AM -0500, Wietse Venema wrote: > spamvoll(a)googlemail.com: > > hi.. > > > > my postfix checks against openldap. > > postfix first uses the ldap-aliases.cf to check if its a valid user > > email, that works. > > then i tried to use the same ldap-aliases.cf for smtpd_sender_login_maps > > > > But that doesnt work. > > I get a: > > postfix/local[7683]: warning: dict_ldap_connect: Unable to bind to > > server ldaps://ldap.example.com:636 as cn=postfix > > server,ou=Server,dc=example,dc=com: -1 (Can't contact LDAP server) > > > > [root(a)testmail postfix]# postmap -q myname(a)example.com > > Don't run the test as root. And, use "proxy:ldap:${config_directory}/ldap-aliases.cf", LDAP servers typically don't like the connection concurrency that results from each smtpd(8) and cleanup(8) using a separate connection. Don't do this, however, with tables that are used by trivial-rewrite, specifically at least: relay_domains mydestination virtual_mailbox_domains virtual_alias_domains transport_maps relocated_maps -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
From: spamvoll on 2 Feb 2010 09:33 thx Wietse trying it as user postfix i get (Can't contact LDAP server) hmm strange 2010/2/2 Wietse Venema <wietse(a)porcupine.org>: >> [root(a)testmail postfix]# postmap -q myname(a)example.com > > Don't run the test as root.
From: Wietse Venema on 2 Feb 2010 09:42 spamvoll(a)googlemail.com: > thx Wietse > > trying it as user postfix i get (Can't contact LDAP server) > > hmm strange You have some incorrect file permission, or some "security" software such as SeLinux or AppArmor is mis-configured. Try: # service selinux stop # service apparmor stop etc. If that is not the problem, try: $ strace -o tempfile postmap ... and look for EACCES etc. errors in the strace output. etc. Wietse
|
Next
|
Last
Pages: 1 2 Prev: suitable webmail Next: Whitelist: ~user/.postfix_whitelist; chmod 600.postfix_whitelist? |