LDAP_USER = cn=_____,dc=mydomain,dc=com
LDAP_BASEDN = dc=mydomain,dc=com
LDAP_PASSWD = _____
AUTH_USER = user=LDAP_USER pass=LDAP_PASSWD \
ldap:///LDAP_BASEDN?uid?sub?(uid=$1)
AUTH_PASSWD = user=LDAP_USER pass=LDAP_PASSWD \
ldap:///LDAP_BASEDN?userPassword?sub?(uid=$1)
cram:
driver = cram_md5
public_name = CRAM-MD5
server_secret = ${if eq{$1}{${lookup ldap \
{AUTH_USER}{$value}fail}} \
{${lookup ldap \
{AUTH_PASSWD}{$value}fail}}fail}
server_set_id = $1
This setup had been working for 2 days straight, then suddenly, won't work
anymore, out of the blue, and I don't get why.
Snips from the logs below, show it's getting the proper returns back though:
search_open: ldap "NULL"
search_find: file="NULL"
key="user=cn=____,dc=mydomain,dc=com pass=_____
ldap:///dc=mydomain,dc=com?uid?sub?(uid=$_username_)" partial=-1
LRU list:
internal_search_find: file="NULL"
type=ldap key="user=cn=_____,dc=mydomain,dc=com pass=_____
ldap:///dc=mydomain,dc=com?uid?sub?(uid=$_username_)"
database lookup required for user=cn=_____,dc=mydomain,dc=com pass=_____
ldap:///dc=mydomain,dc=com?uid?sub?(uid=$_username_)
LDAP parameters: user=cn=_____,dc=mydomain,dc=com pass=_____ size=0 time=0
perform_ldap_search: ldap URL
="ldap:///dc=mydomain,dc=com?uid?sub?(uid=$_username_)" server=NULL port=0
sizelimit=0 timelimit=0
Initialized connection with LDAP server NULL:389
LDAP_OPT_X_TLS_TRY set
Binding with user=cn=_____,dc=mydomain,dc=com password=_____
Start search
ldap_result loop
LDAP entry loop
LDAP attr loop uid:$_username_
search ended by ldap_result yielding 101
LDAP search: returning: $_username_
lookup yielded: $_username_
search_open: ldap "NULL"
cached open
search_find: file="NULL"
key="user=cn=_____,dc=mydomain,dc=com pass=_____
ldap:///dc=mydomain,dc=com?userPassword?sub?(uid=$_username_)" partial=-1
LRU list:
internal_search_find: file="NULL"
type=ldap key="user=cn=_____,dc=mydomain,dc=com pass=_____
ldap:///dc=mydomain,dc=com?userPassword?sub?(uid=$_username_)"
database lookup required for user=cn=_____,dc=mydomain,dc=com pass=_____
ldap:///dc=mydomain,dc=com?userPassword?sub?(uid=$_username_)
LDAP parameters: user=cn=_____,dc=mydomain,dc=com pass=_____ size=0 time=0
perform_ldap_search: ldap URL
="ldap:///dc=mydomain,dc=com?userPassword?sub?(uid=$_username_)" server=NULL
port=0 sizelimit=0 timelimit=0
Re-using cached connection to LDAP server NULL:389
Start search
ldap_result loop
LDAP entry loop
LDAP attr loop userPassword:$_password_
search ended by ldap_result yielding 101
LDAP search: returning: $_password_
lookup yielded: $_password_
SMTP>> 535 Incorrect authentication data
tls_do_write(80e18b8, 35)
SSL_write(SSL, 80e18b8, 35)
outbytes=35 error=0
LOG: MAIN REJECT
Authentication failed for ginseng.mydomain.com [192.168.1.10] ($_username_):
535 Incorrect authentication data (set_id=$_username_)
Calling SSL_read(8102520, 81175f8, 4096)
SMTP<< QUIT
SMTP>> 221 mail.mydomain.com closing connection
tls_do_write(80e18b8, 43)
SSL_write(SSL, 80e18b8, 43)
outbytes=43 error=0
tls_close(): shutting down SSL
SSL info: SSL negotiation finished successfully
LOG: smtp_connection MAIN
SMTP connection from ginseng.mydomain.com [192.168.1.10] closed by QUIT
search_tidyup called
unbind LDAP connection to NULL:389
child 22342 ended: status=0x0
0 SMTP accept processes now running
Listening...
Replacing $_username_ with the valid username, and $_password_ with the
cleartext password.
Eric Renfro