Hochstrasser Benedikt wrote:
> Hi all,
>
> I thought it was about time to look into upgrading my trusty exim 3.36
> to 4.32.
> I configured it to use ldap(version2) lookups to check if the user
> exists.
>
> Upon "exim -d -bt someuser@???" I get (amongst other stuff) the
> following error:
>
> LDAP search failed - error 1: Operations error/00000000: LdapErr:
> DSID-0C0905FF, comment: In order to perform this operation a successful
> bind must be completed on the connection., data 0, vece
>
> I tried with openldap-2.2.10 and openldap-2.1.29 (aka stable 20040329),
> with the same result. Exim 3.36 works just fine with either ldap
> library.
>
> Here's the relevant part (routers configuration) of the .conf:
>
> localdomains:
> driver = domainlist
> domains = mydomain1.ch : myotherdomain.ch : mythirddomain.org
> transport = local_smtp
> route_list = mydomain1.ch exchange1:exchange2 byname; \
> myotherdomain.ch exchange1:exchange2 byname; \
> mythirddomain.org exchange1:exchange2 byname
> condition = "${lookup ldap {USER=ldap_query@???
My users don't look like this, but I do put quotes around the user name. Maybe
try USER="ldap_query@???"? If that doesn't work, try putting an LDAP
DN such as USER="cn=ldap_query,dc=mydomain,dc=lan". (You should use the correct
DN for the ldap_query user, of course.)
> PASS=ldap_password \
> ldap:///dc=mydomain,dc=lan?mail?sub? \
> (proxyAddresses=smtp:${quote_ldap:$local_part@$domain})
Splitting the LDAP URL across lines may cause problems. AFAIR spaces are not
legal in URLs. Try using one long line for the URL.
HTH,
John
> \
> } {$value} fail } \
> "
>
> The ldap "target" domain is a Windows 2000 Active Directory. Openldap's
> ldapquery works fine with the credentials above. I promptly get an auth
> error with the .conf when I give eg a wrong password.
>
> As said, Exim 3.36 has no problems here.
>
> With Kind Regards
>
> Benedikt Hochstrasser
> bhoc.nospam@???
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>
>
