[exim-dev] [Bug 568] ldap lookups seem to require a TLS capa…

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Philip Hazel
Dátum:  
Címzett: exim-dev
Tárgy: [exim-dev] [Bug 568] ldap lookups seem to require a TLS capable LDAP server
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=568




--- Comment #2 from Philip Hazel <ph10@???> 2007-07-26 17:03:37 ---
On Wed, 25 Jul 2007, Olivier Delemar wrote:

> The query works just fine whith an cli ldap client:
>
> root# ldapsearch -H ldap://ladoix -x -b 'o=genomex,c=fr'
> '(|(cn=o.delemar)(shortname=o.delemar)(uid=o.delemar)(mail=o.delemar@???))'
> dn -LLL
> dn: CN=Olivier Delemar,OU=DL,OU=Meylan,O=Genomex,C=FR
>
> (please note the '-x' option which means "Use simple authentication instead of
> SASL.")
>
> but fails in the acl:


> 18:37:21 20141 LDAP_OPT_X_TLS_TRY set
> 18:37:21 20141 binding with user=NULL password=NULL
> 18:37:21 20141 failed to bind the LDAP connection to server ladoix:389 -
> ldap_bind() returned -1
> 18:37:21 20141 lookup deferred: failed to bind the LDAP connection to server
> ladoix:389 - ldap_bind() returned -1
>
> I'm wondering if "LDAP_OPT_X_TLS_TRY set" is not the point.
>
> I have another install with an OpenLDAP, SSL capable LDAP server, and my ldap
> lookups (in router rules) work like a charm.


I am not an LDAP expert. However, I run very simple tests on a very
simple LDAP server without using TLS, and they seem to work. It might be
worth posting this problem to the exim-users list so that some LDAP
experts can comment.

Philip


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email