Hello, Phil,
thanks for your reply, too.
My messages to the list are delayed (by moderation as announced) for
hours. So the list does not show up-to-date situation. See last
paragraph and other mails for actual status.
On 07.03.2013 21:24, Phil Pennock wrote:
> On 2013-03-06 at 19:04 +0100, Paul Muster wrote:
>> --> /etc/exim4/conf.d/auth/40_LDAP-auth
>> plain_server:
>> driver = plaintext
>> public_name = PLAIN
>> server_prompts = Username:: : Password::
>> server_condition = ${if and{{ \
>> !eq{}{$auth2} }{ \
>> ldapauth{\
>> user="uid=${quote_ldap_dn:$auth2},ou=Users,dc=BASE" \
>> pass=${quote:$auth3} \
>> ldap://ldap/} }} }
>>
>> "ldap" is my LDAP server and 'telnet ldap 389' on mailserver
>> (192.168.1.4) shows that *there is no packet filter between*:
>
> Which OS? Debian, Ubuntu?
Debian.
> Do you have a kernel security module, such as SELinux loaded, such that
> Exim when started as a daemon is running in a context that denies
> outbound connections on port 389? Eg, <http://wiki.debian.org/SELinux>.
> sestatus? If so, anything in /var/log/messages about a denial?
No, no SELinux and so on.
> Given that error message, things did get far enough to try the
> ldap_bind, so there should have been a connection. What does tcpdump
> show during a test where things fail?
There was no connection. Resolution of "ldap" does not work. Using IP
address or FQDN of LDAP server works. See my mails dated 20:43 hrs. and
21:14hrs. when they appear.
Thanks & greetings,
Paul
