Re: [exim] LDAP for SMTP auth not working

Góra strony
Delete this message
Reply to this message
Autor: Paul Muster
Data:  
Dla: exim-users
Temat: Re: [exim] LDAP for SMTP auth not working
Hello, Phil,

thanks for your reply, too.

My messages to the list are delayed (by moderation as announced) for
hours. So the list does not show up-to-date situation. See last
paragraph and other mails for actual status.

On 07.03.2013 21:24, Phil Pennock wrote:
> On 2013-03-06 at 19:04 +0100, Paul Muster wrote:
>> --> /etc/exim4/conf.d/auth/40_LDAP-auth
>> plain_server:
>>   driver = plaintext
>>   public_name = PLAIN
>>   server_prompts = Username:: : Password::
>>   server_condition = ${if and{{ \
>>     !eq{}{$auth2} }{ \
>>     ldapauth{\
>>       user="uid=${quote_ldap_dn:$auth2},ou=Users,dc=BASE" \
>>       pass=${quote:$auth3} \
>>       ldap://ldap/} }} }

>>
>> "ldap" is my LDAP server and 'telnet ldap 389' on mailserver
>> (192.168.1.4) shows that *there is no packet filter between*:
>
> Which OS? Debian, Ubuntu?


Debian.

> Do you have a kernel security module, such as SELinux loaded, such that
> Exim when started as a daemon is running in a context that denies
> outbound connections on port 389? Eg, <http://wiki.debian.org/SELinux>.
> sestatus? If so, anything in /var/log/messages about a denial?


No, no SELinux and so on.

> Given that error message, things did get far enough to try the
> ldap_bind, so there should have been a connection. What does tcpdump
> show during a test where things fail?


There was no connection. Resolution of "ldap" does not work. Using IP
address or FQDN of LDAP server works. See my mails dated 20:43 hrs. and
21:14hrs. when they appear.


Thanks & greetings,

Paul