[Postfixbuch-users] Das beliebte Thema SASL und LDAP
spamvoll at googlemail.com
spamvoll at googlemail.com
Mi Jan 27 17:44:12 CET 2010
habs jetzt auch in die Flags eingetragen. aber immernoch.
Erstellen der Datei bringt natürlich auch nix.
Jan 27 16:39:48 testmail postfix/smtpd[2814]: setting up TLS
connection from unknown[x.x.x.x]
Jan 27 16:39:48 testmail postfix/smtpd[2814]: TLS connection
established from unknown[x.x.x.x]: SSLv3 with cipher
DHE-RSA-AES256-SHA (256/256 bits)
Jan 27 16:39:48 testmail postfix/smtpd[2814]: warning: SASL
authentication problem: unable to open Berkeley db /etc/sasldb2: Bad
file descriptor
Jan 27 16:39:48 testmail postfix/smtpd[2814]: warning: SASL
authentication problem: unable to open Berkeley db /etc/sasldb2: Bad
file descriptor
Jan 27 16:39:48 testmail postfix/smtpd[2814]: warning: SASL
authentication failure: Password verification failed
mit ner echten DB:
Jan 27 16:41:13 testmail postfix/smtpd[2883]: setting up TLS
connection from unknown[x.x.x.x]
Jan 27 16:41:13 testmail postfix/smtpd[2883]: TLS connection
established from unknown[x.x.x.x]: SSLv3 with cipher
DHE-RSA-AES256-SHA (256/256 bits)
Jan 27 16:41:14 testmail postfix/smtpd[2883]: warning: SASL
authentication failure: Password verification failed
er checkt also nach wie vor lokal und nicht im ldap
2010/1/27 <spamvoll at googlemail.com>:
> hi..
>
> Laut Manpage:
> /etc/saslauthd.conf The default configuration file for ldap support.
>
> hab den sasl per hand grad mal mit -O gestartet
> root 2656 0.0 0.1 5592 428 ? S 16:37 0:00
> saslauthd -m /var/run/saslauthd -a ldap -O /etc/saslauthd.conf
>
> brachte keine Besserung..
> er will immernoch /etc/sasldb2
>
>
> 2010/1/27 Patrick Ben Koetter <p at state-of-mind.de>:
>> QUATSCH!
>>
>> Die Option muss in /etc/sysconfig/saslauthd rein!
>>
>> p at rick
>>
>>
>> * Patrick Ben Koetter <postfixbuch-users at listen.jpberlin.de>:
>>>
>>>
>>> Am 27.01.2010 16:44, schrieb spamvoll at googlemail.com:
>>> > moin moin :)
>>> >
>>> > OS: Centos EL5
>>> >
>>> > Beim Versand von mails sollen sich meine user per ldap authen, was
>>> > aber nicht klappt.
>>> > In der Log steht:
>>> > Jan 27 16:21:14 testmail postfix/smtpd[2425]: warning: SASL
>>> > authentication problem: unable to open Berkeley db /etc/sasldb2: No
>>> > such file or directory
>>> >
>>> > Der soll aber nicht lokal checken sondern eben gegen nen LDAP, was ich
>>> > eigendlich auch geconft habe (dachte ich):
>>> >
>>> > cat /usr/lib/sasl2/smtpd.conf
>>> > pwcheck_method: saslauthd
>>> >
>>> > cat /etc/sysconfig/saslauthd
>>> > # Directory in which to place saslauthd's listening socket, pid file, and so
>>> > # on. This directory must already exist.
>>> > SOCKETDIR=/var/run/saslauthd
>>> >
>>> > # Mechanism to use when checking passwords. Run "saslauthd -v" to get a list
>>> > # of which mechanism your installation was compiled with the ablity to use.
>>> > MECH=ldap
>>> >
>>> > cat /etc/saslauthd.conf
>>> > ldap_server: ldap://ldap.example.com
>>> > ldap_auth_method: custom
>>> > ldap_bind_dn: cn=postfix server,ou=people,ou=Server,dc=example,dc=com
>>> > ldap_bind_pw: **geheim**
>>> > ldap_search_base: dc=example,dc=com
>>> > ldap_filter: uid=%u
>>> > ldap_version: 3
>>> > ldap_use_sasl=yes
>>> > ldap_tls_cacert_file = /etc/pki/tls/certs/ca-cert.pem
>>> > ldap_tls_cert = /etc/pki/tls/certs/xxx.cert
>>> > ldap_tls_key = /etc/pki/tls/private/xxx.key
>>> >
>>> >
>>> > Hat da jemand eine Idee warum er nicht im ldap nachfragt ?
>>>
>>>
>>> in /usr/lib/sasl2/smtpd.conf unter optionen angeben:
>>>
>>> "-O /etc/saslauthd.conf"
>>>
>>> p@
>>>
>>>
>>>
>>> > --
>>> > _______________________________________________
>>> > Postfixbuch-users -- http://www.postfixbuch.de
>>> > Heinlein Professional Linux Support GmbH
>>> >
>>> > Postfixbuch-users at listen.jpberlin.de
>>> > https://listi.jpberlin.de/mailman/listinfo/postfixbuch-users
>>>
>>> --
>>> state of mind
>>> Digitale Kommunikation
>>>
>>> http://www.state-of-mind.de
>>>
>>> Franziskanerstraße 15 Telefon +49 89 3090 4664
>>> 81669 München Telefax +49 89 3090 4666
>>>
>>> Amtsgericht München Partnerschaftsregister PR 563
>>
>>> begin:vcard
>>> fn:Patrick Ben Koetter
>>> n:Koetter;Patrick Ben
>>> org;quoted-printable:state of mind;Gesch=C3=A4ftsf=C3=BChrung
>>> adr;quoted-printable:;;Franziskanerstrasse 15;M=C3=BCnchen;Bayern;81669;Deutschland
>>> email;internet:p at state-of-mind.de
>>> tel;work:+49 89 3090 4664
>>> tel;fax:+49 89 3090 4666
>>> tel;cell:+49 176 6 227 227 7
>>> x-mozilla-html:FALSE
>>> url:www.state-of-mind.de
>>> version:2.1
>>> end:vcard
>>>
>>
>>
>>
>>
>>> --
>>> _______________________________________________
>>> Postfixbuch-users -- http://www.postfixbuch.de
>>> Heinlein Professional Linux Support GmbH
>>>
>>> Postfixbuch-users at listen.jpberlin.de
>>> https://listi.jpberlin.de/mailman/listinfo/postfixbuch-users
>>
>> --
>> _______________________________________________
>> Postfixbuch-users -- http://www.postfixbuch.de
>> Heinlein Professional Linux Support GmbH
>>
>> Postfixbuch-users at listen.jpberlin.de
>> https://listi.jpberlin.de/mailman/listinfo/postfixbuch-users
>>
>
Mehr Informationen über die Mailingliste Postfixbuch-users