Re: Authentication failed.

This is a discussion on Re: Authentication failed. within the mailing.postfix.users forums, part of the Mail Servers and Related category; man, 30.05.2005 kl. 06.38 skrev sam wun: [...] > As I look further in the debug.log, I ...


Go Back   Usenet Forums > Mail Servers and Related > mailing.postfix.users

Reload this Page Re: Authentication failed.

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 05-30-2005
Tony Earnshaw
 
Posts: n/a
Default Re: Authentication failed.
man, 30.05.2005 kl. 06.38 skrev sam wun:

[...]

> As I look further in the debug.log, I found slapd may be has some=20
> problem with user mailadmin:
> May 30 12:30:25 mail02 slapd[468]: conn=3D10 fd=3D10 ACCEPT from=20
> IP=3D127.0.0.1:50912 (IP=3D0.0.0.0:389)
> May 30 12:30:25 mail02 slapd[468]: conn=3D10 op=3D0 BIND=20
> dn=3D"cn=3Dmailadmin,ou=3Dadmin,dc=3Dauthtec,dc=3D com" method=3D128
> May 30 12:30:25 mail02 slapd[468]: conn=3D10 op=3D0 RESULT tag=3D97 err=
=3D49 text=3D
> May 30 12:30:26 mail02 slapd[468]: conn=3D10 fd=3D10 closed
>=20
> In the slapd.conf file,
> I define the following access rule for mailadmin :
> access to dn.subtree=3D"ou=3Dmail02,dc=3Dauthtec,dc=3Dcom"
> by dn=3D"cn=3Dmailadmin,ou=3Dadmin,dc=3Dauthtec,dc=3D com" write
> by * none

Nobody can authenticate.

> Here is the postfix.ldif file I used to populate mail user into the lda=
p=20
> database (BDB):
> dn: ou=3Dadmin,dc=3Dauthtec,dc=3Dcom
> ou: admin
> objectClass: top
> objectClass: organizationalUnit
>=20
> dn: ou=3Dmail02,dc=3Dauthtec,dc=3Dcom
> ou: mail02
> objectClass: top
> objectClass: organizationalUnit
>=20
> dn: cn=3Dmailadmin,ou=3Dadmin,dc=3Dauthtec,dc=3Dcom
> cn: mailadmin
> mail: mailadmin@authtec.com
> uid: mailadmin
> displayName: mail admin
> gidNumber: 80
> uidNumber: 80
> userStatus: 1
> mailMessageStore: authtec.com/mailadmin/Maildir/
> mailQuota: 1000000
> userPassword: 2320419
> objectClass: mailUser

That's probably a typo, should be qmailUser. There's no structural
objectClass, I can't see how OpenLDAP ever accepted this, unless you set
schemacheck off in slapd.conf (bad).=20

> objectClass: top
> homeDirectory: /usr/local/vmail
>=20
> dn: uid=3Dtest,ou=3Dmail02,dc=3Dauthtec,dc=3Dcom
> cn: test
> uid: test
> displayName: test user
> uidNumber: 80
> gidNumber: 80

You can't give 2 users the same uidnumber.

> userPassword: testtest
> userStatus: 1
> objectClass: mailUser
> objectClass: top
> mail: test@authtec.com
> mailMessageStore: authtec.com/test/Maildir/
> homeDirectory: /usr/local/vmail

Same - no structural objectClass. Shouldn't have been accepted.

> >> How can I track down the problem in detail?

Get a copy of th OpenLDAP 2.2 admin doc from www.openldap.org and at
least get the quick start bit working. Make sure that you know exactly
what you're doing and why. Make sure you understand ACLs an what they're
for. Set schemacheck on again. Further questions to the OpenLDAP ML.
Later, when setting up authdaemond (authlib?), make sure you understand
what the LDAP parameters do, further questions to the Courier ML.

--Tonni

--=20
mail: tonye@billy.demon.nl
http://www.billy.demon.nl

Eg er bergenser og, eg, men, Trondheims-ordf=F8rer Marvin Wiseth:
=ABBergenserne er flinke til =E5 gj=F8re mye ut av lite=BB (uttalte seg o=
ver 17.
mai feiringen i=E5r, men gjelder sannsynligvis og dette mel mitt).

Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On




All times are GMT +1. The time now is 07:24 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0