Mailserver core:
- openldap-2.1.22, nss_ldap-204-2mdk, pam_ldap-161-2mdk
- postfix-2.0.12-3mdk
I am using postfix SRPM from 9.1, rebuilt against sasl2, since I couldn't bother at the time to track down the tls patches for an older openssl.
Have you got postfix authentication against LDAP working? And if so,
how? (actually, that's my reason for using update sasl2 packages, I
actually still have some patches to try ...).
Yes.
Although - postfix is not authenticating directly against ldap, but is using saslauthd (which as I have configured is auth'ing against system & ldap accounts).
The following is the build order (as I recall):
- Rebuild & upgrade 91's openssl to cooker's openssl 0.9.7b (postfix requires).
- Install db41 (cooker rpm)
- Rebuild & install openldap 2.1.22 (I believe it was your srpm).
- Rebuild & install (upgrade) postfix 2.0.12
Postfix Auth config directives (/etc/postfix/main.cf): # For auth smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated, check_relay_domains
I am not sure where you are at, or how detailed you need me to get. I had issues with 91's postfix (even after rebuilding the srpm) so I tried rebuilding cooker postfix, and made better progress. I believe I also had some issues with 91's nss_ldap & pam_ldap, so they are from cooker as well (although not rebuilt).
What I really like about this setup is that to the mail system, there is no difference between a system user, and ldap only user.
What is / is not happening with your postfix auth? Any error messages? (Maybe I have already worked through them).
Thanks,
Scott
