Hello, Todd, many thanks for your reply. This has been pointed out by Andreas Metzler when working on my Debian bug report http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702116 regarding this probelm. I changed the authenticator, but it did not held, see below.
On 07.03.2013 15:04, Todd Lyons wrote: > On Wed, Mar 6, 2013 at 10:04 AM, Paul Muster <[email protected]> wrote: >> >> --> /etc/exim4/conf.d/auth/40_LDAP-auth >> plain_server: >> driver = plaintext >> public_name = PLAIN >> server_prompts = Username:: : Password:: >> server_condition = ${if and{{ \ >> !eq{}{$auth2} }{ \ >> ldapauth{\ >> user="uid=${quote_ldap_dn:$auth2},ou=Users,dc=BASE" \ >> pass=${quote:$auth3} \ >> ldap://ldap/} }} } > > As shown in the bottom of your post, it looks like your ldap is > working as expected. However, I wonder if your problem is something > more basic because your server prompts for PLAIN are different than > mine. Here is what I have: > > plain: > driver = plaintext > public_name = PLAIN > server_prompts = : > <snip> > > login: > driver = plaintext > public_name = LOGIN > server_prompts = Username:: : Password:: > <snip> > > I wonder if the parsing is just failing because of wrong prompts? plain_server_ldap: driver = plaintext public_name = PLAIN server_prompts = : server_condition = ${if and{{ \ !eq{}{$auth2} }{ \ ldapauth{\ user="uid=${quote_ldap_dn:$auth2},ou=Users,dc=BASIS" \ pass=${quote:$auth3} \ ldap://ldap/} }} } server_set_id = $auth2 login_server_ldap: driver = plaintext public_name = LOGIN server_prompts = Username:: : Password:: server_condition = ${if and{{ \ !eq{}{$auth1} }{ \ ldapauth{\ user="uid=${quote_ldap_dn:$auth1},ou=Users,dc=BASIS" \ pass=${quote:$auth2} \ ldap://ldap/} }} } server_set_id = $auth1 Some debug information: # exim -d+all -bdf -oX 2525 19:23:32 29767 SMTP<< AUTH PLAIN <auth_data>= 19:23:32 29767 plain_server_ldap authenticator server_condition: 19:23:32 29767 $auth1 = 19:23:32 29767 $auth2 = paul 19:23:32 29767 $auth3 = <password> 19:23:32 29767 $1 = 19:23:32 29767 $2 = paul 19:23:32 29767 $3 = <password> 19:23:32 29767 expanding: 19:23:32 29767 result: 19:23:32 29767 expanding: $auth2 19:23:32 29767 result: paul 19:23:32 29767 expanding: $auth2 19:23:32 29767 result: paul 19:23:32 29767 expanding: $auth3 19:23:32 29767 result: <password> 19:23:32 29767 expanding: user="uid=${quote_ldap_dn:$auth2},ou=Users,dc=BASIS" pass=${quote:$auth3} ldap://ldap/ 19:23:32 29767 result: user="uid=paul,ou=Users,dc=BASIS" pass="<password>" ldap://ldap/ 19:23:32 29767 LDAP parameters: user=uid=paul,ou=Users,dc=BASIS pass=<password> size=0 time=0 connect=0 dereference=0 referrals=on 19:23:32 29767 perform_ldap_search: ldapauth URL = "ldap://ldap/"; server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0 19:23:32 29767 after ldap_url_parse: host=ldap port=389 19:23:32 29767 ldap_initialize with URL ldap://ldap:389/ 19:23:32 29767 initialized for LDAP (v3) server ldap:389 19:23:32 29767 LDAP_OPT_X_TLS_TRY set 19:23:32 29767 binding with user=uid=paul,ou=Users,dc=BASIS password=<password> 19:23:32 29767 failed to bind the LDAP connection to server ldap:389 - ldap_bind() returned -1 19:23:32 29767 failed to expand: ${if and{{ !eq{}{$auth2} }{ ldapauth{user="uid=${quote_ldap_dn:$auth2},ou=Users,dc=BASIS" pass=${quote:$auth3} ldap://ldap/} }} } 19:23:32 29767 error message: failed to bind the LDAP connection to server ldap:389 - ldap_bind() returned -1 inside "and{...}" condition 19:23:32 29767 expansion failed: failed to bind the LDAP connection to server ldap:389 - ldap_bind() returned -1 inside "and{...}" condition 19:23:32 29767 expanding: $auth2 19:23:32 29767 result: paul 19:23:32 29767 SMTP>> 435 Unable to authenticate at present 19:23:32 29767 tls_do_write(0xb8b33840, 39) 19:23:32 29767 gnutls_record_send(SSL, 0xb8b33840, 39) 19:23:32 29767 outbytes=39 19:23:32 29767 LOG: MAIN REJECT 19:23:32 29767 plain_server_ldap authenticator failed for <client>: 435 Unable to authenticate at present (set_id=paul): failed to bind the LDAP connection to server ldap:389 - ldap_bind() returned -1 inside "and{...}" condition 19:23:32 29767 Calling gnutls_record_recv(0xb8b55570, 0xb8cf01a8, 4096) On the LDAP server no connection comes in. Thanks & greetings, Paul -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
