Goal: Allow users to authenticate with SMTP with their LDAP credentials.
Problem: Exim spits out errors because it doesn't bind to the LDAP server. Config: -- begin authenticators plain: driver = plaintext public_name = PLAIN server_condition = ${if and{{ !eq{}{$auth2} }{ \ ldapauth{\ USER="${quote_ldap:${lookup ldapdn{ldap://dc0.cyberfusion.cloud/cn=Users,dc=cyberfusion,dc=email??sub?(sAMAccountName=${quote_ldap:$auth2})}}}" \ PASS=${quote:$auth3} \ ldap://ldap.cyberfusion.cloud/} }} } server_set_id = $auth2 server_prompts = : login: driver = plaintext public_name = LOGIN server_prompts = "Username:: : Password::" server_condition = ${if and{{ !eq{}{$auth1} }{ \ ldapauth{\ USER="${quote_ldap:${lookup ldapdn{ldap://dc0.cyberfusion.cloud/cn=Users,dc=cyberfusion,dc=email??sub?(sAMAccountName=${quote_ldap:$auth1})}}}" \ PASS=${quote:$auth2} \ ldap://ldap.cyberfusion.cloud/} }} } server_set_id = $auth1 -- Log: -- 14:36:39 999 /considering: ${if and{{ !eq{}{$auth1} }{ ldapauth{USER="${quote_ldap:${lookup ldapdn{ldap://dc0.cyberfusion.cloud/cn=Users,dc=cyberfusion,dc=email??sub?(sAMAccountName=${quote_ldap:$auth1})}}}" PASS=${quote:$auth2} ldap://ldap.cyberfusion.cloud/} }} } [...] 14:36:39 999 type=ldapdn key="ldap://dc0.cyberfusion.cloud/cn=Users,dc=cyberfusion,dc=email??sub?(sAMAccountName=internal-mailinfra)" 14:36:39 999 database lookup required for ldap://dc0.cyberfusion.cloud/cn=Users,dc=cyberfusion,dc=email??sub?(sAMAccountName=internal-mailinfra) 14:36:39 999 LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=0 dereference=0 referrals=on 14:36:39 999 perform_ldap_search: ldapdn URL = "ldap://dc0.cyberfusion.cloud/cn=Users,dc=cyberfusion,dc=email??sub?(sAMAccountName=internal-mailinfra)" server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=0 14:36:39 999 after ldap_url_parse: host=dc0.cyberfusion.cloud port=389 14:36:39 999 ldap_initialize with URL ldap://dc0.cyberfusion.cloud:389/ 14:36:39 999 initialized for LDAP (v3) server dc0.cyberfusion.cloud:389 14:36:39 999 LDAP_OPT_X_TLS_TRY set due to ldap:// URI 14:36:39 999 binding with user=NULL password=NULL 14:36:39 999 Start search 14:36:39 999 search ended by ldap_result yielding 101 14:36:39 999 ldap_parse_result: 0 14:36:39 999 ldap_parse_result yielded 1: Operations error 14:36:39 999 LDAP search failed - error 1: Operations error/000004DC: LdapErr: DSID-0C09079A, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v23f0 14:36:39 999 lookup deferred: LDAP search failed - error 1: Operations error/000004DC: LdapErr: DSID-0C09079A, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v23f0 14:36:39 999 |failed to expand: ${lookup ldapdn{ldap://dc0.cyberfusion.cloud/cn=Users,dc=cyberfusion,dc=email??sub?(sAMAccountName=${quote_ldap:$auth1})}}}" PASS=${quote:$auth2} ldap://ldap.cyberfusion.cloud/} }} } 14:36:39 999 \___error message: lookup of "ldap://dc0.cyberfusion.cloud/cn=Users,dc=cyberfusion,dc=email??sub?(sAMAccountName=internal-mailinfra)" gave DEFER: LDAP search failed - error 1: Operations error/000004DC: LdapErr: DSID-0C09079A, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v23f0 14:36:39 999 |failed to expand: USER="${quote_ldap:${lookup ldapdn{ldap://dc0.cyberfusion.cloud/cn=Users,dc=cyberfusion,dc=email??sub?(sAMAccountName=${quote_ldap:$auth1})}}}" PASS=${quote:$auth2} ldap://ldap.cyberfusion.cloud/} }} } 14:36:39 999 \___error message: lookup of "ldap://dc0.cyberfusion.cloud/cn=Users,dc=cyberfusion,dc=email??sub?(sAMAccountName=internal-mailinfra)" gave DEFER: LDAP search failed - error 1: Operations error/000004DC: LdapErr: DSID-0C09079A, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v23f0 14:36:39 999 |failed to expand: ${if and{{ !eq{}{$auth1} }{ ldapauth{USER="${quote_ldap:${lookup ldapdn{ldap://dc0.cyberfusion.cloud/cn=Users,dc=cyberfusion,dc=email??sub?(sAMAccountName=${quote_ldap:$auth1})}}}" PASS=${quote:$auth2} ldap://ldap.cyberfusion.cloud/} }} } 14:36:39 999 \___error message: lookup of "ldap://dc0.cyberfusion.cloud/cn=Users,dc=cyberfusion,dc=email??sub?(sAMAccountName=internal-mailinfra)" gave DEFER: LDAP search failed - error 1: Operations error/000004DC: LdapErr: DSID-0C09079A, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v23f0 inside "and{...}" condition 14:36:39 999 expansion failed: lookup of "ldap://dc0.cyberfusion.cloud/cn=Users,dc=cyberfusion,dc=email??sub?(sAMAccountName=internal-mailinfra)" gave DEFER: LDAP search failed - error 1: Operations error/000004DC: LdapErr: DSID-0C09079A, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v23f0 inside "and{...}" condition 14:36:39 999 /considering: $auth1 14:36:39 999 |__expanding: $auth1 14:36:39 999 \_____result: internal-mailinfra 14:36:39 999 SMTP>> 435 Unable to authenticate at present -- Note this line: 14:36:39 999 binding with user=NULL password=NULL Why does Exim not bind to the LDAP server with my credentials and how can I set it up so it does? Met vriendelijke groet, with kind regards, William Edwards Cyberfusion - Hosting voor webbureaus en bedrijfskritische applicaties W. https://www.cyberfusion.nl/ E. wedwa...@cyberfusion.nl T. 040 - 711 44 96
smime.p7s
Description: Electronic Signature S/MIME
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/