* Christian Rößner <c...@roessner-network-solutions.com>: > It works!
Probably OT for this list and better suited for the developers list, but does it still work without any errors? Having EXTERNAL available in LDAP queries would be quite nice - you get TLS, authentication and authorization at once. Could this become part of Postfix if it works? I'd volunteer to add some documentation to SASL_README if that is the right place besides ldap_table(5). p...@rick > > The ldap_table SASL patch works for me on postfix-2.8-20100913 > > Sep 15 18:57:58 db slapd[1355]: do_bind: dn () SASL mech EXTERNAL > Sep 15 18:57:58 db slapd[1355]: ==>slap_sasl2dn: converting SASL name > cn=mx0.roessner-net.de to a DN > Sep 15 18:57:58 db slapd[1355]: slap_parseURI: parsing > cn=proxyuser,dc=roessner-net,dc=de > Sep 15 18:57:58 db slapd[1355]: >>> dnNormalize: > <cn=proxyuser,dc=roessner-net,dc=de> > Sep 15 18:57:58 db slapd[1355]: <<< dnNormalize: > <cn=proxyuser,dc=roessner-net,dc=de> > Sep 15 18:57:58 db slapd[1355]: <==slap_sasl2dn: Converted SASL name to > cn=proxyuser,dc=roessner-net,dc=de > Sep 15 18:57:58 db slapd[1355]: slap_sasl_getdn: dn:id converted to > cn=proxyuser,dc=roessner-net,dc=de > Sep 15 18:57:58 db slapd[1355]: conn=3057 op=1 BIND > authcid="cn=mx0.roessner-net.de" authzid="cn=mx0.roessner-net.de" > Sep 15 18:57:58 db slapd[1355]: SASL Authorize [conn=3057]: proxy > authorization allowed authzDN="" > Sep 15 18:57:58 db slapd[1355]: send_ldap_sasl: err=0 len=-1 > Sep 15 18:57:58 db slapd[1355]: conn=3057 op=1 BIND > dn="cn=proxyuser,dc=roessner-net,dc=de" mech=EXTERNAL sasl_ssf=0 ssf=128 > Sep 15 18:57:58 db slapd[1355]: do_bind: SASL/EXTERNAL bind: > dn="cn=proxyuser,dc=roessner-net,dc=de" sasl_ssf=0 > > I have to check, if I did a mistake with the patch itself, causing the man > page errors, or if the patch needs little tweaks :) But at least the > functionality is working. I am so happy! :) > > Christian -- All technical questions asked privately will be automatically answered on the list and archived for public access unless privacy is explicitely required and justified. saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
signature.asc
Description: Digital signature