Davide,
Two ldap attributes are mandatory to qmail-ldap work (besides
mail/mailmessagestore that's for sure):
objectClass: qmailUser
uid: davide
Where qmailUser tells that this entrie is a qmail account and uid is a
pop/imap login (username), commonly its value is the local part of a
mail address. Like: [EMAIL PROTECTED] -> uid: flgomes
I didnt see uid entries in you user entries. Include mailMessageStore is
a good idea too.
Be sure cn=davide,dc=test.sipi,dc=it has at least read permissions under
dc=test.sipi,dc=it in your LDAP server and that the password supplied in
'ldappassword' control file is correct.
Try use ldapsearch program to be certain about the setup:
Go to something like: /path/to/OpenLDAP/bin
type:
./ldapsearch -D "cn=davide,dc=test.sipi,dc=it" \
-w "segreta" -b "dc=test.sipi,dc=it" \
"(&(objectClass=qmailUser)([EMAIL PROTECTED]))"
Be alert about 'invalid credentials' and 'no such object' messages. And
verify OpenLDAP logs.
Once again: Read the documentations at the links I sent in my last post
as well as qmail-ldap QLDAPINSTALL document under your qmail source
tree. The things will become clear after you do that.
GL,
F�bio Gomes
Davide Salerno wrote:
> LOL!!!
> Thank You! i did not understand what you meant by showctl unedited!
> here is the output you asked before.
> best regards
> davide
> :-]
>
> qmail home directory: /var/qmail.
> user-ext delimiter: -.
> paternalism (in decimal): 2.
> silent concurrency limit: 500.
> subdirectory split: 23.
> user ids: 501, 502, 503, 0, 504, 505, 506, 507.
> group ids: 501, 502.
> me: My name is test.sispi.it
> ldapserver: My ldap server is 195.103.200.30:389
>
>
> badmailfrom: (Default.) Any MAIL FROM is allowed.
>
> bouncefrom: (Default.) Bounce user name is MAILER-DAEMON.
>
> bouncehost: (Default.) Bounce host name is test.sispi.it.
>
> concurrencylocal: (Default.) Local concurrency is 10.
>
> concurrencyremote: (Default.) Remote concurrency is 20.
>
> databytes: (Default.) SMTP DATA limit is 0 bytes.
>
> defaultdomain: Default domain name is test.sispi.it.
>
> defaulthost: (Default.) Default host name is test.sispi.it.
>
> doublebouncehost: (Default.) 2B recipient host: test.sispi.it.
>
> doublebounceto: (Default.) 2B recipient user: postmaster.
>
> envnoathost: (Default.) Presumed domain name is test.sispi.it.
>
> helohost: (Default.) SMTP client HELO host name is test.sispi.it.
>
> idhost: (Default.) Message-ID host name is test.sispi.it.
>
> localiphost: (Default.) Local IP address becomes test.sispi.it.
>
> locals:
>
> me: My name is test.sispi.it.
>
> percenthack: (Default.) The percent hack is not allowed.
>
> plusdomain: Plus domain name is test.sispi.it.
>
> qmqpservers: (Default.) No QMQP servers.
>
> queuelifetime: (Default.) Message lifetime in the queue is 604800 seconds.
>
> rcpthosts:
> SMTP clients may send messages to recipients at test.sispi.it.
>
> morercpthosts: (Default.) No effect.
>
> morercpthosts.cdb: (Default.) No effect.
>
> smtpgreeting: (Default.) SMTP greeting: 220 test.sispi.it.
>
> smtproutes: (Default.) No artificial SMTP routes.
>
> timeoutconnect: (Default.) SMTP client connection timeout is 60 seconds.
>
> timeoutremote: (Default.) SMTP client data timeout is 1200 seconds.
>
> timeoutsmtpd: (Default.) SMTP server data timeout is 1200 seconds.
>
> virtualdomains:
> Virtual domain: test.sispi.it:test.sispi.it
>
> now the qmail-ldap specific files
>
> ldapserver: My LDAP Server is 195.103.200.30:389.
>
> ldapbasedn: LDAP basedn: dc=test.sispi, dc=it.
>
> ldaplogin: LDAP login: cn=davide, dc=test.sipi, dc=it.
>
> ldappassword: LDAP password: segreta.
>
> ldapuid: Default UID is: 11184.
>
> ldapgid: Default GID is: 2110.
>
> ldapmessagestore: Prefix for non absolute paths: /var/qmail/maildirs.
>
> ldapdefaultdotmode: (Default.) Default dot mode for ldap users: not defined.
>
> ldapdefaultquota: (Default.) Default quota for ldap users: not defined.
>
> dirmaker: (Default.) Location of program to create homedirs: not defined.
>
> ldaplocaldelivery: (Default.) local passwd lookup is 1 (1 = on, 0 = off).
>
> ldaprebind: (Default.) ldap rebinding is 0 (1 = on, 0 = off).
>
> ldapcluster: (Default.) clustering is 0 (1 = on, 0 = off).
>
> ldapclusterhosts: (Default.) No alternate MailHosts for clustering listed.
>
> quotawarning: (Default.) No quotawarning.
>
> custombouncetext: (Default.) No custombouncetext.
>
> maxrcptcount: (Default.) 0 RCPT TOs are accepted before sending 553 (0 =
> off).
>
> tarpitcount: (Default.) 0 RCPT TOs are accepted before tarpitting (0 = off).
>
> tarpitdelay: (Default.) 5 seconds of delay to introduce after each
> subsequent RCPT TO.
>
> badrcptto: (Default.) Any RCPT TO is allowed.
>
> relaymailfrom: (Default.) Relaymailfrom not enabled.
>
> rbllist: (Default.) No RBL listed.
>
> rcpthosts.lock: I have no idea what this file does.
> virtualdomains.lock: I have no idea what this file does.
> locals.lock: I have no idea what this file does.
> defaultdelivery: I have no idea what this file does.
> custom_dirmaker: I have no idea what this file does.
> localdelivery: I have no idea what this file does.
>
> -----Messaggio originale-----
> Da: F�bio Gomes [mailto:[EMAIL PROTECTED]]
> Inviato: mercoled� 17 luglio 2002 14.04
> A: [EMAIL PROTECTED]; Qmail-Ldap
> Oggetto: Re: R: R: R: h_e_l_p
>
>
> LOL. I dont want your qmail-showctl binary. I want its output. Just type
> at your server prompt:
>
> /var/qmail/bin/qmail-showctl
>
> and hit <ENTER>
>
> Send us the output generated.
>
> :-)
> F�bio Gomes
>
>
> Davide Salerno wrote:
>
>>I attached it
>>thank you
>>hope you find the solution
>>regards,
>>davide
>>
>>-----Messaggio originale-----
>>Da: F�bio Gomes [mailto:[EMAIL PROTECTED]]
>>Inviato: mercoled� 17 luglio 2002 13.41
>>A: [EMAIL PROTECTED]; Qmail-Ldap
>>Oggetto: Re: R: R: h_e_l_p
>>
>>
>>Send us the output (unedited) of the /var/qmail/bin/qmail-showctl.
>>
>>Regards,
>>F�bio Gomes
>>
>>
>>Davide Salerno wrote:
>>
>>
>>>thank you
>>>i changed it but it still gives me the same response.
>>>what do you think
>>>regards,
>>>davide
>>>
>>>-----Messaggio originale-----
>>>Da: F�bio Gomes [mailto:[EMAIL PROTECTED]]
>>>Inviato: mercoled� 17 luglio 2002 12.53
>>>A: [EMAIL PROTECTED]; Qmail-Ldap
>>>Oggetto: Re: R: h_e_l_p
>>>
>>>
>>>Davide,
>>>
>>> Each qmail user entrie in ldap must have the objectClass qmailUser. This
>>>is why you must have to declare: 'include
>>>/etc/openldap/schema/qmail.schema' in
>>>your slapd.conf.
>>>
>>>Please read http://www.lifewithqmail.org/ldap and this link may be
>>>useful too: http://www.cerritoslug.org/tutorials/qmail-ldap/index.html.
>>>
>>> Try follow its directions and ask us if something goes wrong.
>>>
>>> Regards,
>>> F�bio Gomes
>>>
>>>
>>>Davide Salerno wrote:
>>>
>>>
>>>
>>>>thank you
>>>>
>>>>######## My conf files are #######
>>>>
>>>># $OpenLDAP: pkg/ldap/libraries/libldap/ldap.conf,v 1.4.8.6 2000/09/05
>>>>17:54:38 kurt Exp $
>>>>#
>>>># LDAP Defaults
>>>>#
>>>>
>>>># See ldap.conf(5) for details
>>>># This file should be world readable but not world writable.
>>>>
>>>>#BASE dc=example, dc=com
>>>>#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
>>>>
>>>>#SIZELIMIT 12
>>>>#TIMELIMIT 15
>>>>#DEREF never
>>>>HOST 127.0.0.1
>>>>BASE dc=test.sispi, dc=it
>>>>
>>>>
>>>>
>>>>
>>>># $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27
>>>
>>>20:00:31
>>>
>>>
>>>
>>>>kurt Exp $
>>>>#
>>>># See slapd.conf(5) for details on configuration options.
>>>># This file should NOT be world readable.
>>>>#
>>>>include /etc/openldap/schema/core.schema
>>>>include /etc/openldap/schema/cosine.schema
>>>>include /etc/openldap/schema/inetorgperson.schema
>>>>include /etc/openldap/schema/nis.schema
>>>>include /etc/openldap/schema/qmail.schema
>>>>include /etc/openldap/schema/qmailControl.schema
>>>>include /etc/openldap/schema/qmailUser.schema
>>>>include /etc/openldap/schema/redhat/rfc822-MailMember.schema
>>>>include /etc/openldap/schema/redhat/autofs.schema
>>>>include /etc/openldap/schema/redhat/kerberosobject.schema
>>>>
>>>>schemacheck off
>>>># Define global ACLs to disable default read access.
>>>>
>>>># Do not enable referrals until AFTER you have a working directory
>>>># service AND an understanding of referrals.
>>>>#referral ldap://root.openldap.org
>>>>
>>>>#pidfile //var/run/slapd.pid
>>>>#argsfile //var/run/slapd.args
>>>>
>>>># Create a replication log in /var/lib/ldap for use by slurpd.
>>>>#replogfile /var/lib/ldap/master-slapd.replog
>>>>
>>>># Load dynamic backend modules:
>>>># modulepath /usr/sbin/openldap
>>>># moduleload back_ldap.la
>>>># moduleload back_ldbm.la
>>>># moduleload back_passwd.la
>>>># moduleload back_shell.la
>>>>
>>>>#
>>>># The next two lines allow use of TLS for connections using a dummy test
>>>># certificate, but you should generate a proper certificate by changing
>>>
> to
>
>>>># /usr/share/ssl/certs, running "make slapd.pem", and fixing permissions
>>>
>>>on
>>>
>>>
>>>
>>>># slapd.pem so that the ldap user or group can read it.
>>>># TLSCertificateFile /usr/share/ssl/certs/slapd.pem
>>>># TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem
>>>>#
>>>># Sample Access Control
>>>># Allow read access of root DSE
>>>># Allow self write access
>>>># Allow authenticated users read access
>>>># Allow anonymous users to authenticate
>>>>#
>>>>#access to dn="" by * read
>>>>#access to *
>>>># by self write
>>>># by users read
>>>># by anonymous auth
>>>>#
>>>># if no access controls are present, the default is:
>>>># Allow read by all
>>>>#
>>>># rootdn can always write!
>>>>#A user can write to their own record and to all of it's children:
>>>>
>>>>access to *
>>>> by self write
>>>> by anonymous read
>>>>access to dn=".*,(cn=.*,dc=test.sispi,dc=it)"
>>>> by dn="$1" write
>>>> by anonymous auth
>>>>
>>>>#######################################################################
>>>># ldbm database definitions
>>>>#######################################################################
>>>>
>>>>database ldbm
>>>>suffix "dc=test.sispi, dc=it"
>>>>rootdn "cn=davide,dc=test.sispi,dc=it"
>>>>#rootdn "[EMAIL PROTECTED]"
>>>>rootpw "segreta"
>>>># rootpw {crypt}ijFYNcSNctBYg
>>>>directory /usr/local/var/openldap-data
>>>>#DBdirectory
>>>># Indices to maintain
>>>>#index objectClass,cn,uid,userPassword,uidNumber,gidNumber,memberUid
>>>>pres,eq
>>>>#index sn,givenname eq
>>>>index cn,sn,uid eq
>>>>index objectClass pres,eq
>>>>
>>>>
>>>>
>>>>
>>>># $OpenLDAP: pkg/ldap/servers/slapd/slapd.oc.conf
>>>>#
>>>>objectclass qmailUser
>>>>requires
>>>>objectclass,
>>>>mail,
>>>>mailMessageStore,
>>>>uid,
>>>>userPassword
>>>>allows
>>>>mailAlternateAddress,
>>>>qmailUser,
>>>>qmailUID,
>>>>qmailGID,
>>>>mailQuota,
>>>>mailForwardingAddress,
>>>>mailHost,
>>>>deliveryProgramPath,
>>>>deliveryMode,
>>>>mailReplyText,
>>>>qmailDotMode,
>>>>accountStatus,
>>>>mailGroup
>>>>
>>>>
>>>>######sample ldap user entry #########################
>>>>
>>>>#dn: ou=people, o=test.sispi.it
>>>>dn: dc=test.sispi,dc=it
>>>>objectClass: dcObject
>>>>dc: test.sispi
>>>>#objectclass: top
>>>>#objectclass: organizationalUnit
>>>>#objectclass: organization
>>>>#ou: Accounting
>>>>#description: example unit
>>>>#tel: 555-5559
>>>>
>>>>#dn: cn=Davide Salerno, ou=people, o=test.sispi.it
>>>>dn: cn=Davide Salerno,dc=test.sispi,dc=it
>>>>objectClass: top
>>>>objectClass: person
>>>>objectClass: organizationalPerson
>>>>objectClass: inetOrgPerson
>>>>cn: Davide Salerno
>>>>sn: Salerno
>>>>givenName: Davide
>>>>mail: [EMAIL PROTECTED]
>>>>userPassword: {sha}KDIE3AL9DK
>>>>ou: Accounting
>>>>ou: people
>>>>telephoneNumber: 2616
>>>>roomNumber: 220
>>>>
>>>>dn: cn=Salvo Musmeci,dc=test.sispi,dc=it
>>>>objectClass: top
>>>>objectClass: person
>>>>objectClass: organizationalPerson
>>>>objectClass: inetOrgPerson
>>>>cn: Salvo Musmeci
>>>>sn: Musmeci
>>>>givenName: Salvo
>>>>mail: [EMAIL PROTECTED]
>>>>userPassword: {sha}jdl2alem87dlacz1
>>>>ou: Manufacturing
>>>>ou: people
>>>>telephoneNumber: 2875
>>>>roomNumber: 221
>>>>
>>>>dn: cn=Jerry Cannatella,dc=test.sispi,dc=it
>>>>objectClass: top
>>>>objectClass: person
>>>>objectClass: organizationalPerson
>>>>objectClass: inetOrgPerson
>>>>cn: Jerry Cannatella
>>>>sn: Cannatella
>>>>givenName: Jerry
>>>>mail: [EMAIL PROTECTED]
>>>>userPassword: {sha}nn2msx761
>>>>ou: Manufacturing
>>>>ou: people
>>>>telephoneNumber: 2874
>>>>roomNumber: 223
>>>>
>>>>dn: cn=Nando Gambino,dc=test.sispi,dc=it
>>>>objectClass: top
>>>>objectClass: person
>>>>objectClass: organizationalPerson
>>>>objectClass: inetOrgPerson
>>>>cn: Nando Gambino
>>>>sn: Gambino
>>>>givenName: Nando
>>>>mail: [EMAIL PROTECTED]
>>>>userPassword: {sha}nn2msx761
>>>>ou: Accounting
>>>>ou: people
>>>>telephoneNumber: 3874
>>>>roomNumber: 123
>>>>
>>>>On the qmail side (the other machine) this is my control directory
>>>
>>>settings
>>>
>>>
>>>
>>>>ldapbasedn dc=test.sispi, dc=it
>>>>ldapserver 195.103.200.30:389
>>>>ldaplogin cn=davide, dc=test.sipi, dc=it
>>>>ldappassword segreta
>>>>
>>>>I hope you can find what's wrong!!
>>>>thank you
>>>>Best Regard
>>>>davide
>>>>
>>>>
>>>>-----Messaggio originale-----
>>>>Da: F�bio Gomes [mailto:[EMAIL PROTECTED]]
>>>>Inviato: marted� 16 luglio 2002 13.44
>>>>Cc: Qmail-Ldap
>>>>Oggetto: Re: h_e_l_p
>>>>
>>>>
>>>>Please send us a showctl unedited and a sample ldap user entry.
>>>>
>>>>Regards,
>>>>F�bio Gomes
>>>>
>>>>
>>>>
>>>>Davide Salerno wrote:
>>>>
>>>>
>>>>
>>>>
>>>>>Hello all,
>>>>>i have an ldap server running on a remote machine and a qmail server
>>>>
>>>>running
>>>>
>>>>
>>>>
>>>>
>>>>>on another machine in the same network.
>>>>>I patched qmail with the qmail-ldap and compiled it succesfully.
>>>>>After configuring it (using lifewithqmail tutorial), i tried to test it
>>>>
>>>>with
>>>>
>>>>
>>>>
>>>>
>>>>>ldaplookup command of qmail.
>>>>>
>>>>># ./qmail-ldaplookup -m [EMAIL PROTECTED]
>>>>>init_ldap: passwords are not compared via rebind
>>>>> localdelivery: on
>>>>> clustering: off
>>>>> ldapobjectclass:
>>>>> homedirmaker:
>>>>> defaultDotMode: ldaponly
>>>>> defaultQuota:
>>>>> QuotaWarning:
>>>>>------
>>>>>undefined
>>>>>------
>>>>>qldap_open: NOT successful: binding to ldap server failed
>>>>>
>>>>>any toughts??
>>>>>what does it mean?
>>>>>davide
--
@_{2**2..6*6}=split//,"�iGsDDbooe eoin m-IsvveoF Tenlmt";print
values%_,"\n"
