Re: Just installed qmail+ldap: i am loosing my hairs

Friedrich Locke Mon, 14 Jan 2013 08:49:06 -0800

Here is my slapd.conf access directives :

###############################################################################
# access definition on ou=appsrv,dc=ufv,dc=br
################################################################################


access to dn.one="ou=appsrv,dc=ufv,dc=br" attrs=userPassword
        by self read
        by anonymous auth
#       by * none

access to dn.one="ou=appsrv,dc=ufv,dc=br"
        by dn.one="ou=appsrv,dc=ufv,dc=br" read

access to dn.base="ou=appsrv,dc=ufv,dc=br" attrs=entry
        by dn.one="ou=appsrv,dc=ufv,dc=br" read
################################################################################
# access definition on ou=group,dc=ufv,dc=br
################################################################################

access to dn.one="ou=group,dc=ufv,dc=br"
        by dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read
        by dn.one="ou=people,dc=ufv,dc=br" read

access to dn.base="ou=group,dc=ufv,dc=br" attrs=entry
        by dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read
        by dn.one="ou=people,dc=ufv,dc=br" read



################################################################################
# access definition on ou=people,dc=ufv,dc=br
################################################################################

access to dn.one="ou=people,dc=ufv,dc=br" attrs=userPassword
        by self read
        by dn.base="cn=mail,ou=appsrv,dc=ufv,dc=br" read
        by anonymous auth
        by * none

access to dn.one="ou=people,dc=ufv,dc=br" attrs=homeDirectory
        by self read
        by dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read

access to dn.one="ou=people,dc=ufv,dc=br" attrs=uid
        by self read
        by dn.base="cn=mail,ou=appsrv,dc=ufv,dc=br" read
        by dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read

access to dn.one="ou=people,dc=ufv,dc=br"
attrs=cn,uidNumber,gidNumber,loginShell,gecos,description
        by self read
        by dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read

access to dn.one="ou=people,dc=ufv,dc=br"
attrs=mail,mailMessageStore,mailAlternateAddress,qmailUID,qmailGID,mailHost,mailForwardingAddress,deliveryProgramPath,qmailDotMode,deliveryMode,mailReplyText,accountStatus,qmailAccountPurge,mailQuotaSize,mailQuotaCount,mailSizeMax
        by self read
        by dn.base="cn=mail,ou=appsrv,dc=ufv,dc=br" read

access to dn.one="ou=people,dc=ufv,dc=br"
        by self read
        by dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read
        by dn.base="cn=mail,ou=appsrv,dc=ufv,dc=br" read

access to dn.base="ou=people,dc=ufv,dc=br" attrs=entry
        by dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read
        by dn.base="cn=mail,ou=appsrv,dc=ufv,dc=br" read

################################################################################
# access definition for the root (ufv.br)
################################################################################

access to dn.base="dc=ufv,dc=br" attrs=entry
        by dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read
        by dn.base="cn=mail,ou=appsrv,dc=ufv,dc=br" read

See any problem ?

On Mon, Jan 14, 2013 at 2:09 PM, Ismail YENIGUL
<ismail.yeni...@surgate.com>wrote:

>
> >mailMessageStore: vlobo
> Also messagestore value must be a full path.  and directory owner must be
> ldapuid value.
>
>
>
> On 14.01.2013 18:05, Friedrich Locke wrote:
>
> Here you have it:
>
> ldapsearch -D cn=mail,ou=appsrv,dc=ufv,dc=br -b ou=people,dc=ufv,dc=br -h
> 127.0.0.1 -s subtree -W \(\|\(mail=vl...@gustav.cpd.ufv.br
> \)\(mailAlternateAddress=vl...@gustav.cpd.ufv.br\)\)
> Enter LDAP Password:
> # extended LDIF
> #
> # LDAPv3
> # base <ou=people,dc=ufv,dc=br> with scope subtree
> # filter: (|(mail=vl...@gustav.cpd.ufv.br)(mailAlternateAddress=
> vl...@gustav.cpd.ufv.br))
> # requesting: ALL
> #
>
> # vlobo, people, ufv.br
> dn: uid=vlobo,ou=people,dc=ufv,dc=br
> uid: vlobo
> objectClass: organizationalRole
> objectClass: posixAccount
> objectClass: qmailUser
> homeDirectory: /home/vlobo
> userPassword:: e1NBU0x9dmxvYm9AVUZWLkJS
> mail: valter.l...@gustav.cpd.ufv.br
> mailAlternateAddress: vl...@gustav.cpd.ufv.br
> mailHost: gustav.cpd.ufv.br
> mailMessageStore: vlobo
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
> sioux@gustav$
>
>  On Mon, Jan 14, 2013 at 1:58 PM, Carlos García Gómez <
> carlos.gar...@f-integra.org> wrote:
>
>>   It seems
>>
>> gustav# ../bin/qmail-ldaplookup -d 255 -m vl...@gustav.cpd.ufv.br
>> Searching ldap for: (|(mail=vl...@gustav.cpd.ufv.br
>> )(mailAlternateAddress=vl...@gustav.cpd.ufv.br)))
>> under dn: ou=people,dc=ufv,dc=br
>> qmail-ldaplookup: fatal: qldap_filter: unspecified error
>> gustav#
>>
>>  Try to do this query with this filter in your ldap client
>>
>> I think there are too many “)”
>>
>> Regards
>>
>> Carlos
>>  http://www.netcgg.es
>> Murcia-Spain
>>
>>  *From:* Friedrich Locke <friedrich.lo...@gmail.com>
>> *Sent:* Monday, January 14, 2013 4:52 PM
>> *To:* Ismail YENIGUL <ismail.yeni...@surgate.com>
>> *Cc:* qmail-ldap@qmail-ldap.org
>> *Subject:* Re: Just installed qmail+ldap: i am loosing my hairs
>>
>>   Did someone here already faced such problem ?
>> I am really needing help from the mailing list.
>>
>> Thanks.
>>
>> On Mon, Jan 14, 2013 at 1:28 PM, Ismail YENIGUL <
>> ismail.yeni...@surgate.com> wrote:
>>
>>> Hi,
>>>
>>> Do not use homeDirectory and mailMessageStore for the same user. I
>>> suggest you to  use mailMessageStore.
>>>
>>> homeDirectory: /home/vlobo
>>> mailMessageStore: vlobo
>>>
>>> Here is my working example:
>>>
>>> dn: uid=ism...@mydomain.com,ou=mydomain.com,o=mail,dc=surmail
>>> objectClass: top
>>> objectClass: person
>>> objectClass: inetOrgPerson
>>> objectClass: qmailUser
>>> uid: ism...@mydomain.com
>>> mail: ism...@mydomain.com
>>> givenName: ismail
>>> sn: test
>>> cn: ismail test
>>> userPassword::
>>> e1NTSEF9OThGbWhLWjFOWU1vekhkNG5PRFpzZXR4QUg1bFpHTmxaV1kzTURkag==
>>> mailHost: mail.mydomain.com
>>> mailQuotaSize: 1000000000
>>> mailQuotaCount: 1000
>>> accountStatus: active
>>> mailMessageStore: /mail/mydomain.com/ismail
>>>
>>>
>>>
>>> On 14.01.2013 17:17, Friedrich Locke wrote:
>>>
>>> Hi folks,
>>>
>>> I have just finnished installing my qmail-ldap system. I am trying to
>>> send me a local message, but no success so far.
>>>
>>> Here is what i am trying:
>>>
>>> sioux@gustav$ echo to: vlobo |
>>> /var/qmail/bin/qmail-inject
>>> sioux@gustav$
>>>
>>>
>>> Here is what i got from qmail-ldap logs:
>>>
>>> @4000000050f4201a17a0e594 new msg 1039956
>>> @4000000050f4201a17a0e97c info msg 1039956: bytes 220 from <
>>> si...@gustav.cpd.ufv.br> qp 4069 uid 1000
>>> @4000000050f4201a17a1761c starting delivery 21: msg 1039956 to local
>>> vl...@gustav.cpd.ufv.br
>>> @4000000050f4201a17a1df94 status: local 1/100 remote 0/400
>>> @4000000050f4201a17d130dc delivery 21: deferral:
>>> Temporary_failure_in_LDAP_lookup._(#4.4.3)./
>>> @4000000050f4201a17d1f814 status: local 0/100 remote 0/400
>>>
>>>
>>> Here is what i get from qmail-ldaplookup:
>>>
>>> gustav# ../bin/qmail-ldaplookup -d 255 -m vl...@gustav.cpd.ufv.br
>>> Searching ldap for: (|(mail=vl...@gustav.cpd.ufv.br
>>> )(mailAlternateAddress=vl...@gustav.cpd.ufv.br)))
>>> under dn: ou=people,dc=ufv,dc=br
>>> qmail-ldaplookup: fatal: qldap_filter: unspecified error
>>> gustav#
>>>
>>>
>>> And here is what i got from slapd log:
>>>
>>> 50f42010 ber_get_next on fd 14 failed errno=0 (Undefined error: 0)
>>> 50f42010 connection_read(14): input error=-2 id=1047, closing.
>>> 50f42010 connection_closing: readying conn=1047 sd=14 for close
>>> 50f42010 daemon: activity on 1 descriptor
>>> 50f42010 daemon: waked
>>> 50f42010 daemon: select: listen=5 active_threads=0 tvp=zero
>>> 50f42010 daemon: select: listen=6 active_threads=0 tvp=zero
>>> 50f42010 daemon: select: listen=7 active_threads=0 tvp=zero
>>> 50f42010 daemon: select: listen=8 active_threads=0 tvp=zero
>>> 50f42010 daemon: select: listen=9 active_threads=0 tvp=zero
>>> 50f42010 connection_close: deferring conn=1047 sd=14
>>> 50f42010 conn=1047 op=1 do_unbind
>>> 50f42010 conn=1047 op=1 UNBIND
>>> 50f42010 connection_resched: attempting closing conn=1047 sd=14
>>> 50f42010 connection_close: conn=1047 sd=14
>>> 50f42010 daemon: removing 14
>>> 50f42010 conn=1047 fd=14 closed
>>>
>>> But when i try by hand:
>>>
>>> sioux@gustav$ ldapsearch -D cn=mail,ou=appsrv,dc=ufv,dc=br -b
>>> ou=people,dc=ufv,dc=br -h localhost -W \(\|\(mail=
>>> vl...@gustav.cpd.ufv.br\)\(mailAlternateAddress=vl...@gustav.cpd.ufv.br
>>> \)\)
>>> Enter LDAP Password:
>>> # extended LDIF
>>> #
>>> # LDAPv3
>>> # base <ou=people,dc=ufv,dc=br> with scope subtree
>>> # filter: (|(mail=vl...@gustav.cpd.ufv.br)(mailAlternateAddress=
>>> vl...@gustav.cpd.ufv.br))
>>> # requesting: ALL
>>> #
>>>
>>> # vlobo, people, ufv.br
>>> dn: uid=vlobo,ou=people,dc=ufv,dc=br
>>> uid: vlobo
>>> objectClass: organizationalRole
>>> objectClass: posixAccount
>>> objectClass: qmailUser
>>> homeDirectory: /home/vlobo
>>> userPassword:: e1NBU0x9dmxvYm9AVUZWLkJS
>>> mail: valter.l...@gustav.cpd.ufv.br
>>> mailAlternateAddress: vl...@gustav.cpd.ufv.br
>>> mailHost: gustav.cpd.ufv.br
>>> mailMessageStore: vlobo
>>>
>>> # search result
>>> search: 2
>>> result: 0 Success
>>>
>>> # numResponses: 2
>>> # numEntries: 1
>>> sioux@gustav$
>>>
>>>
>>> Everything works. What am i doing wrong ?
>>>
>>>
>>>
>>
>
>
>

Re: Just installed qmail+ldap: i am loosing my hairs

Reply via email to