Re: [Dovecot] dovecot + ldap tls
On Wed, 2007-05-23 at 13:58 +0300, Timo Sirainen wrote: > > dovecot: May 22 15:48:31 Error: auth(default): LDAP: ldap_start_tls_s() > > failed: Can't contact LDAP server > > Does it manage to get a TCP connection at all (check with eg. tcpdump), > or is the error message just bad? I checked OpenLDAP's sources to see if there's any way to get usable error messages. Looks like the only way is to compile it with debugging enabled. Then it'll log everything to stderr. signature.asc Description: This is a digitally signed message part
Re: [Dovecot] dovecot + ldap tls
On Tue, 2007-05-22 at 18:54 +, aza zel wrote: > hi... > i trying to have a secure conetion between dovecot and directory server, but > i cant do it. The documentation are so poor ( > http://wiki.dovecot.org/AuthDatabase/LDAP) As it says there: "FIXME: I'm not sure how the actual TLS configuration (certificates etc.) can be done." Once you get it working feel free to update the information. :) > dovecot: May 22 15:48:31 Error: auth(default): LDAP: ldap_start_tls_s() > failed: Can't contact LDAP server Does it manage to get a TCP connection at all (check with eg. tcpdump), or is the error message just bad? signature.asc Description: This is a digitally signed message part
[Dovecot] dovecot + ldap tls
hi... i trying to have a secure conetion between dovecot and directory server, but i cant do it. The documentation are so poor ( http://wiki.dovecot.org/AuthDatabase/LDAP) these are my configurations files: (pre: i have a directory server accepting secure conections (port 389 via TLS and port 636 via SSL). File "/opt/csw/etc/dovecot-ldap.conf": hosts=100.0.4.98 dn = cn=bindmailusers,cn=mailusers,dc=prueba,dc=uy dnpass =passbindmailUsers tls = yes ldap_version = 3 base= cn=mailUsers,dc=prueba,dc=uy deref = never scope = subtree user_attrs = uidnumber=uidnumber, gidnumber=gidnumber,homedirectory=homedirectory, mailbox=mailbox user_filter = (&(objectClass=mailaccount)(uid=%u)(disableimap=FALSE)) pass_attrs = uid=uid,userpassword=password pass_filter= (&(objectClass=mailaccount)(uid=%u)(disableimap=FALSE)) default_pass_scheme = CRYPT user_global_uid =12356 user_global_gid =12356 File "/opt/csw/etc/openldap/ldap.conf" (openldap client): TLS_REQCERT allow host100.0.4.98 TLS_CACERT /opt/csw/etc/postfix/ldap-cert/cacert.pem these are my log file: # tail dovecot-log.log : : dovecot: May 22 15:48:31 Error: auth(default): LDAP: ldap_start_tls_s() failed: Can't contact LDAP server any suggest :( -- Salu2 ;)
