I am sorry, I just got caught up in something else and forgot to add version #s. Please forgive me. Believe it or not I don't even believe that pam_ldap is installed. nss_ldap is 205 and openldap version 2.0.27, running on solaris 9. I am currently arguing with a senior admin ( I am a lvl I) that does not believe that it is a ldap issue, but a perl issue. I do relize that the openldap version that I am running is an older one, and upgrading it right now would not be as easy as one would think. I will get pam_ldap installed once the other admin finishes a perl upgrade. Thanks for your help. --Keith
On Tue, 3 Jun 2003, Tony Earnshaw wrote: Date: Tue, 03 Jun 2003 11:10:21 +0200 From: Tony Earnshaw <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: [SAtalk] Spamassassin and LDAP Keith Olmstead wrote: > Trying to get SA working with LDAP users. I know this can work, but I am running > into problems. I create a user local on the box and it filters fine, but when I try > to filter a user that is in LDAP it is not working. I changed the shell to a valid > shell, and it seems that it is picking up the UID correctly but it is not filtering. > >>From what it looks like it my LDAP user is does not have permission to execute >>spamc. What my log shows is: > procmail: [3305] Mon Jun 2 13:23:57 2003 > procmail: Executing "/usr/local/bin/spamc" > > over and over. > > my .procmailrc file is owned by the user with 740 permissions with a group of the > group that the user is in. > > I know that ppl have gotten LDAP working with SA, I think that I am missing one > thing, and I have been trying to get this working for months now. I can't comment on SA and LDAP: I have site-wide SA filtering both with SA-Exim 4.20/3.0 and Postfix 2.0.10/amavisd-new. However, Openldap 2.1.19 is the basis for all my users - and for just about everything else on my own machine - including the above mentioned MTAs. In principle, there is absolutely no difference between an ldap-based and a Unix/Posix-based user. I keep all my stuff as up to date as possible - nss_ldap, f.ex., is 203.6. It could well be that your ldap stuff is old, that your nss_ldap is not correctly configured (etc/ldap.conf & nsswitch.conf), it could be many things. I'd check these before anything else. What happens when you do 'id <user>' or 'getent passwd <user>'? Does an su or a login for that user occur normally? (i.e., is pam configured correctly?) Tony -- ------------------------------------------------------- This SF.net email is sponsored by: eBay Get office equipment for less on eBay! http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk