Oh.. now I remember..
there was a problem with LDAPv2 and LDAPv3.. Ithink its trying to
connect with LDAPv2 protocol..
check your ldap server for allow_v2 ore something like that.
Thx a lot!
That was the problem.
I've change my openldap slap.conf by adding the following:
allow bind_v2
But I'm wondering, because my current imap-proxy (perdition1.1 on a RHAS2.1) has no
problems with the ldap-version.
???
Klemens
Nore Eriksson schrieb:
Oh.. now I remember..
there was a problem with LDAPv2 and LDAPv3.. Ithink its trying to
connect with LDAPv2 protocol..
check your ldap server for allow_v2 ore something like that.
>
> /Regards Nore
>
> On Thu, 2008-06-19 at 14:55 +0200, Klemens Puritscher wrote:
> > > > it looks like you have some SSL enabled? and it cannot found the
> > > > certicicate files.
> > >
> > > The configfile from the RPM should have the following SSL config
> options:
> > >
> > >
> > > ssl_ca_file /etc/pki/tls/certs/ca-bundle.crt
> > > ssl_ca_path /etc/pki/tls/certs/
> > > ssl_cert_file /etc/pki/perdition/perdition.pem
> > > ssl_key_file /etc/pki/perdition/perdition.pem
> > > ssl_no_cert_verify
> > >
> > > Somehow I guess the config has been changed so perdition looks in
> the
> > > wrong place for the certs now.
> >
> > Thx for your reply, but the main problem is not the SSL problem.
> >
> > I've disabled all SSL options.
> >
> > After that, I'm looking in the maillog:
> >
> > Jun 19 16:45:39 lbmfim05 perdition[11657]: version=1.17.1,
> add_domain="", authenticate_in=off, bind_address="",
capability="UIDL
> USER", client_server_specification=off,
> config_file="/etc/perdition/perdition.conf", connection_limit=0,
> connection_logging=off, connect_relog=300, debug=on,
> domain_delimiter="@", explicit_domain="",
group="nobody", inetd_mode=off,
> listen_port="110", log_facility="mail", login_disabled=off,
> lower_case="", map_library="/usr/lib/libperditiondb_ldap.so.0",
> map_library_opt="ldap://my-openldap.server/dc=.?uid,
> mailHost?sub?(uid=%s)", no_bind_banner=off, no_daemon=off, no_lookup=off,
> nodename="lbmfim05", ok_line="You are so in",
outgoing_port="110",
> outgoing_server="", pid_file="/var/run/perdition/perdition.pop3",
> protocol="POP3", server_resp_line=off, strip_domain="",
timeout=120,
> username="nobody", username_from_database=off, query_key="",
quiet=off,
> ssl_mode="", ssl_ca_file="",
ssl_ca_path="/etc/perdition/perdition.ca/",
> ssl_ca_accept_self_signed="off", ssl_cert_file="/etc/perd
> > Jun 19 16:45:39 lbmfim05 perdition[11657]: vanessa_socket_daemon_setid:
> uid=99 euid=99 gid=99 egid=99
> > Jun 19 16:46:01 lbmfim05 perdition[11662]: Connect: 127.0.0.1->127.0.0.
> 1
> > Jun 19 16:46:08 lbmfim05 perdition[11662]: username_add_domain:
> username_add_domain 0 1 0x8a625dc
> > Jun 19 16:46:08 lbmfim05 perdition[11662]: dbserver_get: ldap_bind_s:
> Protocol error
> > Jun 19 16:46:08 lbmfim05 perdition[11662]: getserver: do_dbserver_get
Jun 19
16:46:11 lbmfim05 perdition[11662]: Auth: 127.0.0.1->127.0.0.1
user="puri_at__test" server="(null)" port="110"
status="failed: Could
not determine server"
Jun 19 16:46:12 lbmfim05 perdition[11662]:
Closing NULL session: 127.0.
0.1->127.0.0.1 username=(null)
The problem is the same: "dbserver_get: ldap_bind_s: Protocol error"
any ideas?
Klemens
Simon Matter schrieb:
> > Hi.
> >
> > it looks like you have some SSL enabled? and it cannot found the
> > certicicate files.
>
> The configfile from the RPM should have the following SSL config
options:
>
>
> ssl_ca_file /etc/pki/tls/certs/ca-bundle.crt
> ssl_ca_path /etc/pki/tls/certs/
> ssl_cert_file /etc/pki/perdition/perdition.pem
> ssl_key_file /etc/pki/perdition/perdition.pem
> ssl_no_cert_verify
>
> Somehow I guess the config has been changed so perdition looks in
the
> wrong place for the certs now.
>
> Simon
>
> >
> > my config looks like this:
> >
> > $ cat /etc/perdition/perdition.conf
> > map_library "/usr/lib/libperditiondb_ldap.so.0"
> > map_library_opt
> > "ldap://ldap-server.
local/o=Internet?mailLocalAddress?sub?(mail=%25s)"
> > username_from_database
> >
> >
> > //Regards Nore
> >
> > On Thu, 2008-06-19 at 13:07 +0200, Klemens Puritscher wrote:
> >> Hello,
> >>
> >> I've a problem with perdition setup.
> >>
> >> I've set up it on a standard CentOS5 with the src-rpms from Simon
> >> Matter. (
http://www.invoca.ch/pub/packages/perdition/)
> >>
> >> My Config:
> >>
> >> /etc/perdition/perdition.conf:
> >> M /usr/lib/libperditiondb_ldap.so.0
> >> m ldap://my-openldap.server/dc=.?uid,mailHost?sub?(uid=%s)
> >> t 120
> >> U
> >>
> >> /etc/sysconfig/perdition:
> >> POP3=yes
> >> POP3_FLAGS="--debug"
> >> IMAP4=yes
> >> IMAP4_FLAGS=
> >>
> >> Then I start the perdition and make a connect on port 110.
> >>
> >> After the POP3 PASS Command, I get "-ERR Could not determine
server"
> >>
> >> In the maillog i see the following:
> >>
> >> Jun 19 14:56:26 lbmfim05 perdition[11320]: version=1.17.1,
> >> add_domain="", authenticate_in=off, bind_address="",
capability="UIDL
> >> USER",
client_server_specification=off,
> >> config_file="/etc/perdition/perdition.conf", connection_limit=0,
> >> connection_logging=off, connect_relog=300, debug=on,
> >> domain_delimiter="@", explicit_domain="",
group="nobody",
> >> inetd_mode=off, listen_port="110",
log_facility="mail",
> >> login_disabled=off, lower_case="",
> >> map_library="/usr/lib/libperditiondb_ldap.so.0",
> >> map_library_opt="ldap://my-openldap.server/dc=.?uid,
> mailHost?sub?(uid=%s)",
> >> no_bind_banner=off, no_daemon=off, no_lookup=off,
nodename="lbmfim05",
>
> >> ok_line="You are so in", outgoing_port="110",
outgoing_server="",
> >> pid_file="/var/run/perdition/perdition.pop3",
protocol="POP3",
> >> server_resp_line=off, strip_domain="", timeout=120,
username="nobody",
>
> >> username_from_database=off, query_key="", quiet=off,
ssl_mode="",
> >> ssl_ca_file="",
ssl_ca_path="/etc/perdition/perdition.ca/",
> >> ssl_ca_accept_self_signed="off"
> >> , ssl_cert_file="/etc/perd
> >> Jun 19 14:56:26 lbmfim05 perdition[11320]:
> vanessa_socket_daemon_setid:
> >> uid=99 euid=99 gid=99 egid=99
> >> Jun 19 14:56:26 lbmfim05 perdition[11324]: Error loading
certificate
> >> chain file
"/etc/perdition/perdition.crt.pem"
> >> Jun 19 14:56:26 lbmfim05 perdition[11324]: Fatal error
establishing
> SSL
> >> context for listening
> >> Jun 19 14:56:26 lbmfim05 perdition[11328]: version=1.17.1,
> >> add_domain="", authenticate_in=off, bind_address="",
> capability="IMAP4
> >> IMAP4REV1", client_server_specification=off,
> >> config_file="/etc/perdition/perdition.conf", connection_limit=0,
> >> connection_logging=off, connect_relog=300, debug=off,
> >> domain_delimiter="@", explicit_domain="",
group="nobody",
> >> inetd_mode=off, listen_port="143",
log_facility="mail",
> >> login_disabled=off, lower_case="",
> >> map_library="/usr/lib/libperditiondb_ldap.so.0",
> >> map_library_opt="ldap://my-openldap.server/dc=.?uid,
> mailHost?sub?(uid=%s)",
> >> no_bind_banner=off, no_daemon=off, no_lookup=off,
nodename="lbmfim05",
>
> >> ok_line="You are so in", outgoing_port="143",
outgoing_server="",
> >> pid_file="/var/run/perdition/perdition.imap4",
protocol="IMAP4",
> >> server_resp_line=off, strip_domain="", timeout=120,
username="nobody",
>
> >> username_from_database=off, query_key="", quiet=off,
ssl_mode="",
> >> ssl_ca_file="",
ssl_ca_path="/etc/perdition/perdition.ca/",
> >> ssl_ca_accept_self_sign
> >> ed="off", ssl_cert_file="/
> >> Jun 19 14:56:26 lbmfim05 perdition[11332]: Error loading
certificate
> >> chain file
"/etc/perdition/perdition.crt.pem"
> >> Jun 19 14:56:26 lbmfim05 perdition[11332]: Fatal error
establishing
> SSL
> >> context for listening
> >> Jun 19 14:56:29 lbmfim05 perdition[11335]: Connect: 127.0.0.1->
127.0.
> 0.1
> >> Jun 19 14:56:37 lbmfim05 perdition[11335]: username_add_domain:
> >> username_add_domain 0 1 0xa04b5d4
> >> Jun 19 14:56:37 lbmfim05 perdition[11335]: dbserver_get:
ldap_bind_s:
> >> Protocol error
> >> Jun 19 14:56:37 lbmfim05 perdition[11335]: getserver:
do_dbserver_get
> >> Jun 19 14:56:40 lbmfim05
perdition[11335]: Auth: 127.0.0.1->127.0.
0.1
> >> user="puri_at__test"
server="(null)" port="110" status="failed:
Could
> > >> not determine server"
> > >> Jun 19 14:56:41 lbmfim05 perdition[11335]: Closing NULL session: