[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problem with Exim and OpenLDAP

To: <openldap-software@OpenLDAP.org>
Subject: Problem with Exim and OpenLDAP
From: Keith Matthews <keith_m@sweeney.demon.co.uk>
Date: Tue, 18 Feb 2003 20:33:33 +0000
Organization: Frequentous Consultants Ltd

I'm having an interesting time getting exim to verify it's accounts
through Openldap.

I've got it to talk to ldap OK, but some accounts are getting error
responses which are causing exim to defer mail delivery. I suspect a
data problem but have little idea where. Someone else set up the
directory and loaded the data.

Detail

OpenLDAP 2.0.27 on RH 8.0. exim 4.12 compiled on the same box.

14 accounts present, 6 behave OK the rest get failure messages (if it
matters exim uses the URL format interface). I'm asking for one
attribute which all entries have. The data is being used for PAM login
control without problem.

ldapsearch reveals nothing obviously different between the various
entries and reports no errors. There are several different groupings of
attribute values other than name/uid but they do not correspond to the
fail/OK grouping through exim.

Running with trace shows that final messages to the log file being of
the type "conn=0 op=1 SEARCH RESULT tag=101 err=4 text="  for the
failing accounts.

A run with loglevel = -1 gave the last few lines of

Feb 18 16:45:38 offley slapd[447]: <= test_filter 6
Feb 18 16:45:38 offley slapd[447]: <= test_filter_and 6
Feb 18 16:45:38 offley slapd[447]: <= test_filter 6
Feb 18 16:45:38 offley slapd[447]: ====> cache_return_entry_r( 2831 ):
created (0)
Feb 18 16:45:38 offley slapd[447]: send_ldap_search_result 4::
Feb 18 16:45:38 offley slapd[447]: send_ldap_response: msgid=2 tag=101
err=4
Feb 18 16:45:38 offley slapd[447]: conn=0 op=1 SEARCH RESULT tag=101
err=4 text=

Some digging in the code suggests that the error code is
LDAP_SIZELIMIT_EXCEEDED being reported from send_search_result, but
other messages that I would have expected to support this are missing
from the logs and I cannot see any reason why the 8 entries would fail
when the others work OK. The sizelimit in slapd.conf is 5000, changing
to 6000 makes no difference (yes I did stop and restart after the change).

Can anyone suggest a plan of attack to narrow this down further.

Follow-Ups:
- Re: Problem with Exim and OpenLDAP
  - From: Tony Earnshaw <tonni@billy.demon.nl>

Prev by Date: Re: LDAP and DNS
Next by Date: multi subtree replication
Index(es):
- Chronological
- Thread