Re: 2.1.23 w/ StartTLS not authenticating Courier-IMAP

[Tony Earnshaw <tonye@billy.demon.nl>]

fre, 02.01.2004 kl. 12.47 skrev Adam:

> I'll compare your debug and setup to mine tonight, but to let you know of a couple of 
> things:
> 
> Postfix is working fine. I can receive emails and they are deposited in each user's 
> Maildir as intended. Postfix also uses the LDAP directory over tcp/389 (I believe even 
> StartTLS, although it could be unencrypted right now).
> 
> Here are my debug logs re-done in level 256 upon an attempted connection under the same 
> circumstances as before (Warning, there's a whole bunch):

Looks o.k. to me. You get a bunch of nentries=1:

> Jan  2 11:41:43 new slapd[5967]: conn=1 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text=

which means that the record's being found by the search filter. And the
results look like mine - you're also using Posix account users.

Looks like a Courier thing from now on. I'll just give you the following
lines from my /usr/lib/courier-imap/etc/authldaprc, then you'll have to
take it to the Courier list if this doesn't work:
________________________________________________________________________

##NAME: LDAP_BINDDN:0
#
# You may or may not need to specify the following.  Because you've got
# a password here, authldaprc should not be world-readable!!!
 
LDAP_BINDDN             cn=admin,dc=billy,dc=demon,dc=nl
LDAP_BINDPW             adminpassword
_________________________________________________________________________

admin is my proxy user (f.ex. the one I use for rootbinddn in
/etc/ldap.conf, with password in ldap.secret) and has read/write
permission for the whole DIT, where mortal users do not.

Perms on authldaprc are 600, owner root:root.

--Tonni

-- 
mail: billy - at - billy.demon.nl
http://www.billy.demon.nl