ldaps query
in [Postfix]
|
Prev: postfix 2.3.x vs postfix 2.6 stable
Next: Block BCC
From: "Roland de Lepper" on 11 Oct 2009 07:11 Dear all, I've configured Postfix to contact an MS 2008ADS when a mail arrives to check if the recipient is known. In my log, I'll get the following message: Oct 11 12:52:28 euzarafa postfix/smtpd[19209]: warning: dict_ldap_open: URL scheme ldaps requires protocol version 3 Oct 11 12:52:28 euzarafa postfix/smtpd[19209]: warning: dict_ldap_open: URL scheme ldaps requires protocol version 3 Oct 11 12:52:28 euzarafa postfix/smtpd[19209]: connect from eumailscan.cvislabs.eu[192.168.125.98] Oct 11 12:52:28 euzarafa postfix/trivial-rewrite[19211]: warning: dict_ldap_open: URL scheme ldaps requires protocol version 3 Oct 11 12:52:28 euzarafa postfix/cleanup[19212]: warning: dict_ldap_open: URL scheme ldaps requires protocol version 3 Oct 11 12:52:28 euzarafa postfix/smtpd[19209]: 8B3EE708001: client=eumailscan.cvislabs.eu[192.168.125.98] Oct 11 12:52:28 euzarafa postfix/cleanup[19212]: 8B3EE708001: message-id=<20091011105225.429E72307E1(a)eumailscan.cvislabs.eu> Oct 11 12:52:28 euzarafa postfix/smtpd[19209]: disconnect from eumailscan.cvislabs.eu[192.168.125.98] Oct 11 12:52:28 euzarafa postfix/qmgr[18862]: 8B3EE708001: from=<root(a)cvislabs.eu>, size=3801, nrcpt=1 (queue active) Oct 11 12:52:29 euzarafa postfix/lmtp[19213]: 8B3EE708001: to=<eumailscan(a)cvislabs.eu>, orig_to=<root(a)cvislabs.eu>, relay=127.0.0.1[127.0.0.1]:2003, delay=0.64, delays=0.22/0.02/0.05/0.35, dsn=2.1.5, status=sent (250 2.1.5 eumailscan(a)cvislabs.eu Ok) Oct 11 12:52:29 euzarafa postfix/qmgr[18862]: 8B3EE708001: removed The mail will be delivered, but it's an annoying message in my logs. When query a user via postmap, i'll this as result: postmap: warning: dict_ldap_open: URL scheme ldaps requires protocol version 3 What does this mean and how to solve? Kind regards, Roland de Lepper
From: Bastian Blank on 11 Oct 2009 09:15 On Sun, Oct 11, 2009 at 01:11:12PM +0200, Roland de Lepper wrote: > When query a user via postmap, i'll this as result: > postmap: warning: dict_ldap_open: URL scheme ldaps requires protocol > version 3 > What does this mean and how to solve? Which part do you fail to understand? ldaps should be know, you've written it into the config file. And the relation A => B should be nothing uncommon. Version 3 is something a LDAP admin have to know. The whole thing is documented in ldap_table in the "LDAP SSL AND STARTTLS PARAMETERS" section. Bastian -- Men will always be men -- no matter where they are. -- Harry Mudd, "Mudd's Women", stardate 1329.8
From: "Roland de Lepper" on 11 Oct 2009 13:50 Hi Bastian, Thanks for the reply. I've read the man page and the documentation. MS ADS 2008R2 using another LDAP version probably, because parameter 'version = 3' doesn't solve my problem with the postmap search. Without using LDAPS, so LDAP, I don't get this warning. I've searched the internet for similar problems, but couldn't find any solution for my particular problem. regards, Roland > On Sun, Oct 11, 2009 at 01:11:12PM +0200, Roland de Lepper wrote: >> When query a user via postmap, i'll this as result: >> postmap: warning: dict_ldap_open: URL scheme ldaps requires protocol >> version 3 >> What does this mean and how to solve? > > Which part do you fail to understand? ldaps should be know, you've > written it into the config file. And the relation A => B should be > nothing uncommon. Version 3 is something a LDAP admin have to know. > > The whole thing is documented in ldap_table in the "LDAP SSL AND > STARTTLS PARAMETERS" section. > > Bastian > > -- > Men will always be men -- no matter where they are. > -- Harry Mudd, "Mudd's Women", stardate 1329.8 >
From: Wietse Venema on 11 Oct 2009 14:10 Roland de Lepper: > Hi Bastian, > > Thanks for the reply. > > I've read the man page and the documentation. MS ADS 2008R2 using another > LDAP version probably, because parameter 'version = 3' doesn't solve my > problem with the postmap search. The error message: postmap: warning: dict_ldap_open: URL scheme ldaps requires protocol version 3 Means that the POSTMAP command did not find "version = 3" in main.cf. How many main.cf files exist on your machine? find / -name main.cf -ls This may show up some surprises. Wietse
From: "Roland de Lepper" on 11 Oct 2009 15:26
Hi Wietse, I only have one (1) main.cf file in /etc/postfix. [root(a)euzarafa postfix]# find / -name main.cf -ls 5079460 32 -rw-r--r-- 1 root root 28178 Oct 11 19:45 /etc/postfix/main.cf [root(a)euzarafa postfix]# Indeed, that's what I've read in the man page to use 'version = 3' parameter. Here is a short copy of my main.cf file: zarafa_destination_recipient_limit = 1 ##virtual_transport = zarafa: virtual_transport = lmtp:127.0.0.1:2003 # virtual_mailbox_domains = cvislabs.eu # virtual_mailbox_maps = ldap:ldap-users ldap-users_server_host = ldaps://eumicrosoft.cvislabs.eu:636 ##ldap-users_server_host = ldap://eumicrosoft.cvislabs.eu tls_ca_cert_file = /etc/ssl/certs/eumicrosoft.pem ldap-users_bind_dn = cn=roland,ou=Zarafa,dc=cvislabs,dc=eu ldap-users_bind_pw = XXXXXX ldap-users_search_base = ou=Zarafa,dc=cvislabs,dc=eu version = 3 ldap-users_scope = sub ldap-users_query_filter = (mail=%s) ldap-users_result_attribute = sAMAccountName # virtual_alias_maps = ldap:ldap_virtual_alias ldap_virtual_alias_server_host = ldaps://eumicrosoft.cvislabs.eu:636 ##ldap_virtual_alias_server_host = ldap://eumicrosoft.cvislabs.eu tls_ca_cert_file = /etc/ssl/certs/eumicrosoft.pem ldap_virtual_alias_bind_dn = cn=roland,ou=Zarafa,dc=cvislabs,dc=eu ldap_virtual_alias_bind_pw = XXXXXX ldap_virtual_alias_search_base = ou=Zarafa,dc=cvislabs,dc=eu version = 3 ldap_virtual_alias_scope = sub ldap_virtual_alias_query_filter = (otherMailbox=%s) ldap_virtual_alias_result_attribute = mail [root(a)euzarafa postfix]# Regards, Roland > Roland de Lepper: >> Hi Bastian, >> >> Thanks for the reply. >> >> I've read the man page and the documentation. MS ADS 2008R2 using >> another >> LDAP version probably, because parameter 'version = 3' doesn't solve my >> problem with the postmap search. > > The error message: > > postmap: warning: dict_ldap_open: URL scheme ldaps requires > protocol version 3 > > Means that the POSTMAP command did not find "version = 3" in main.cf. > > How many main.cf files exist on your machine? > > find / -name main.cf -ls > > This may show up some surprises. > > Wietse > |