服务器 Gind.cn
  1. 服务器 Gind.cn
  3. Debian Cyrus SASL LDAP Auth失败
Intereting Posts
我怎样才能等待从batch file在Windows 7的卸载面板closures? SQL Server Windows身份validationlogin看到域不可信 什么守护进程应该或可以禁用Linux虚拟机,特别是硬件相关的? 跨VM迁移 同步AD和Exchange用户 我如何使用mod_proxy让Apache为特定的URL使用自定义端口? 删除Active Directory服务器不再在域上运行 需要非常高密度的PC /机架 tcpdump dns输出代码 如何在ubuntu接口configuration文件中填写networking线? IP转发服务器(或其他解决scheme) 将Cygwin安装从一台计算机复制到另一台? 适用于ESXi的vSphere的免费替代品(如果存在) 新的虚拟化Windows服务器与4个分区 Docker多个卷驱动程序

Debian Cyrus SASL LDAP Auth失败

我正在从一台服务器的紧急服务器传输中,我没有设置到一个新的硬件。 我正在用Postfix和Cyrus运行最新的Debian。 我已经从conf文件复制了大部分的细节,但是我仍然无法让服务器正常使用我的LDAP服务器。 我能够发送邮件与Postfix,但我不能检查任何东西似乎没有工作login。 我的validation日志显示: 

May 28 14:48:55 server saslauthd[1101]: Authentication failed for user: Bind to ldap server failed (invalid user/password or insufficient access) (-7) May 28 14:48:55 server saslauthd[1101]: do_auth : auth failure: [user=user] [service=imap] [realm=] [mech=ldap] [reason=Unknown]

我很难过!

saslauthd.conf 

 ldap_bind_dn: cn=admin,dc=server,dc=host,dc=com ldap_password: secret ldap_servers: ldap://ldap.server.host.com ldap_search_base: dc=server,dc=host,dc=com ldap_auth_method: fastbind ldap_filter: uid=%u,ou=People,dc=server,dc=host,dc=com ldap_tls_cacert_file: /etc/ldap/ssl/server.pem ldap_tls_cert: /etc/ldap/ssl/server.pem

main.cf 

 smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no append_dot_mydomain = no readme_directory = no myhostname = hostname alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = hostname, mail.hostname, mailer. hostname, hostname, localhost.name, localhost relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all mailbox_transport = lmtp:unix:/var/run/cyrus/socket/lmtp mime_header_checks = regexp:/etc/postfix/mime_header_checks.regexp local_destination_recipient_limit = 300 local_destination_concurrency_limit = 5 local_recipient_maps = # SASL Auth Settings smtpd_sasl_local_domain = $myhostname smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_sender_access hash:/etc/postfix/sender_access, reject_rbl_client sbl-xbl.spamhaus.org # TLS Information smtpd_use_tls = yes smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/postfix/ssl/postfix.pem smtpd_tls_key_file = $smtpd_tls_cert_file #smtpd_tls_key_file = /etc/postfix/ssl/postfix.pem #smtpd_tls_CAfile = /etc/ssl/self/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = no smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom message_size_limit = 104857600

在saslauthd.conf中尝试更新如下(使用匿名绑定): 

 ldap_servers: ldap://ldap.server.host.com:389 ldap_search_base: ou=People,dc=server,dc=host,dc=com ldap_filter: (uid=%u)

CentOS 7还有这两个configuration文件:

cat /etc/saslauthd.conf 

 ldap_servers: ldap://5.135.218.160:389 ldap_search_base: ou=People,dc=pb,dc=com ldap_filter: (&(uid=%u)(zarafaAccount=1))

cat /etc/sasl2/smtpd.conf 

 pwcheck_method: saslauthd mech_list: plain login

Debian的位置可能有所不同。 用testingconfiguration 

 testsaslauthd -u user1 -p mypassword -s smtp

不知道下面的错误消息意味着什么,但我应该是[服务= smtp]:

5月28日14:48:55服务器saslauthd [1101]:do_auth:auth失败:[user = user] [service = imap] [realm =] [mech = ldap] [reason =未知]