Courier IMAP POP + LDAP (probleme authentification)

Ce forum traite des autres distributions spécialisées, notamment les distributions sécurisées comme ASTARO ou COYOTE LINUX.

Modérateur: modos Ixus

Courier IMAP POP + LDAP (probleme authentification)

Messagepar angelus99 » 16 Juin 2004 15:11

Bonjour a tous,

J'essais de configurer courier-pop avec LDAP, et j'avoue que j'ai beaucoup de mal.
Donc je vous envois mes logs et ma config en esperant que vous pourrez me filer un coup de pouce


logs :

Jun 16 14:30:15 srvlinux authdaemond.ldap: authlib: refuse to authenticate bruno: uid=0, gid=0


Logs de ldap :

Jun 16 14:30:15 srvlinux slapd[13674]: conn=74 fd=16 ACCEPT from IP=127.0.0.1:34420 (IP=0.0.0.0:389)
Jun 16 14:30:15 srvlinux slapd[13674]: conn=74 op=0 BIND dn="cn=root,dc=brb,dc=lan" method=128
Jun 16 14:30:15 srvlinux slapd[13674]: conn=74 op=0 BIND dn="cn=root,dc=brb,dc=lan" mech=simple ssf=0
Jun 16 14:30:15 srvlinux slapd[13674]: conn=74 op=0 RESULT tag=97 err=0 text=
Jun 16 14:30:15 srvlinux slapd[13674]: conn=74 op=1 SRCH base="dc=brb,dc=lan" scope=2 filter="(mail=bruno@brb.dyndns.org)"
Jun 16 14:30:15 srvlinux slapd[13674]: conn=74 op=1 SRCH attr=homeDirectory mailMessageStore cn clearPassword userPassword mail
Jun 16 14:30:15 srvlinux slapd[13674]: conn=74 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=


Fichier /etc/courier/authldaprc :

LDAP_SERVER 127.0.0.1
LDAP_PORT 389

LDAP_BASEDN dc=brb,dc=lan

LDAP_BINDDN cn=root,dc=brb,dc=lan
LDAP_BINDPW 1234
LDAP_TIMEOUT 5

LDAP_AUTHBIND 0
LDAP_MAIL mail
LDAP_DOMAIN brb.dyndns.org
LDAP_HOMEDIR mailMessageStore
LDAP_MAILDIR mailMessageStore
LDAP_DEFAULTDELIVERY defaultDelivery
LDAP_FULLNAME cn
LDAP_CLEARPW clearPassword
LDAP_CRYPTPW userPassword
LDAP_DEREF never
LDAP_TLS 0


Fichier /etc/openldap/slapd.conf :

# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.6 2001/04/20 23:32:43 kurt Exp
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
# Modified by Christian Zoffoli <czoffoli@linux-mandrake.com>
# Version 0.2
#
include /usr/share/openldap/schema/core.schema
include /usr/share/openldap/schema/cosine.schema
include /usr/share/openldap/schema/corba.schema
include /usr/share/openldap/schema/inetorgperson.schema
include /usr/share/openldap/schema/java.schema
include /usr/share/openldap/schema/krb5-kdc.schema
include /usr/share/openldap/schema/kerberosobject.schema
include /usr/share/openldap/schema/misc.schema
include /usr/share/openldap/schema/nis.schema
include /usr/share/openldap/schema/openldap.schema
include /usr/share/openldap/schema/autofs.schema
include /usr/share/openldap/schema/samba.schema
include /usr/share/openldap/schema/kolab.schema
#include /usr/share/openldap/schema/rfc822-MailMember.schema
#include /usr/share/openldap/schema/pilot.schema
include /usr/share/openldap/schema/qmail.schema
#include /usr/share/openldap/schema/mull.schema
#include /usr/share/openldap/schema/netscape-profile.schema
#include /usr/share/openldap/schema/trust.schema
#include /usr/share/openldap/schema/dns.schema
#include /usr/share/openldap/schema/cron.schema
include /etc/openldap/schema/local.schema
# Define global ACLs to disable default read access.
include /etc/openldap/slapd.access.conf
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /var/run/ldap/slapd.pid
argsfile /var/run/ldap/slapd.args
modulepath /usr/lib/openldap
#moduleload back_dnssrv.la
#moduleload back_ldap.la
#moduleload back_meta.la
#moduleload back_monitor.la
#moduleload back_passwd.la
#moduleload back_sql.la
# SASL config
#sasl-host ldap.example.com
# To allow TLS-enabled connections, create /etc/ssl/openldap/ldap.pem
# and uncomment the following lines.
#TLSRandFile /dev/random
#TLSCipherSuite HIGH:MEDIUM:+SSLv2
TLSCertificateFile /etc/ssl/openldap/ldap.pem
TLSCertificateKeyFile /etc/ssl/openldap/ldap.pem
#TLSCACertificatePath /etc/ssl/openldap/
#TLSCACertificateFile /etc/ssl/cacert.pem
TLSCACertificateFile /etc/ssl/openldap/ldap.pem
#TLSVerifyClient never
# ([never]|allow|try|demand)
# logging
loglevel 256
allow bind_v2
#######################################################################
# database definitions
#######################################################################

database bdb
suffix "dc=brb,dc=lan"
rootdn "cn=root,dc=brb,dc=lan"
rootpw {MD5}d5UAFFfzI2ra+0w+DvtnEg==
directory /var/lib/ldap
# Indices to maintain
#index objectClass eq
index objectClass,uid,uidNumber,gidNumber,memberUid eq
index cn,mail,surname,givenname eq,subinitial


Petites precisions :

mailMessageStore = /var/spool/mail
mail = bruno@brb.dyndns.org

En vous remerciant et en esperant que quelqu'un a une petite reponse a me donner. :oops:
Avatar de l’utilisateur
angelus99
Quartier Maître
Quartier Maître
 
Messages: 11
Inscrit le: 13 Oct 2003 00:00
Localisation: Bordeaux

Retour vers Autres distributions

Qui est en ligne ?

Utilisateur(s) parcourant actuellement ce forum : Aucun utilisateur inscrit et 1 invité

cron