[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Numerical result out of range (ITS#2465)
Full_Name: Cecile Leyman
Version: 2.1.17
OS: RedHat 8.0 - 2.4.18-27.8.0
URL:
Submission from: (NULL) (217.136.114.232)
I try to authenticate Qmail users with OpenLDAP through Courier-IMAP.
I posted this message to openldap-software List.
Howard Chu answered me what follows (thanks) :
-------------------------------------------------------------------------------------
Could be a bug in OpenLDAP's liblber library, it appears that it read 9 bytes
from the socket but only 8 of them belonged to the particular message, the
9th was the beginning of a second message. Ordinarily clients don't send
multiple messages back to back, so it's a bit odd that this is happening. You
should file a bug report on the ITS with this info so we can follow up from
there.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support
-------------------------------------------------------------------------------------
OS : RedHat 8.0 - 2.4.18-27.8.0
Qmail : 1.03 + qmail-ldap-1.03-20030401 patch
Daemontools : 0.76
Ucspi-tcp : 0.88
OpenLDAP : 2.1.17
BDB : 4.1.25
Djbdns : 1.05
Courier-imap : 1.7.1-20030319
OpenLDAP was built with these flags (don't need all but it's a LABO):
./configure --prefix=/usr/local/openldap --mandir=/usr/share/man
--with-cyrus-sasl --with-kerberos --with-tls --enable-crypt --enable-kpasswd
--enable-lmpasswd --enable-spasswd --enable-bdb --enable-bdb-modules
--enable-ldbm --enable-referrals
When i test the authentication, this error message appears in the debug of
OpenLDAP => "Numerical result out of range"
[root@cleyman openldap-2.1.17]# telnet cleyman.labo.be 143
Trying 172.16.4.88...
Connected to cleyman.labo.be (172.16.4.88).
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1] Courier-IMAP ready. Copyright 1998-2003 Double
Precision, Inc. See COPYING for distribution information.
a008 LOGIN cleyman cleyman
a008 NO Login failed.
Here is the debug of OpenLDAP :
daemon: activity on 1 descriptors
daemon: new connection on 12
daemon: added 12r
daemon: activity on:
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 12r
daemon: read activity on 12
connection_get(12)
connection_get(12): got connid=5
connection_read(12): checking for input on id=5
ber_get_next
ldap_read: want=9, got=9
0000: 30 2b 02 01 01 60 26 02 01 0+...`&..
ldap_read: want=36, got=36
0000: 03 04 16 63 6e 3d 41 64 6d 69 6e 2c 64 63 3d 6c ...cn=Admin,dc=l
0010: 61 62 6f 2c 64 63 3d 62 65 80 09 6d 61 79 62 65 abo,dc=be..maybe
0020: 61 64 61 79 aday
ber_get_next: tag 0x30 len 43 contents:
ber_dump: buf=0x081ea5f0 ptr=0x081ea5f0 end=0x081ea61b len=43
0000: 02 01 01 60 26 02 01 03 04 16 63 6e 3d 41 64 6d ...`&.....cn=Adm
0010: 69 6e 2c 64 63 3d 6c 61 62 6f 2c 64 63 3d 62 65 in,dc=labo,dc=be
0020: 80 09 6d 61 79 62 65 61 64 61 79 ..maybeaday
ber_get_next
ldap_read: want=9 error=Resource temporarily unavailable
ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)
daemon: select: listen=6 active_threads=1 tvp=NULL
do_bind
ber_scanf fmt ({imt) ber:
ber_dump: buf=0x081ea5f0 ptr=0x081ea5f3 end=0x081ea61b len=40
0000: 60 26 02 01 03 04 16 63 6e 3d 41 64 6d 69 6e 2c `&.....cn=Admin,
0010: 64 63 3d 6c 61 62 6f 2c 64 63 3d 62 65 80 09 6d dc=labo,dc=be..m
0020: 61 79 62 65 61 64 61 79 aybeaday
ber_scanf fmt (m}) ber:
ber_dump: buf=0x081ea5f0 ptr=0x081ea610 end=0x081ea61b len=11
0000: 00 09 6d 61 79 62 65 61 64 61 79 ..maybeaday
>>> dnPrettyNormal: <cn=Admin,dc=labo,dc=be>
=> ldap_bv2dn(cn=Admin,dc=labo,dc=be,0)
<= ldap_bv2dn(cn=Admin,dc=labo,dc=be,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=Admin,dc=labo,dc=be,272)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(cn=admin,dc=labo,dc=be,272)=0
<<< dnPrettyNormal: <cn=Admin,dc=labo,dc=be>, <cn=admin,dc=labo,dc=be>
do_bind: version=3 dn="cn=Admin,dc=labo,dc=be" method=128
==> bdb_bind: dn: cn=Admin,dc=labo,dc=be
bdb_dn2entry_rw("cn=admin,dc=labo,dc=be")
=> bdb_dn2id_matched( "cn=admin,dc=labo,dc=be" )
====> bdb_cache_find_entry_dn2id("cn=admin,dc=labo,dc=be"): 2 (1 tries)
====> bdb_cache_find_entry_id( 2 ) "cn=Admin,dc=labo,dc=be" (found) (1 tries)
====> bdb_cache_return_entry_r( 2 ): returned (0)
do_bind: v3 bind: "cn=Admin,dc=labo,dc=be" to "cn=Admin,dc=labo,dc=be"
send_ldap_result: conn=5 op=0 p=3
send_ldap_result: err=0 matched="" text=""
send_ldap_response: msgid=1 tag=97 err=0
ber_flush: 14 bytes to sd 12
0000: 30 0c 02 01 01 61 07 0a 01 00 04 00 04 00 0....a........
ldap_write: want=14, written=14
0000: 30 0c 02 01 01 61 07 0a 01 00 04 00 04 00 0....a........
daemon: activity on 1 descriptors
daemon: activity on: 12r
daemon: read activity on 12
connection_get(12)
connection_get(12): got connid=5
connection_read(12): checking for input on id=5
ber_get_next
ldap_read: want=9, got=9
0000: 30 81 bf 02 01 02 63 81 b9 0.....c..
ldap_read: want=185, got=185
0000: 04 19 6f 75 3d 61 63 63 6f 75 6e 74 73 2c 64 63 ..ou=accounts,dc
0010: 3d 6c 61 62 6f 2c 64 63 3d 62 65 0a 01 02 0a 01 =labo,dc=be.....
0020: 00 02 01 00 02 01 00 01 01 00 a0 2a a3 18 04 0b ...........*....
0030: 6f 62 6a 65 63 74 63 6c 61 73 73 04 09 71 6d 61 objectclass..qma
0040: 69 6c 55 73 65 72 a3 0e 04 03 75 69 64 04 07 63 ilUser....uid..c
0050: 6c 65 79 6d 61 6e 30 61 04 03 75 69 64 04 08 71 leyman0a..uid..q
0060: 6d 61 69 6c 55 49 44 04 08 71 6d 61 69 6c 47 49 mailUID..qmailGI
0070: 44 04 0d 61 63 63 6f 75 6e 74 53 74 61 74 75 73 D..accountStatus
0080: 04 08 6d 61 69 6c 48 6f 73 74 04 10 6d 61 69 6c ..mailHost..mail
0090: 4d 65 73 73 61 67 65 53 74 6f 72 65 04 0d 68 6f MessageStore..ho
00a0: 6d 65 44 69 72 65 63 74 6f 72 79 04 0c 75 73 65 meDirectory..use
00b0: 72 50 61 73 73 77 6f 72 64 rPassword
ber_get_next: tag 0x30 len 191 contents:
ber_dump: buf=0x081eb5c0 ptr=0x081eb5c0 end=0x081eb67f len=191
0000: 02 01 02 63 81 b9 04 19 6f 75 3d 61 63 63 6f 75 ...c....ou=accou
0010: 6e 74 73 2c 64 63 3d 6c 61 62 6f 2c 64 63 3d 62 nts,dc=labo,dc=b
0020: 65 0a 01 02 0a 01 00 02 01 00 02 01 00 01 01 00 e...............
0030: a0 2a a3 18 04 0b 6f 62 6a 65 63 74 63 6c 61 73 .*....objectclas
0040: 73 04 09 71 6d 61 69 6c 55 73 65 72 a3 0e 04 03 s..qmailUser....
0050: 75 69 64 04 07 63 6c 65 79 6d 61 6e 30 61 04 03 uid..cleyman0a..
0060: 75 69 64 04 08 71 6d 61 69 6c 55 49 44 04 08 71 uid..qmailUID..q
0070: 6d 61 69 6c 47 49 44 04 0d 61 63 63 6f 75 6e 74 mailGID..account
0080: 53 74 61 74 75 73 04 08 6d 61 69 6c 48 6f 73 74 Status..mailHost
0090: 04 10 6d 61 69 6c 4d 65 73 73 61 67 65 53 74 6f ..mailMessageSto
00a0: 72 65 04 0d 68 6f 6d 65 44 69 72 65 63 74 6f 72 re..homeDirector
00b0: 79 04 0c 75 73 65 72 50 61 73 73 77 6f 72 64 y..userPassword
ber_get_next
ldap_read: want=9 error=Resource temporarily unavailable
ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)
do_search
ber_scanf fmt ({miiiib) ber:
ber_dump: buf=0x081eb5c0 ptr=0x081eb5c3 end=0x081eb67f len=188
0000: 63 81 b9 04 19 6f 75 3d 61 63 63 6f 75 6e 74 73 c....ou=accounts
0010: 2c 64 63 3d 6c 61 62 6f 2c 64 63 3d 62 65 0a 01 ,dc=labo,dc=be..
0020: 02 0a 01 00 02 01 00 02 01 00 01 01 00 a0 2a a3 ..............*.
0030: 18 04 0b 6f 62 6a 65 63 74 63 6c 61 73 73 04 09 ...objectclass..
0040: 71 6d 61 69 6c 55 73 65 72 a3 0e 04 03 75 69 64 qmailUser....uid
0050: 04 07 63 6c 65 79 6d 61 6e 30 61 04 03 75 69 64 ..cleyman0a..uid
0060: 04 08 71 6d 61 69 6c 55 49 44 04 08 71 6d 61 69 ..qmailUID..qmai
0070: 6c 47 49 44 04 0d 61 63 63 6f 75 6e 74 53 74 61 lGID..accountSta
0080: 74 75 73 04 08 6d 61 69 6c 48 6f 73 74 04 10 6d tus..mailHost..m
0090: 61 69 6c 4d 65 73 73 61 67 65 53 74 6f 72 65 04 ailMessageStore.
00a0: 0d 68 6f 6d 65 44 69 72 65 63 74 6f 72 79 04 0c .homeDirectory..
00b0: 75 73 65 72 50 61 73 73 77 6f 72 64 userPassword
>>> dnPrettyNormal: <ou=accounts,dc=labo,dc=be>
=> ldap_bv2dn(ou=accounts,dc=labo,dc=be,0)
<= ldap_bv2dn(ou=accounts,dc=labo,dc=be,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(ou=accounts,dc=labo,dc=be,272)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(ou=accounts,dc=labo,dc=be,272)=0
<<< dnPrettyNormal: <ou=accounts,dc=labo,dc=be>, <ou=accounts,dc=labo,dc=be>
SRCH "ou=accounts,dc=labo,dc=be" 2 0 0 0 0
begin get_filter
AND
begin get_filter_list
begin get_filter
EQUALITY
ber_scanf fmt ({mm}) ber:
ber_dump: buf=0x081eb5c0 ptr=0x081eb5f2 end=0x081eb67f len=141
0000: a3 18 04 0b 6f 62 6a 65 63 74 63 6c 61 73 73 04 ....objectclass.
0010: 09 71 6d 61 69 6c 55 73 65 72 a3 0e 04 03 75 69 .qmailUser....ui
0020: 64 04 07 63 6c 65 79 6d 61 6e 30 61 04 03 75 69 d..cleyman0a..ui
0030: 64 04 08 71 6d 61 69 6c 55 49 44 04 08 71 6d 61 d..qmailUID..qma
0040: 69 6c 47 49 44 04 0d 61 63 63 6f 75 6e 74 53 74 ilGID..accountSt
0050: 61 74 75 73 04 08 6d 61 69 6c 48 6f 73 74 04 10 atus..mailHost..
0060: 6d 61 69 6c 4d 65 73 73 61 67 65 53 74 6f 72 65 mailMessageStore
0070: 04 0d 68 6f 6d 65 44 69 72 65 63 74 6f 72 79 04 ..homeDirectory.
0080: 0c 75 73 65 72 50 61 73 73 77 6f 72 64 .userPassword
end get_filter 0
begin get_filter
EQUALITY
ber_scanf fmt ({mm}) ber:
ber_dump: buf=0x081eb5c0 ptr=0x081eb60c end=0x081eb67f len=115
0000: 00 0e 04 03 75 69 64 04 07 63 6c 65 79 6d 61 6e ....uid..cleyman
0010: 30 61 04 03 75 69 64 04 08 71 6d 61 69 6c 55 49 0a..uid..qmailUI
0020: 44 04 08 71 6d 61 69 6c 47 49 44 04 0d 61 63 63 D..qmailGID..acc
0030: 6f 75 6e 74 53 74 61 74 75 73 04 08 6d 61 69 6c ountStatus..mail
0040: 48 6f 73 74 04 10 6d 61 69 6c 4d 65 73 73 61 67 Host..mailMessag
0050: 65 53 74 6f 72 65 04 0d 68 6f 6d 65 44 69 72 65 eStore..homeDire
0060: 63 74 6f 72 79 04 0c 75 73 65 72 50 61 73 73 77 ctory..userPassw
0070: 6f 72 64 ord
end get_filter 0
end get_filter_list
end get_filter 0
filter: (&(objectClass=qmailUser)(uid=cleyman))
ber_scanf fmt ({M}}) ber:
ber_dump: buf=0x081eb5c0 ptr=0x081eb61c end=0x081eb67f len=99
0000: 00 61 04 03 75 69 64 04 08 71 6d 61 69 6c 55 49 .a..uid..qmailUI
0010: 44 04 08 71 6d 61 69 6c 47 49 44 04 0d 61 63 63 D..qmailGID..acc
0020: 6f 75 6e 74 53 74 61 74 75 73 04 08 6d 61 69 6c ountStatus..mail
0030: 48 6f 73 74 04 10 6d 61 69 6c 4d 65 73 73 61 67 Host..mailMessag
0040: 65 53 74 6f 72 65 04 0d 68 6f 6d 65 44 69 72 65 eStore..homeDire
0050: 63 74 6f 72 79 04 0c 75 73 65 72 50 61 73 73 77 ctory..userPassw
0060: 6f 72 64 ord
attrs: uid qmailUID qmailGID accountStatus mailHost mailMessageStore
homeDirectory userPassword
=> bdb_back_search
bdb_dn2entry_rw("ou=accounts,dc=labo,dc=be")
=> bdb_dn2id_matched( "ou=accounts,dc=labo,dc=be" )
====> bdb_cache_find_entry_dn2id("ou=accounts,dc=labo,dc=be"): 3 (1 tries)
====> bdb_cache_find_entry_id( 3 ) "ou=accounts,dc=labo,dc=be" (found) (1
tries)
search_candidates: base="ou=accounts,dc=labo,dc=be" (0x00000003) scope=2
=> bdb_filter_candidates
AND
=> bdb_list_candidates 0xa0
=> bdb_filter_candidates
DN SUBTREE
=> bdb_dn2idl( "ou=accounts,dc=labo,dc=be" )
bdb_idl_fetch_key: @ou=accounts,dc=labo,dc=be
<= bdb_dn2idl: id=2 first=3 last=4
<= bdb_filter_candidates: id=2 first=3 last=4
=> bdb_filter_candidates
OR
=> bdb_list_candidates 0xa1
=> bdb_filter_candidates
EQUALITY
=> bdb_equality_candidates (objectClass)
=> key_read
bdb_idl_fetch_key: [b49d1940]
<= bdb_index_read: failed (-30991)
<= bdb_equality_candidates: id=0, first=0, last=0
<= bdb_filter_candidates: id=0 first=0 last=0
=> bdb_filter_candidates
AND
=> bdb_list_candidates 0xa0
=> bdb_filter_candidates
EQUALITY
=> bdb_equality_candidates (objectClass)
=> key_read
bdb_idl_fetch_key: [5cf73cf5]
<= bdb_index_read 1 candidates
<= bdb_equality_candidates: id=1, first=4, last=4
<= bdb_filter_candidates: id=1 first=4 last=4
=> bdb_filter_candidates
EQUALITY
=> bdb_equality_candidates (uid)
=> key_read
bdb_idl_fetch_key: [86c0097c]
<= bdb_index_read 1 candidates
<= bdb_equality_candidates: id=1, first=4, last=4
<= bdb_filter_candidates: id=1 first=4 last=4
<= bdb_list_candidates: id=1 first=4 last=4
<= bdb_filter_candidates: id=1 first=4 last=4
<= bdb_list_candidates: id=1 first=4 last=4
<= bdb_filter_candidates: id=1 first=4 last=4
<= bdb_list_candidates: id=1 first=4 last=4
<= bdb_filter_candidates: id=1 first=4 last=4
bdb_search_candidates: id=1 first=4 last=4
====> bdb_cache_return_entry_r( 3 ): returned (0)
====> bdb_cache_find_entry_id( 4 ) "uid=cleyman,ou=accounts,dc=labo,dc=be"
(found) (1 tries)
=> test_filter
AND
=> test_filter_and
=> test_filter
EQUALITY
=> access_allowed: search access to "uid=cleyman,ou=accounts,dc=labo,dc=be"
"objectClass" requested
<= root access granted
is_object_subclass(1.3.6.1.4.1.7914.1.2.2.1,2.5.6.0) 0
is_object_subclass(1.3.6.1.4.1.7914.1.2.2.1,2.5.6.6) 0
is_object_subclass(1.3.6.1.4.1.7914.1.2.2.1,2.5.6.0) 0
is_object_subclass(1.3.6.1.4.1.7914.1.2.2.1,2.16.840.1.113730.3.2.2) 0
is_object_subclass(1.3.6.1.4.1.7914.1.2.2.1,2.5.6.7) 0
is_object_subclass(1.3.6.1.4.1.7914.1.2.2.1,2.5.6.6) 0
is_object_subclass(1.3.6.1.4.1.7914.1.2.2.1,2.5.6.0) 0
is_object_subclass(1.3.6.1.4.1.7914.1.2.2.1,1.3.6.1.4.1.7914.1.2.2.1) 1
<= test_filter 6
=> test_filter
EQUALITY
=> access_allowed: search access to "uid=cleyman,ou=accounts,dc=labo,dc=be"
"uid" requested
<= root access granted
<= test_filter 6
<= test_filter_and 6
<= test_filter 6
=> send_search_entry: dn="uid=cleyman,ou=accounts,dc=labo,dc=be"
=> access_allowed: read access to "uid=cleyman,ou=accounts,dc=labo,dc=be"
"entry" requested
<= root access granted
=> access_allowed: read access to "uid=cleyman,ou=accounts,dc=labo,dc=be"
"mailHost" requested
<= root access granted
=> access_allowed: read access to "uid=cleyman,ou=accounts,dc=labo,dc=be" "uid"
requested
<= root access granted
=> access_allowed: read access to "uid=cleyman,ou=accounts,dc=labo,dc=be"
"mailMessageStore" requested
<= root access granted
=> access_allowed: read access to "uid=cleyman,ou=accounts,dc=labo,dc=be"
"userPassword" requested
<= root access granted
ber_flush: 208 bytes to sd 12
0000: 30 81 cd 02 01 02 64 81 c7 04 25 75 69 64 3d 63 0.....d...%uid=c
0010: 6c 65 79 6d 61 6e 2c 6f 75 3d 61 63 63 6f 75 6e leyman,ou=accoun
0020: 74 73 2c 64 63 3d 6c 61 62 6f 2c 64 63 3d 62 65 ts,dc=labo,dc=be
0030: 30 81 9d 30 1d 04 08 6d 61 69 6c 48 6f 73 74 31 0..0...mailHost1
0040: 11 04 0f 63 6c 65 79 6d 61 6e 2e 6c 61 62 6f 2e ...cleyman.labo.
0050: 62 65 30 10 04 03 75 69 64 31 09 04 07 63 6c 65 be0...uid1...cle
0060: 79 6d 61 6e 30 39 04 10 6d 61 69 6c 4d 65 73 73 yman09..mailMess
0070: 61 67 65 53 74 6f 72 65 31 25 04 23 2f 76 61 72 ageStore1%.#/var
0080: 2f 71 6d 61 69 6c 2f 6d 61 69 6c 64 69 72 73 2f /qmail/maildirs/
0090: 63 6c 65 79 6d 61 6e 2f 4d 61 69 6c 64 69 72 30 cleyman/Maildir0
00a0: 2f 04 0c 75 73 65 72 50 61 73 73 77 6f 72 64 31 /..userPassword1
00b0: 1f 04 1d 7b 4d 44 35 7d 47 43 6a 36 7a 38 35 39 ...{MD5}GCj6z859
00c0: 64 77 6c 65 53 73 68 73 4f 74 6f 34 46 41 3d 3d dwleSshsOto4FA==
ldap_write: want=208, written=208
0000: 30 81 cd 02 01 02 64 81 c7 04 25 75 69 64 3d 63 0.....d...%uid=c
0010: 6c 65 79 6d 61 6e 2c 6f 75 3d 61 63 63 6f 75 6e leyman,ou=accoun
0020: 74 73 2c 64 63 3d 6c 61 62 6f 2c 64 63 3d 62 65 ts,dc=labo,dc=be
0030: 30 81 9d 30 1d 04 08 6d 61 69 6c 48 6f 73 74 31 0..0...mailHost1
0040: 11 04 0f 63 6c 65 79 6d 61 6e 2e 6c 61 62 6f 2e ...cleyman.labo.
0050: 62 65 30 10 04 03 75 69 64 31 09 04 07 63 6c 65 be0...uid1...cle
0060: 79 6d 61 6e 30 39 04 10 6d 61 69 6c 4d 65 73 73 yman09..mailMess
0070: 61 67 65 53 74 6f 72 65 31 25 04 23 2f 76 61 72 ageStore1%.#/var
0080: 2f 71 6d 61 69 6c 2f 6d 61 69 6c 64 69 72 73 2f /qmail/maildirs/
0090: 63 6c 65 79 6d 61 6e 2f 4d 61 69 6c 64 69 72 30 cleyman/Maildir0
00a0: 2f 04 0c 75 73 65 72 50 61 73 73 77 6f 72 64 31 /..userPassword1
00b0: 1f 04 1d 7b 4d 44 35 7d 47 43 6a 36 7a 38 35 39 ...{MD5}GCj6z859
00c0: 64 77 6c 65 53 73 68 73 4f 74 6f 34 46 41 3d 3d dwleSshsOto4FA==
<= send_search_entry
====> bdb_cache_return_entry_r( 4 ): returned (0)
daemon: select: listen=6 active_threads=1 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 12r
daemon: read activity on 12
connection_get(12)
connection_get(12): got connid=5
connection_read(12): checking for input on id=5
ber_get_next
ldap_read: want=9, got=9
0000: 30 06 02 01 03 50 01 02 30 0....P..0
ber_get_next on fd 12 failed errno=34 (Numerical result out of range)
connection_read(12): input error=-2 id=5, closing.
connection_closing: readying conn=5 sd=12 for close
connection_close: deferring conn=5 sd=12
send_search_result: err=0 matched="" text=""
send_ldap_response: msgid=2 tag=101 err=0
connection_resched: attempting closing conn=5 sd=12
connection_close: conn=5 sd=12
daemon: removing 12
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: select: listen=6 active_threads=0 tvp=NULL
----------------------------------------------------
Here is a user sample configuration :
# cleyman, accounts, labo.be
dn: uid=cleyman,ou=accounts,dc=labo,dc=be
mobile: 0496565777
givenName:: Q8OpY2lsZQ==
sn: Leyman
street:: Q2hhdXNzw6llIGRlcyBDb2xsaW5lcywgNTQ=
telephoneNumber: 010237301
mailAlternateAddress: cecile.leyman@labo.be
mail: cleyman@cleyman.labo.be
displayName:: Q8OpY2lsZSBMZXltYW4=
cn: cleyman
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: qmailUser
facsimileTelephoneNumber: 010237315
mailHost: cleyman.labo.be
uid: cleyman
description: Test User
mailMessageStore: /var/qmail/maildirs/cleyman (/Maildir)
userPassword:: e1NNRDV9NG1wSWFRbDNjUTArY0ZQV21tYnUyUHE2c0VBPQ==
--------------------------
Here is the slapd.conf :
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.7 2003/03/24 03:54:12
kur
t Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /usr/local/openldap/etc/openldap/schema/core.schema
include /usr/local/openldap/etc/openldap/schema/cosine.schema
include /usr/local/openldap/etc/openldap/schema/inetorgperson.schema
include /usr/local/openldap/etc/openldap/schema/nis.schema
include /usr/local/openldap/etc/openldap/schema/qmail.schema
include /usr/local/openldap/etc/openldap/schema/rfc822-MailMember.schema
include /usr/local/openldap/etc/openldap/schema/rfc2377.schema
include /usr/local/openldap/etc/openldap/schema/phpQLAdmin.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /usr/local/openldap/var/slapd.pid
argsfile /usr/local/openldap/var/slapd.args
# Load dynamic backend modules:
# modulepath /usr/local/openldap/libexec/openldap
# moduleload back_bdb.la
# moduleload back_ldap.la
# moduleload back_ldbm.la
# moduleload back_passwd.la
# moduleload back_shell.la
# Sample security restrictions
#
# Disallow clear text exchange of passwords
# disallow bind_simple_unprotected
#
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64
# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access
# Allow authenticated users read access
# Allow anonymous users to authenticate
# Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
# by self write
# by users read
# by anonymous auth
#
# if no access controls are present, the default policy is:
# Allow read by all
#
# rootdn can always write!
allow bind_v2
#######################################################################
# ldbm database definitions
#######################################################################
database bdb
suffix "dc=labo,dc=be"
rootdn "cn=Admin,dc=labo,dc=be"
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
#rootpw secret
rootpw {CRYPT}teplcM671LDgc
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory /usr/local/openldap/var/openldap-data
# Indices to maintain
index objectClass,uid,uidNumber,gidNumber eq
index mailMessageStore,mailAlternateAddress eq
index cn,mail,surname,givenname eq,subinitial
----------------------------------------------------------------------
The vmail user was created and his HomeDirectory's /var/qmail/maildirs
The directory /var/qmail/maildirs/cleyman exits and his owner is vmail.
The Maildir of cleyman user must be created when the first mail is sent to this
user (with "dirmaker" script).
I tried to create it manually but that didn't change anything.
I hope to have given you all informations.
Sorry for my English...
Thanks a lot.
Regards,
Cecile.