Re: ldapdb and postfix

[Dieter Kluenter <dieter@dkluenter.de>]

Paul Jacobson <pj@cutlerco.com.au> writes:

> ok... i've trimmed down the logs to a single authentication
> session. these are the relevant parts afaiks.

> Jun 25 15:13:52 mail2 postfix/smtpd[3411]: smtpd_sasl_authenticate:
> sasl_method CRAM-MD5
> Jun 25 15:13:52 mail2 postfix/smtpd[3411]: smtpd_sasl_authenticate:
> uncoded challenge: <1608008827.14398672@mail2.cutlerco.com.au>
> Jun 25 15:13:52 mail2 postfix/smtpd[3411]: > unknown[172.16.2.61]: 334 xxxx==
> Jun 25 15:13:52 mail2 postfix/smtpd[3411]: < unknown[172.16.2.61]: xxxxxxx=
> Jun 25 15:13:52 mail2 postfix/smtpd[3411]: smtpd_sasl_authenticate:
> decoded response: pj xxxxx
> Jun 25 15:13:52 mail2 postfix/smtpd[3411]: warning: SASL
> authentication failure: no secret in database
> Jun 25 15:13:52 mail2 postfix/smtpd[3411]: warning:
> unknown[172.16.2.61]: SASL CRAM-MD5 authentication failed

[...]

> /usr/lib/sasl2/smtpd.conf
> pwcheck_method: auxprop
> auxprop_plugin: ldapdb
> ldapdb_uri: ldap://127.0.0.1/
> ldapdb_id: ldapadmin
> ldapdb_pw: xxxxxxx
> ldapdb_mech: DIGEST-MD5

I'm running ldapdb based authentication with postfix. Initially I
viewed the same errors as you do,changing pwcheck_method in smtpd.conf
solved it. As you may have seen from my mails to Tony, the syntax of
pwcheck_method may vary.

,----[ smtpd.conf ]
| pwcheck_method: ldapdb
| ldapdb_uri: ldap://orange.l4b.de
| ldapdb_id: mailadmin
| ldapdb_pw: xxxx
| ldapdb_mech: DIGEST-MD5
`----

-Dieter

-- 
Dieter Klünter | Systemberatung
Tel.: +49.40.64861967
Fax : +49.40.64891521
http://www.avci.de