Qmail Support Forum

admin · Site Admin Joined: 21 Jun 2005 Posts: 209

Hi,
I am trying to configure postfix with openLDAP. I want that postfix use the ldap database to deliver the mails. I have configured everything, except the /etc/main.cf file. I have seen the documentation at postfix.org also, but i couldnot understand. Can anyone help me regarding this. If they have done this thing before, than please give me their configuration files.

Thanks in advance

Bijayant Kumar

admin · Site Admin Joined: 21 Jun 2005 Posts: 209

It is pretty straight-forward to connect Postfix too openLDAP (or any
database backend). Can you be more specific about your problems? It is
also best too first configure Postfix without openLDAP too make sure
that Postfix itself works fine. After that connect Postfix with
openLDAP. In this way you tackle one problem at a time.

It is important that you have some basic knowledge about LDAP.

http://coewww.rutgers.edu/www1/linuxclass2003/lessons/lecture8.html

admin · Site Admin Joined: 21 Jun 2005 Posts: 209

Hi,
Thanks for your reply. My problem is i am configuring postfix to lookup ldap database for the mail delivering. Without ldap postfix is working fine. Now i am trying to configure it ldap. But when i tried to deliver mail to a virtual user it gives me a lot of errors,and i am not able to understand it correctly. Here it is my configuration files :--

/etc/postfix/main.cf :--

myhostname = bijayant.kavach.blr
mydomain = kavach.blr
myorigin = $myhostname
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
mail.$mydomain, www.$mydomain, ftp.$mydomain
home_mailbox = .maildir/
transport_maps = ldap:/etc/postfix/transport
virtual_mailbox_maps = ldap:/etc/postfix/ldap_virtual_mailbox_maps.cf
virtual_mailbox_base = /home/vmail/
virtual_uid_maps = static:1006
virtual_gid_maps = static:1006

/etc/postfix/transport

kavach.net = virtual:

/etc/postfix/ldap_virtual_mailbox_maps.cf

database = ldbm
server_port = 389
server_host = ldap://bijayant.kavach.blr:389/
search_base = ou=kavach.net,dc=kavach,dc=blr
query_filter = (&(objectClass=CourierMailAccount)(mail=%s))
result_attribute = mailbox
scope = sub
bind = yes
hosts = unix:/var/run/openldap/slapd.pid

I have made a database entry like this in my ldap database:

dn: mail=sumitk@kavach.net,ou=kavach.net,ou=People,dc=kavach,dc=blr
uid: sumitk
ou: kavach.net
mail: sumitk@kavach.net
objectClass: top
objectClass: organizationalUnit
objectClass: domainRelatedObject
objectClass: CourierMailAccount
objectClass: qmailUser
homeDirectory: /home/vmail/kavach.net
uidNumber: 1006
gidNumber: 1006
mailbox: kavach.net/sumitk/
accountStatus: active
userPassword: {SSHA}JClFwjb1ba0vQMZFHxlJDb+q7W+WQRvD
mailMessageStore: /home/vmail/kavach.net/sumitk/
associatedDomain: kavach.net

After that when i run the command

bijayant ~ # echo testabcd | mail sumitk

I get the following messages in my message log :--

Sep 17 12:47:57 bijayant postfix/trivial-rewrite[13810]: warning: dict_ldap_connect: Unable to bind to server ldap://localhost:389 as : 2 (Protocol error)
Sep 17 12:47:57 bijayant postfix/trivial-rewrite[13810]: warning: dict_ldap_connect: Unable to bind to server ldap://localhost:389 as : 2 (Protocol error)
Sep 17 12:47:57 bijayant postfix/trivial-rewrite[13810]: warning: dict_ldap_connect: Unable to bind to server ldap://bijayant.kavach.blr:389/ as : 2 (Protocol error)
Sep 17 12:47:57 bijayant postfix/trivial-rewrite[13810]: fatal: ldap:/etc/postfix/ldap_virtual_mailbox_maps.cf(0,100): table lookup problem
Sep 17 12:47:58 bijayant postfix/qmgr[13757]: warning: premature end-of-input on private/rewrite socket while reading input attribute name
Sep 17 12:47:58 bijayant postfix/qmgr[13757]: warning: problem talking to service rewrite: Success
Sep 17 12:47:58 bijayant postfix/cleanup[13805]: warning: premature end-of-input on private/rewrite socket while reading input attribute name

I am wondering that why it gives me error like Unable to bind the ldap server, while my slapd is running fine,it donot gives me error in starting.

I am sorry if me english is wrong. Please help me, i am very upset and i am trying to configure it from several days. I have read several documents based on this..In particular i am following these two documents :--

http://www.crt.realtors.org/projects/email-redir/paper-html/implementation.html#IMPL-POSTFIX

http://www.postfix.org/LDAP_README.html

Please help me. Thanks in advance.

Regards
Bijayant Kumar

admin · Site Admin Joined: 21 Jun 2005 Posts: 209

I don't think the above 'transport_maps' is correct. If
'/etc/postfix/transport' is just an config-file, you should not prefix
it with 'ldap:'

I think postfix can't connect too the ldap backend because the
authentification fails. Depending on your openldap configuration,
authentification is required to search the tree.

In your configuration file '/etc/postfix/ldap_virtual_mailbox_maps.cf'
'bind = yes' is specified. This means that Postfix should authentificate
itself with the ldap database, before access is granted. You must
specifiy as which user Postfix should 'login' (= bind in ldap jargon)
too ldap.

Example:

bind = yes
bind_dn = cn=postfix,ou=postfix,dc=mydomain,dc=com
bind_pw = -------

So, the 'user' 'cn=postfix,ou=postfix,dc=mydomain,dc=com' should then
exists in your ldap tree, and have access rights too the needed sections
in your ldap tree.

I would advice you too first try to retrieve the information from your
ldap database with the ldapsearch command-line tool. This is part of the
openLDAP package. With this tool you can 'bind' as a specific user,
perform a search-query and see the results and found matches. If that is
working ok, then configure Postfix with these settings. With ldapsearch
it is much easier too 'try' things.

http://wiki.bfh.ch/index.php/LDAP_commands_usage_examples

At the moment I am not in the office, so I can't access my config-files
and other information.
If you have patience, I can give good samples tomorrow.

Greetings,

Rene