1

Topic: ldap Insufficient access

Hi SuperZhang,

I come back to your good advices.
I just set up a new mail serveur (debian 5) few days ago.
backup everything, mysql and ldap with tools

i cannot figure out why ldap seems to not contact iredmail base at all.

Webmail's passwords are wrong, when i change it on iredmail it accepts the change, but doesn't affect it to the mail account...

openldap, iredmail works well, i can login
but cannot on on roundcube

it looks like ldap base doesn't talk with iredmail anymore

i followed the tuto to backup/restore here http://www.iredmail.org/wiki/index.php? … FAQ/Backup

2-3 things about it
- need to change owner which is openldap (on a debian)
- need to change rights on files


here some few logs

mail:~/iRedMail-0.7.2/conf# netstat -ntlp | grep 389
tcp        0      0 0.0.0.0:389             0.0.0.0:*               LISTEN      3190/slapd     
tcp6       0      0 :::389                  :::*                    LISTEN      3190/slapd

mail.err

Jul  5 13:38:20 mail roundcube: IMAP Error: Login failed for me@exemple.com from XXX.XXX.XXX. AUTHENTICATE PLAIN: Temporary authentication failure. in /usr/share/apache2/roundcubemail-0.5.3/program/include/rcube_imap.php on line 192 (POST /mail/?_task=login&_action=login)
Jul  5 13:38:27 mail postfix/trivial-rewrite[3306]: fatal: proxy:ldap:/etc/postfix/ldap/virtual_mailbox_domains.cf(0,lock|fold_fix): table lookup problem
Jul  5 13:39:28 mail postfix/trivial-rewrite[3319]: fatal: proxy:ldap:/etc/postfix/ldap/virtual_mailbox_domains.cf(0,lock|fold_fix): table lookup problem
Jul  5 13:39:30 mail postfix/trivial-rewrite[3320]: fatal: proxy:ldap:/etc/postfix/ldap/virtual_mailbox_domains.cf(0,lock|fold_fix): table lookup problem
Jul  5 13:40:31 mail postfix/trivial-rewrite[3326]: fatal: proxy:ldap:/etc/postfix/ldap/virtual_mailbox_domains.cf(0,lock|fold_fix): table lookup problem
Jul  5 13:41:32 mail postfix/trivial-rewrite[3330]: fatal: proxy:ldap:/etc/postfix/ldap/virtual_mailbox_domains.cf(0,lock|fold_fix): table lookup problem


mail.info

Jul  5 13:45:39 mail postfix/cleanup[3285]: 778FC80B3AF: message-id=<20110705114539.778FC80B3AF@mail.exemple.com>
Jul  5 13:45:39 mail postfix/proxymap[3286]: warning: dict_ldap_lookup: Search error 50: Insufficient access
Jul  5 13:45:39 mail postfix/cleanup[3285]: warning: 778FC80B3AF: virtual_alias_maps map lookup problem for root@mail.exemple.com
Jul  5 13:45:39 mail postfix/proxymap[3286]: warning: dict_ldap_lookup: Search error 50: Insufficient access
Jul  5 13:45:40 mail postfix/proxymap[3284]: warning: dict_ldap_lookup: Search error 50: Insufficient access
Jul  5 13:45:40 mail postfix/proxymap[3284]: warning: dict_ldap_lookup: Search error 50: Insufficient access
Jul  5 13:45:40 mail postfix/pickup[3283]: 79CAC80B3AF: uid=0 from=<root>
Jul  5 13:45:40 mail postfix/proxymap[3284]: warning: dict_ldap_lookup: Search error 50: Insufficient access
Jul  5 13:45:40 mail postfix/proxymap[3286]: warning: dict_ldap_lookup: Search error 50: Insufficient access
Jul  5 13:45:40 mail postfix/trivial-rewrite[3349]: fatal: proxy:ldap:/etc/postfix/ldap/virtual_mailbox_domains.cf(0,lock|fold_fix): table lookup problem
Jul  5 13:45:40 mail postfix/cleanup[3285]: 79CAC80B3AF: message-id=<20110705114540.79CAC80B3AF@mail.exemple.com>
Jul  5 13:45:40 mail postfix/proxymap[3286]: warning: dict_ldap_lookup: Search error 50: Insufficient access
Jul  5 13:45:40 mail postfix/cleanup[3285]: warning: 79CAC80B3AF: virtual_alias_maps map lookup problem for root@mail.exemple.com
Jul  5 13:45:40 mail postfix/proxymap[3286]: warning: dict_ldap_lookup: Search error 50: Insufficient access
Jul  5 13:45:41 mail postfix/qmgr[3282]: warning: problem talking to service rewrite: Success
Jul  5 13:45:41 mail postfix/master[3280]: warning: process /usr/lib/postfix/trivial-rewrite pid 3349 exit status 1
Jul  5 13:45:41 mail postfix/master[3280]: warning: /usr/lib/postfix/trivial-rewrite: bad command startup -- throttling
Jul  5 13:45:41 mail postfix/pickup[3283]: 7BDAB80B3AF: uid=0 from=<root>
Jul  5 13:45:41 mail postfix/proxymap[3286]: warning: dict_ldap_lookup: Search error 50: Insufficient access
Jul  5 13:45:41 mail postfix/cleanup[3285]: 7BDAB80B3AF: message-id=<20110705114541.7BDAB80B3AF@mail.exemple.com>
Jul  5 13:45:41 mail postfix/proxymap[3286]: warning: dict_ldap_lookup: Search error 50: Insufficient access
Jul  5 13:45:41 mail postfix/cleanup[3285]: warning: 7BDAB80B3AF: virtual_alias_maps map lookup problem for root@mail.exemple.com
Jul  5 13:45:41 mail postfix/proxymap[3286]: warning: dict_ldap_lookup: Search error 50: Insufficient access
Jul  5 13:46:26 mail postfix/pickup[3283]: 7A41A80B3AF: uid=0 from=<root>
Jul  5 13:46:31 mail postfix/anvil[3340]: statistics: max connection rate 1/60s for (smtp:195.20.253.6) at Jul  5 13:43:11
Jul  5 13:46:31 mail postfix/anvil[3340]: statistics: max connection count 1 for (smtp:195.20.253.6) at Jul  5 13:43:11
Jul  5 13:46:31 mail postfix/anvil[3340]: statistics: max cache size 1 at Jul  5 13:43:11
Jul  5 13:46:41 mail postfix/proxymap[3286]: warning: dict_ldap_lookup: Search error 50: Insufficient access
Jul  5 13:46:41 mail last message repeated 2 times
Jul  5 13:46:41 mail postfix/trivial-rewrite[3352]: fatal: proxy:ldap:/etc/postfix/ldap/virtual_mailbox_domains.cf(0,lock|fold_fix): table lookup problem
Jul  5 13:46:42 mail postfix/qmgr[3282]: warning: problem talking to service rewrite: Success
Jul  5 13:46:42 mail postfix/cleanup[3285]: warning: problem talking to service rewrite: Connection reset by peer
Jul  5 13:46:42 mail postfix/master[3280]: warning: process /usr/lib/postfix/trivial-rewrite pid 3352 exit status 1
Jul  5 13:46:42 mail postfix/master[3280]: warning: /usr/lib/postfix/trivial-rewrite: bad command startup -- throttling


debug

Jul  5 13:23:35 mail slapd[3121]: @(#) $OpenLDAP: slapd 2.4.17 (Jan 12 2011 14:58:43) $ ^I@barber:/build/buildd-openldap_2.4.17-2.1~bpo50+1-amd64-2bRKLL/openldap-2.4.17/debian/build/servers/slapd
Jul  5 13:36:13 mail slapd[3189]: @(#) $OpenLDAP: slapd 2.4.17 (Jan 12 2011 14:58:43) $ ^I@barber:/build/buildd-openldap_2.4.17-2.1~bpo50+1-amd64-2bRKLL/openldap-2.4.17/debian/build/servers/slapd


dovecot.log

Jul 05 13:38:09 auth(default): Error: LDAP: binding failed (dn cn=vmail,dc=exemple,dc=com): Invalid credentials
Jul 05 13:38:20 imap-login: Info: Aborted login (auth failed, 1 attempts): user=<me@exemple.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS


hope its enough,
thx

2

Re: ldap Insufficient access

tetedekloo wrote:

Jul 05 13:38:09 auth(default): Error: LDAP: binding failed (dn cn=vmail,dc=exemple,dc=com): Invalid credentials

You should change password of this account with phpLDAPadmin: cn=vmail,dc=exemple,dc=com.

- Find the password of cn=vmail in /etc/postfix/ldap*.cf.
- Login to phpLDAPadmin with LDAP root dn: cn=Manager,dc=xx,dc=xx.
- Change password of cn=vmail,dc=xx,dc=xx to the password which you found in /etc/postfix/ldap*.cf.

Then all LDAP lookups should be OK.

3

Re: ldap Insufficient access

done
Merci