1 (edited by HawaiiBungalow 2016-11-22 04:48:33)

Topic: Getting phpLDAPAdmin Server to talk to my new iredmail server

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.5-1
- Linux/BSD distribution name and version: Fresh new Centos 7 Core Minimal
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): NGINX
- Manage mail accounts with iRedAdmin-Pro? NO
- Related log if you're reporting an issue:
====

Have a fresh Iredmail Server running.  Have a seperate phpLDAPAdmin Server that I use with my old Iredmail Server just fine.

Working with phpLDAPAdmin config.php, I have the following key settings:

$servers->setValue('server','host','ldap://postman.mydomain.com/');
$servers->setValue('server','port',389);
$servers->setValue('login','attr','dn');
$servers->setValue('appearance','password_hash','');
$servers->setValue('server','tls',true);

On new mail server, confirmed ldap listening on 389
[root@mail ~]# netstat -ntlp |grep 389
tcp        0      0 0.0.0.0:389             0.0.0.0:*               LISTEN      1455/slapd
tcp6       0      0 :::389                  :::*                    LISTEN      1455/slapd
[root@mail ~]#

I ran ldapsearch from phpLDAPAdmin server:
# ldapsearch -Z -H ldap://postman.mydomain.com:389
ldap_start_tls: Can't contact LDAP server (-1)
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)

I can ping postman.mydomain.com that's on same subnet.
My new mailserver (postman.mydomain.com) is on Centos 7.2 minimal. No firewall installed. SELinux Disabled.

Can anyone share their phpldapadmin config.php settings? to help me get my phpldapadmin server to connect to new mail server?

I do have a bought SSL Cert and it's installed. 

thanks!

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Getting phpLDAPAdmin Server to talk to my new iredmail server

HawaiiBungalow wrote:

ldap_start_tls: Can't contact LDAP server (-1)

It means cannot connect to LDAP server at all. Suggestions:

*) Try with IP address of LDAP server.
*) Double check firewall, run command "iptables -L -n" on iRedMail server to check whether there's any firewall rules. Also check firewall between ldap client and server.

3

Re: Getting phpLDAPAdmin Server to talk to my new iredmail server

Yes! Thanks. Original post was with assumption Centos 7.2 minimal didn't install firewalld.  It does.  Stopping it made it all work (systemctl stop firewalld).  What a dumbass I am.

This is what I have enabled on my config.php on my phpldapserver.  Using the iredmail.tips for cn=manager and passwords works fine.

config.php:

$servers->setValue('server','host','ip-address');
$servers->setValue('login','attr','dn');


These are really the only settings enabled in my config.php

Not too secure, but it works.

4

Re: Getting phpLDAPAdmin Server to talk to my new iredmail server

Enable LDAP over TLS (port 389) in phpLDAPadmin for better security. FYI:
http://phpldapadmin.sourceforge.net/wik … server:tls

$servers->setValue('server', 'tls', true);