On Thu, Apr 10, 2025 at 3:07 PM Jeremy Harris via Exim-users <
exim-users@lists.exim.org> wrote:
> On 2025/04/10 8:19 PM, Johnnie W Adams via Exim-users wrote:
> > 14:16:37 121712 re-binding with user= password=foo
> >
> > 14:16:37 121712 Bind succeeded: ldapauth returns OK
>
> OK, I see two possible problems here.
>
> - The exim ldapauth condition returned true for "user= password=foo".
> Is that combination really supposed to be valid?
> What did LDAP think of the transaction?
>
That combination should be user=foo password=foo, because that's what I'm
putting into openssl for the session. I don't know what LDAP thought
because we don't have access to Active Directory logs:
AUTH LOGIN
334 VXNlcm5hbWU6
Zm9v
334 UGFzc3dvcmQ6
Zm9v
235 Authentication succeeded
> - That empty username. The return value from the inside ${lookup }
> (which happens to be an ldapdn lookup) was empty. Did you expect
> a result, for the given data? If not, you might have to test
> with either different data or an amended database.
I expected the authentication to fail, because the account 'foo' doesn't
exist.
Thanks,
John A
--
John Adams
Senior Linux/Middleware Administrator | Information Technology Services
+1-501-916-3010 | jxad...@ualr.edu | http://ualr.edu/itservices
*UA Little Rock*
Reminder: IT Services will never ask for your password over the phone or
in an email. Always be suspicious of requests for personal information that
come via email, even from known contacts. For more information or to
report suspicious email, visit IT Security
<http://ualr.edu/itservices/security/>.
--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscr...@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
