On Fri, Feb 27, 2009 at 01:04:37PM +0200, vtzan wrote:
>
> I have setup Postfix LDAP (postfix-2.5.4-2.sasl2.vda.rhel5) on Centos 5.2
> x64 and all features that i have configured are working great EXCEPT from
> REMOTE LDAP SERVER.
> I have configured OpenLDAP Server to some other ip on the network(its a
> different server) but Postfix still looks for LOCAL LDAP DATABASE all the
> time.
> When i move password database from remote Ldap server to localhost and
> start ldap service on localhost everything works OK.
> The thing is that i want LDAP Server to be another machine on the network.
>
> message:
> -----------
> postfix/trivial-rewrite[18638]: warning:dict_ldap_connect: Unable to bind
> to server ldap://localhost:389 as : -1(Can't contact LDAP server)
> postfix/trivial-rewrite[18638]: fatal:ldap:ldaplists(0,lock|fold_fix):
> table lookup problem
>
>
> In my config i have set:
> From main.cf
> ## LDAP SERVER ##
> ldap_server_host = remoteipaddress
> ldap_server_port = 389
> ldap_bind = no
> ldap_search_base = ou=accounts,dc=***,dc=**
> ldap_scope = sub
> ldap_cache = no
These settings are for a table called "ldap", but your table is called
"ldaplists". These days it is advised to use the /some/file.cf way
of defining LDAP tables.
> virtual_alias_maps = hash:/etc/postfix/virtual ldap:ldapmailfwonly
> ldap:ldaplists ldap:ldapalias
You really should define "virtual_alias_domains" explicitly (perhaps
empty), otherwise it defaults to the above, and you are doing transport
lookups via LDAP. Switch to:
proxy:ldap:/etc/postfix/ldaplists.cf
and in the file set:
server_host = ...
server_port = ...
search_base = ...
query_filter = ...
result_attribute = ...
...
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
