Hi, I did some digging around and I didn't get much further:
# postmap -q corbe.net ldap:acceptdomains postmap: warning: dict_ldap_lookup: Search error 50: Insufficient access It's almost as if postfix is simply ignoring the fact that I've asked it to bind a specific DN and is trying to bind anonymously anyways. I'm at a loss as to how to fix it but it certainly seems as if it is a postfix problem and not an openldap one. -Daniel On Sun, Aug 23, 2009 at 03:55:43PM -0700, Daniel Corbe wrote: > Hi, > > I'm seeing the following errors in my syslog being generated by > trivial-rewrite after a MAIL FROM: command hits my MTA. I've been trying to > enable LDAP lookups for my mail system without much success. The error > messages aren't very helpful (even with verbose logging turned on for the > trivial-rewrite process). > > I've run my query filter through ldapsearch and it returns data. Further, > I'm currently binding my rootdn so there should be no access restrictions on > the LDAP side. I'm not sure where to go from here. > > Error: > > Aug 23 15:48:41 apollo postfix/trivial-rewrite[35555]: fatal: > ldap:acceptdomains(0,lock|fold_fix): table lookup problem > > Relevant LDAP bits from main.cf: > > mydestination = $myhostname, localhost.$mydomain, localhost.localdomain, > ldap:acceptdomains > acceptdomains_server_host = localhost > acceptdomains_server_port = 389 > acceptdomains_bind = yes > acceptdomains_bind_dn = cn=Manager,dc=corbe,dc=net > acceptdomains_bind_pw = xx55ZZ > acceptdomains_search_base = dc=corbe,dc=net > acceptdomains_query_filter = (associatedDomain=*) > acceptdomains_result_attribute = associatedDomain > > # ldapsearch -D 'cn=Manager,dc=corbe,dc=net' -x -W -b 'dc=corbe,dc=net' > '(associatedDomain=*)' > Enter LDAP Password: > # extended LDIF > # > # LDAPv3 > # base <dc=corbe,dc=net> with scope subtree > # filter: (associatedDomain=*) > # requesting: ALL > # > > # corbe.net > dn: dc=corbe,dc=net > objectClass: dcObject > objectClass: domainRelatedObject > objectClass: dNSDomain > o: Corbe Networks > dc: corbe > associatedDomain: corbe.net > associatedDomain: wavelen.net > associatedDomain: as.corbe.net > > # search result > search: 2 > result: 0 Success > > # numResponses: 2 > # numEntries: 1 > > Any pointers here would be highly appriciated. > > Thanks. > > -Daniel >
