On 9/3/2010 3:51 PM, Victor Duchovni wrote:
Yes, there is a listener on 636, as I use it for other LDAPS queries. I haven't a clue how to turn on debuging for LDAP, is it the same flags as the main postfix system debugging?On Fri, Sep 03, 2010 at 03:23:28PM -0500, Seann wrote:When start_tls = yes, my error is: Sep 2 09:46:03 server postfix/postmap[4650]: error: dict_ldap_connect: Unable to set STARTTLS: -11: Connect errorEnable LDAP debugging to see more logging. The OpenLDAP library will return this error when the peer certificate CommonName does not match the hostname you specify, but there could be other errors.When I use the LDAPS URI, I get this: Sep 2 09:46:55 server postfix/postmap[4659]: warning: dict_ldap_connect: Unable to bind to server ldaps://AD.domain.net:636 as CN=admin,CN=Users, DC=domain,DC=net: -1 (Can't contact LDAP server)Is anyone home on port 636? Does "openssl s_client" work?
~Seann
smime.p7s
Description: S/MIME Cryptographic Signature
