Re: smtpd_recipient_restrictions with ldap

Tue, 04 Apr 2017 03:36:34 -0700 

I use CommuniGate as mailer and they allow a “virtual" ldap tree (very useful 
in my specific situation) that use dc=cgprouter as base search.

http://www.communigate.com/CommuniGatePro/LDAP.html#RouterDN 
<http://www.communigate.com/CommuniGatePro/LDAP.html#RouterDN>

Trouble arise since ldap search returns "No object found” error that broke 
postfix when the user doesn/t exist.

If I search on another provisioned ldap search base (that unfortunately doesn’t 
include all objects I’m looking for) no problem arise.

[root@mail2 openldap]# ldapsearch -v -LLL -hmail1.igi.cnr.it 
<http://hmail1.igi.cnr.it/> -b"cn=igi.cnr.it <http://igi.cnr.it/>,o=Consorzio 
RFX"  -x uid=barbat
ldap_initialize( ldap://mail1.igi.cnr.it <ldap://mail1.igi.cnr.it> )
filter: uid=barbat
requesting: All userApplication attributes

[root@mail2 openldap]# ldapsearch -v -LLL -hmail1.igi.cnr.it 
<http://hmail1.igi.cnr.it/> -b"dc=cgprouter"  -x uid=barbat
ldap_initialize( ldap://mail1.igi.cnr.it <ldap://mail1.igi.cnr.it> )
filter: uid=barbat
requesting: All userApplication attributes
No such object (32)
Additional information: unknown user account


The latter broke postfix .

I’ve notified them about this, but I guess if can workaround it in postfix…. it 
seems not.

Regards,
Paolo.

> On 4 Apr 2017, at 12:22, Michael Ströder <mich...@stroeder.com> wrote:
> 
> Paolo Barbato wrote:
>> postmap: warning: dict_ldap_lookup: 
>> /opt/trend/imss/OpenLDAP/etc/openldap/myBad.cf:
>> Search base 'dc=cgprouter' not found: 32: No such object
> 
> As Brett already said: Most likely this configuration line is wrong:
> 
> ldaprfx_search_base = dc=cgprouter
> 
> Make sure to put the right search base served by your LDAP server there (full 
> DN of
> database root entry).
> 
> Ciao, Michael.
> 

------------------------------------------------------------------------------------------------
Paolo Barbato

Consorzio RFX
 <https://www.igi.cnr.it/>corso Stati Uniti,4                                  
35127 Padova - Italy                                             
Network Administrator 
phone: +39 049 8295097 fax: +39 049 8700718
------------------------------------------------------------------------------------------------

Reply via email to