[Samba] samba dc as source for postfix ldap maps
Rowland Penny
rpenny at samba.org
Thu Jan 18 10:12:32 UTC 2024
On Thu, 18 Jan 2024 10:32:19 +0100
Thorsten Marquardt via samba <samba at lists.samba.org> wrote:
> Hi,
>
> I want to use my samba ad dc as the source for several postfix maps
> (virtual mailboxes, aliases and so on) but have trouble to
> authenticate against the ldap server.
>
> My config for ldap-aliases.cf:
>
> server_host = ldap://pi4.fritz.box
> search_base = OU=FritzUser,DC=fritz,DC=box
> start_tls = yes
> version = 3
> bind = yes
> bind_dn = "CN=postfix,OU=FritzUser,DC=fritz,DC=box"
> bind_pw = postfixpw
> timeout=60
> tls_require_cert = yes
> tls_ca_cert_dir = /etc/ssl/certs
> tls_cert = /etc/samba/tls/pi4cert.pem
> tls_key = /etc/samba/tls/pi4key.pem
>
> But postmap fails with:
>
> # postmap -q thorsten at fritz.box ldap:/etc/postfix/ldap-aliases.cf
> postmap: warning: dict_ldap_connect: Unable to bind to server
> ldap://pi4.fritz.box with dn
> "CN=postfix,OU=FritzUser,DC=fritz,DC=box": 49 (Invalid credentials)
> postmap: fatal: table ldap:/etc/postfix/ldap-aliases.cf: query error:
> Application error
>
> Whereas ldapsearch performs:
>
> ldapsearch -D "CN=postfix,OU=FritzUser,DC=fritz,DC=box" -w postfixpw
> -ZZZ
>
> # extended LDIF
> #
> # LDAPv3
> # base <DC=fritz,DC=box> (default) with scope subtree
> # filter: (objectclass=*)
> # requesting: ALL
> #
>
> # NTDS Quotas, fritz.box
> dn: CN=NTDS Quotas,DC=fritz,DC=box
> ...
>
> result: 0 Success
>
> # numResponses: 309
> # numEntries: 305
> # numReferences: 3
>
> What am I doing wrong?
>
It has been a long time since I used postfix, but I think your
server_host is wrong, I do not think you need the 'ldap://' part, just
the FQDN
Rowland
More information about the samba
mailing list