1

Topic: How to enable openldap direct bind?

==== Required information ====
- iRedMail version:  0.9.0
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  LDAP
- Linux/BSD distribution name and version: Deb 7
- Related log if you're reporting an issue:
====

Zhang,  good morning, how can I make it so that iRedMail users in LDAP (e.g. myuser@mydomain.com) can BIND to LDAP?

Thanks!

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: How to enable openldap direct bind?

*) You have to bind with a full DN, not just email address. For example, mail=user@domain.com,ou=Users,domainName=domain.com,o=domains,dc=xx,dc=xx.

*) With default ACL configured in OpenLDAP by iRedMail, user is able to bind to OpenLDAP with their own bind dn and password.

3 (edited by sam-the-man 2015-01-26 13:01:48)

Re: How to enable openldap direct bind?

Weird, when I try this command I am unable to bind (invalid credentials [49])

root@srv:/home/usr# ldapsearch -h localhost -p 389 -x -b "mail=user@iredmaildomain.net,ou=Users,domainName=iredmaildomain.net,o=domains,dc=base,dc=com" -W | less

How can this be? I have triple checked the password. I know it to be correct.

4

Re: How to enable openldap direct bind?

Is the full dn correct?

5

Re: How to enable openldap direct bind?

Yes Zhang, and still nothing. Very frustrating. I can pay remote developer 29 to help asap?

6

Re: How to enable openldap direct bind?

You can find debug message with '-d 256' argument with 'ldapsearch'. for example:

# ldapsearch -d 256 -h localhost ...

If no detailed error message, you can try our remote support service, and i will login to your server for further debug.