1 (edited by tavi 2010-11-06 02:39:51)

Topic: Ldap connection bug ?

Hi,

I try to connect using iredadmin-pro 1.3.0 to my ldap server which is on a different machine . Although ldapsearch is working, I cannot manage to make iredadmin to connect. I've set in settings.ini the ldap uri like ldap://ldapserver_ip:port/ but iredadmin is not trying to connect to that server. I've checked with tcpdump for any activity and I got none. Did you try to connect to ldap on a different machine ? Am I missing something ? I always get SERVER_DOWN return from auth.py.

Thank you

Tavi

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Ldap connection bug ?

Which options did you use with ldapsearch?

3

Re: Ldap connection bug ?

ZhangHuangbin wrote:

Which options did you use with ldapsearch?

I used

ldapsearch -x -D 'cn=my_admin,dc=my_domain,dc=ro' -h my_ldap_server_ip -W
ldapsearch -x -D 'cn=my_admin,dc=my_domain,dc=ro' -H ldap://my_ldap_server_ip -W
ldapsearch -x -D 'cn=my_admin,dc=my_domain,dc=ro' -H ldap://my_ldap_server_ip:389 -W

All combinations are working.

Thank you,

Tavi

4

Re: Ldap connection bug ?

ZhangHuangbin wrote:

Which options did you use with ldapsearch?

I believe that there is a bug in cfg.ldap.get('uri','ldap://127.0.0.1') used in ldap.initialize() because if I replace this with 'ldap://my_ldap_server_ip' the connection is working.

Thank you,

Tavi

5

Re: Ldap connection bug ?

I works for me here. Debugged in libs/ldap/auth.py and libs/ldap/core.py. It will connect to changed uri.
Did you restart apache after changing ldap uri in settings.ini?

6

Re: Ldap connection bug ?

ZhangHuangbin wrote:

I works for me here. Debugged in libs/ldap/auth.py and libs/ldap/core.py. It will connect to changed uri.
Did you restart apache after changing ldap uri in settings.ini?

Indeed if I restart apache is working , but I don't understand why do I have to restart for changes in the ini file.

Another thing : how do I connect in secure mode ? Putting ldaps is enough or I have to modify something else (for example configuring cyrus-sasl) ? I don't use a standard iredmail installation.

Thank you very much for your time.

Tavi

7

Re: Ldap connection bug ?

With iRedMail, OpenLDAP supports STARTTLS, so you can use 'ldaps://server:port/' in settings.ini. That's enough.

8 (edited by tavi 2010-11-06 17:11:29)

Re: Ldap connection bug ?

ZhangHuangbin wrote:

With iRedMail, OpenLDAP supports STARTTLS, so you can use 'ldaps://server:port/' in settings.ini. That's enough.

Ok. Everything works. You can close the topic. Thank you.