1

Topic: Connect to iRedmail Ldap server remotely

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): iRedMail-0.9.9
- Deployed with iRedMail Easy or the downloadable installer? downloadable installer
- Linux/BSD distribution name and version: Ubuntu 18.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  LDAP
- Web server (Apache or Nginx): NGINX
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi folks,

I am wondering, how do I connect to OpenLdap via Ldap Admin?
-----------
I installed iRedmail with OpenLdap. When I am using ldapsearch -x -D  everything works fine. iredadmin works as well. Thus, I am trying to connect to Ldap remotely from my home pc and it always shows up as Ldap error: server is down.

Slapd is running active. I opened the ports on ufw; I disabled ufw. Nothing helped.

Any suggestions on that please? Thank you

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Connect to iRedmail Ldap server remotely

Hi,

I opened the iptables ports;


-A INPUT -p tcp --dport 389 -j ACCEPT
-A INPUT -p tcp --dport 636 -j ACCEPT

Restarted them but I still cannot connect to LDAP remotely. What could be an issue? Can you please suggest where to look

Thank you

3

Re: Connect to iRedmail Ldap server remotely

Is OpenLDAP listening on 127.0.0.1 or 0.0.0.0? Try command:

netstat -ntlp |grep 389

4

Re: Connect to iRedmail Ldap server remotely

tcp        0      0 0.0.0.0:389             0.0.0.0:*               LISTEN      1573/slapd
tcp6       0      0 :::389                  :::*                    LISTEN      1573/slapd

5

Re: Connect to iRedmail Ldap server remotely

up

6

Re: Connect to iRedmail Ldap server remotely

- Did you use port 389 for remote ldap connection? or 636?
- When you connecting, any relevant info in OpenLDAP log? You may need to turn on debug mode in OpenLDAP to get this info, FYI: https://docs.iredmail.org/debug.openldap.html
- Do you have any network firewall device sites between your iRedMail server and home pc? Is port 389 open in this firewall?

7 (edited by Bornie 2019-05-12 17:27:58)

Re: Connect to iRedmail Ldap server remotely

Thank you very much for your response. I turned on debugging mode but none of the logs appeared either in /var/log or /var/log/openldap/openldap.log;

However, I managed to connect to LDAP through Redmine Ldap Auth / LDAPAdmin / Gitlab without bind's, and as far as I understood it doesnt want to accept any of admin accounts. I tried all 3: Manager, vmail, vmailadmin accounts; typed password manually but it still shows up as: Unable to connect (Invalid LDAP Account/Password);

If I connect to LDAP locally via Redmina or phpldap, connection goes through and all accounts are valid.

Is it possible that all of these apps cant support LDAP remotely cause its not enabled in iRedmail?

Thank you

8

Re: Connect to iRedmail Ldap server remotely

After turned on debug mode in OpenLDAP, it will log something for each connection, so you must figure out where the log was stored. By default it's /var/log/openldap.log or /var/log/openldap/openldap.log, also check /var/log/messages, /var/log/syslog.

If no log at all, you may need to check network firewall rules to make sure remote ldapadmin can connect to the port 389.