1

Topic: Cannot login to mail

Hi,

When i want to test my webmail, i got error login failed. When i check syslog, it show this:

Jan  1 13:41:09 jupiter postfix/proxymap[16188]: warning: dict_ldap_connect: Unable to bind to server ldap://127.0.0.1:389 as cn=vmail,dc=oas,dc=com,cd=my: -1 (Can't contact LDAP server)
Jan  1 13:41:09 jupiter postfix/pickup[3667]: 22EBF13A3C: uid=0 from=<root>
Jan  1 13:41:09 jupiter postfix/proxymap[16188]: warning: dict_ldap_connect: Unable to bind to server ldap://127.0.0.1:389 as cn=vmail,dc=oas,dc=com,cd=my: -1 (Can't contact LDAP server)
Jan  1 13:41:09 jupiter postfix/proxymap[16188]: warning: dict_ldap_connect: Unable to bind to server ldap://127.0.0.1:389 as cn=vmail,dc=oas,dc=com,cd=my: -1 (Can't contact LDAP server)
Jan  1 13:41:09 jupiter postfix/cleanup[3668]: warning: 22EBF13A3C: virtual_alias_maps map lookup problem for www@oas.com.my

I also cannot restart dlap.

root@jupiter:~# /etc/init.d/slapd restart
Stopping OpenLDAP: slapd.
Starting OpenLDAP: slapd - failed.
The operation failed but no output was produced. For hints on what went
wrong please refer to the system's logfiles (e.g. /var/log/syslog) or
try running the daemon in Debug mode like via "slapd -d 16383" (warning:
this will create copious output).

Below, you can find the command line options used by this script to
run slapd. Do not forget to specify those options if you
want to look to debugging output:
  slapd -h 'ldap:/// ldapi:///' -g openldap -u openldap -f /etc/ldap/slapd.conf

slald.conf

#
# File generated by iRedMail (2010.01.01.13.15.10):
#
# Version:  0.5.1
# Project:  http://www.iredmail.org/
#
# If you deploy iRedMail in product environment, we suggest
# you public your information in 'Success Stories' forum to help us
# promote iRedMail.
#
# Community: http://www.iredmail.org/community.html
#

# Schemas.
include     /etc/ldap/schema/core.schema
include     /etc/ldap/schema/corba.schema
include     /etc/ldap/schema/cosine.schema
include     /etc/ldap/schema/inetorgperson.schema
include     /etc/ldap/schema/nis.schema
# Schema provided by iRedMail.
include     /etc/ldap/schema/iredmail.schema

# Where the pid file is put. The init.d script will not stop the
# server if you change this.
pidfile     /var/run/slapd/slapd.pid

# List of arguments that were passed to the server
argsfile    /var/run/slapd/slapd.args

# TLS files.
TLSCACertificateFile /etc/ssl/certs/iRedMail_CA.pem
TLSCertificateFile /etc/ssl/certs/iRedMail_CA.pem
TLSCertificateKeyFile /etc/ssl/private/iRedMail.key

# Modules.
modulepath  /usr/lib/ldap
moduleload  back_bdb

#
# Disallow bind as anonymous.
#
disallow    bind_anon

#
# Specify LDAP protocol version.
#require     LDAPv3
allow       bind_v2

# Log level.
#   -1:     enable all debugging
#    0:     no debugging
#   128:    access control list processing
#   256:    stats log connections/operations/results
loglevel    0

#
# Access Control List. Used for LDAP bind.
#
# NOTE: Every domain have a administrator. e.g.
#   Domain Name: 'oas.com.my'
#   Admin Name: mail=postmaster@oas.com.my, domainName=oas.com.my, o=domains,dc=oas,dc=com,cd=my
#

#
# Set permission for LDAP attrs.
#
access to attrs="userPassword,mailForwardingAddress"
    by anonymous    auth
    by self         write
    by dn.exact="cn=vmail,dc=oas,dc=com,cd=my"   read
    by dn.exact="cn=vmailadmin,dc=oas,dc=com,cd=my"  write
    by users        none

access to attrs="cn,sn,telephoneNumber"
    by anonymous    auth
    by self         write
    by dn.exact="cn=vmail,dc=oas,dc=com,cd=my"   read
    by dn.exact="cn=vmailadmin,dc=oas,dc=com,cd=my"  write
    by users        read

# Domain attrs.
access to attrs="objectclass,domainName,mtaTransport,enabledService,domainSenderBccAddress,domainRecipientBccAddress,domainAdmin,domainGlobalAdmin,domainBackupMX,domainMaxQuotaSize,domainMaxUserNumber"
    by anonymous    auth
    by self         read
    by dn.exact="cn=vmail,dc=oas,dc=com,cd=my"   read
    by dn.exact="cn=vmailadmin,dc=oas,dc=com,cd=my"  write
    by users        read

# User attrs.
access to attrs="employeeNumber,homeDirectory,mailMessageStore,mail,accountStatus,userSenderBccAddress,userRecipientBccAddress,mailForwardingAddress,mailQuota,backupMailAddress,shadowAddress"
    by anonymous    auth
    by self         read
    by dn.exact="cn=vmail,dc=oas,dc=com,cd=my"   read
    by dn.exact="cn=vmailadmin,dc=oas,dc=com,cd=my"  write
    by users        read

#
# Set ACL for vmail/vmailadmin.
#
access to dn="cn=vmail,dc=oas,dc=com,cd=my"
    by anonymous                    auth
    by self                         write
    by dn.exact="cn=vmailadmin,dc=oas,dc=com,cd=my"  write
    by users                        none
access to dn="cn=vmailadmin,dc=oas,dc=com,cd=my"
    by anonymous                    auth
    by self                         write
    by users                        none

#
# Allow users to access their own domain subtree.
# Allow domain admin to modify accounts under same domain.
#
access to dn.regex="domainName=([^,]+),o=domains,dc=oas,dc=com,cd=my$"
    by anonymous                    auth
    by self                         write
    by dn.exact="cn=vmail,dc=oas,dc=com,cd=my"   read
    by dn.exact="cn=vmailadmin,dc=oas,dc=com,cd=my"  write
    by dn.regex="mail=[^,]+@$1,o=domainAdmins,dc=oas,dc=com,cd=my$" write
    by dn.regex="mail=[^,]+@$1,ou=Users,domainName=$1,o=domains,dc=oas,dc=com,cd=my$" read
    by users                        none

#
# Enable vmail/vmailadmin. 
#
access to dn.subtree="o=domains,dc=oas,dc=com,cd=my"
    by anonymous                    auth
    by self                         write
    by dn.exact="cn=vmail,dc=oas,dc=com,cd=my"   read
    by dn.exact="cn=vmailadmin,dc=oas,dc=com,cd=my"  write
    by dn.regex="mail=[^,]+,ou=Users,domainName=$1,o=domains,dc=oas,dc=com,cd=my$" read
    by users                        read

access to dn.subtree="o=domainAdmins,dc=oas,dc=com,cd=my"
    by anonymous                    auth
    by self                         write
    by dn.exact="cn=vmail,dc=oas,dc=com,cd=my"   read
    by dn.exact="cn=vmailadmin,dc=oas,dc=com,cd=my"  write
    by users                        none

#
# Set permission for "cn=*,dc=oas,dc=com,cd=my".
#
access to dn.regex="cn=[^,]+,dc=oas,dc=com,cd=my"
    by anonymous                    auth
    by self                         write
    by users                        none
#
# Set default permission.
#
access to *
    by anonymous                    auth
    by self                         write
    by users                        read

#######################################################################
# BDB database definitions
#######################################################################

database    bdb
suffix      dc=oas,dc=com,cd=my
directory   /var/lib/ldap/oas.com.cd=my

rootdn      cn=Manager,dc=oas,dc=com,cd=my
rootpw      {SSHA}KHVy+Ab0f/p8yzcZ7YMqJj11GFE68TRK

sizelimit   1000
cachesize   1000

#
# Set directory permission.
#
mode        0700

#
# Default index.
#
index objectClass                                   eq,pres
index ou,cn,mail,surname,givenname,telephoneNumber  eq,pres,sub
index uidNumber,gidNumber,loginShell                eq,pres
index uid,memberUid                                 eq,pres,sub
index nisMapName,nisMapEntry                        eq,pres,sub

#
# Index for mail attrs.
#
# ---- Domain related ----
index domainName,mtaTransport,accountStatus,enabledService  eq,pres
index ,domainMaxUserNumber eq,pres
index domainAdmin,domainGlobalAdmin,domainBackupMX    eq,pres
index domainSenderBccAddress,domainRecipientBccAddress  eq,pres
# ---- Group related ----
index accessPolicy,hasMember,listAllowedUser   eq,pres
# ---- User related ----
index homeDirectory,mailMessageStore,mailForwardingAddress,shadowAddress   eq,pres
index backupMailAddress,memberOfGroup   eq,pres

Thank you.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Cannot login to mail

Please try this command and paste the output message here, it contains detail msg:

# slapd -g openldap -u openldap -f /etc/ldap/slapd.conf