View previous topic :: View next topic |
Author |
Message |
binro l33t
Joined: 06 May 2005 Posts: 724 Location: Bangkok, Thailand
|
Posted: Sat May 25, 2013 3:50 pm Post subject: Claws-mail can't access LDAP server |
|
|
I am trying out claws-mail but I am having trouble getting the address-book to bind to my LDAP server. When I click the "Check server" button I see in my syslog:
May 25 22:44:46 opal slapd[29064]: conn=1206 fd=17 ACCEPT from IP=192.168.1.40:42302 (IP=0.0.0.0:389)
May 25 22:44:46 opal slapd[29064]: conn=1206 op=0 BIND dn="cn=Manager,dc=binro,dc=org" method=128
May 25 22:44:46 opal slapd[29064]: conn=1206 op=0 RESULT tag=97 err=49 text=
Err=49 I think means a bad password. When Nagios probes the server I see:
May 25 22:43:57 opal slapd[29064]: conn=1204 fd=16 ACCEPT from IP=127.0.0.1:40959 (IP=0.0.0.0:389)
May 25 22:43:57 opal slapd[29064]: conn=1204 op=0 BIND dn="cn=Manager,dc=binro,dc=org" method=128
May 25 22:43:57 opal slapd[29064]: conn=1204 op=0 BIND dn="cn=Manager,dc=binro,dc=org" mech=SIMPLE ssf=0
May 25 22:43:57 opal slapd[29064]: conn=1204 op=0 RESULT tag=97 err=0 text=
May 25 22:43:57 opal slapd[29064]: conn=1204 op=1 SRCH base="ou=People,dc=binro,dc=org" scope=0 deref=0
filter="(objectClass=*)"
May 25 22:43:57 opal slapd[29064]: conn=1204 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
May 25 22:43:57 opal slapd[29064]: conn=1204 op=2 UNBIND
May 25 22:43:57 opal slapd[29064]: conn=1204 fd=16 closed
The difference seems to be the SIMPLE bind. What kind of bind is claws-mail using and what can I do about it?
TIA _________________ "Ship me somewheres east of Suez, where the best is like the worst,
Where there ain't no Ten Commandments an' a man can raise a thirst"
from "Mandalay" by Rudyard Kipling |
|
Back to top |
|
|
vaxbrat l33t
Joined: 05 Oct 2005 Posts: 731 Location: DC Burbs
|
Posted: Sun May 26, 2013 4:53 am Post subject: maybe trying to do a start_tls or something |
|
|
I haven't worked with that app, but I did find a site out there that walked me through testing the various sorts of simple and secure binds that could be done. Don't have that in front of me anymore (was some guys web page), but it was something I stumbled across in either the Fedora 389 directory server howto's or the samba ones for ldap. If you find it for yourself, you might want to see what sort of methods are workable with you and then maybe you can configure claws-mail to use one of them. Another likely suspect for links would probably be the cyrus-sasl howto's since a lot of stuff uses that to front-end their authentication. |
|
Back to top |
|
|
binro l33t
Joined: 06 May 2005 Posts: 724 Location: Bangkok, Thailand
|
Posted: Sun May 26, 2013 10:54 am Post subject: |
|
|
I wondered about the SASL stuff but claws-mail makes no mention of it in its LDAP guide here and my LDAP is set up the same way. _________________ "Ship me somewheres east of Suez, where the best is like the worst,
Where there ain't no Ten Commandments an' a man can raise a thirst"
from "Mandalay" by Rudyard Kipling |
|
Back to top |
|
|
vaxbrat l33t
Joined: 05 Oct 2005 Posts: 731 Location: DC Burbs
|
Posted: Mon May 27, 2013 8:39 pm Post subject: sasl is in one of the dependencies |
|
|
Code: | emerge -pv claws-mail
These are the packages that would be merged, in order:
Calculating dependencies... done!
[ebuild N ] net-libs/libetpan-1.1 USE="berkdb ipv6 sasl ssl -debug -gnutls -liblockfile -static-libs" 1,619 kB
[ebuild N ] mail-client/claws-mail-3.9.0 USE="crypt dbus doc imap ipv6 ldap session ssl -bogofilter -dillo -nntp -pda -smime -spamassassin -spell -startup-notification -xface" 7,252 kB
Total: 2 packages (2 new), Size of downloads: 8,871 kB |
That was just a quickie and I already see a SASL setting in one of the dependencies that I didn't already have installed. Part of the config writeup mumbles stuff about ssl and TLS so I suspect there's settings to do either a simple or start_TLS style bind. |
|
Back to top |
|
|
binro l33t
Joined: 06 May 2005 Posts: 724 Location: Bangkok, Thailand
|
Posted: Tue May 28, 2013 6:23 am Post subject: |
|
|
There are certainly settings for SSL and TLS but they are turned off as described in the claws howto. _________________ "Ship me somewheres east of Suez, where the best is like the worst,
Where there ain't no Ten Commandments an' a man can raise a thirst"
from "Mandalay" by Rudyard Kipling |
|
Back to top |
|
|
|