[prev in list] [next in list] [prev in thread] [next in thread]
List: pamldap
Subject: [pamldap] IMAP tries simple bind
From: Andrew Afliatunov <andy () taom ! ru>
Date: 2004-12-24 7:48:00
Message-ID: 41CBC9B0.6080508 () taom ! ru
[Download RAW message or body]
Hi!
I want to make pam-ldap authentication for imap users on Linux Slackware
9.1 server.
So I have installed and configured openssl-0.9.7e, openldap-2.1.21,
pam_ldap-176, nss-ldap-227.
Whith this soft and this file /etc/pam.d/ftp:
--
#%PAM-1.0
auth required /lib/security/pam_listfile.so item=user
sense=deny file=/etc/ftpusers onerr=succeed
auth required /lib/security/pam_shells.so
auth sufficient /lib/security/pam_ldap.so
account sufficient /lib/security/pam_ldap.so
session sufficient /lib/security/pam_ldap.so
--
our ftp users succesfully connect to the server, authenticating in ldap
(Windows AD).
Now I make imap-2004a with pam support:
> make lnp SSLTYPE=none
Make file /etc/pam.d/imap:
--
#%PAM-1.0
auth sufficient /lib/security/pam_ldap.so
auth required /lib/security/pam_unix_auth.so try_first_pass
account sufficient /lib/security/pam_ldap.so
account required /lib/security/pam_unix_acct.so
--
and then try to connect to made imapd and authenticate in AD:
> telnet localhost 143.
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4REV1 LITERAL+ SASL-IR LOGIN-REFERRALS AUTH=LOGIN]
localhost IMAP4rev1 2004.352 at Fri, 24 Dec 2004 11:10:12 +0400 (SAMT)
c: login <windows_user> <windows_password>
c: NO LOGIN failed
Authentication fails, and in mail.log I see:
--
Dec 24 11:24:15 web imapd[3408]: pam_ldap: ldap_simple_bind Can't
contact LDAP server
--
I wonder, why IMAP tries simple bind, if I have 'port 636' and 'ssl
on' in ldap.conf, and when connecting by FTP authentication works?
--
Andrew
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic