# Postfix + LDAP

## Mazout

Hi,

I've got a problem with Postfix+LDAP. When a mail is incoming, Postfix seems to can't find the LDAP, whereas there is a connect attempt as you can see in the log.

```

Jan 31 14:56:46 vibes postfix/postfix-script: starting the Postfix mail system

Jan 31 14:56:46 vibes postfix/master[4659]: daemon started -- version 2.0.16

Jan 31 14:57:00 vibes postfix/smtpd[4664]: starting TLS engine

Jan 31 14:57:00 vibes postfix/smtpd[4664]: connect from unknown[193.252.22.28]

Jan 31 14:57:00 vibes postfix/smtpd[4664]: D4A393754D: client=unknown[193.252.22.28]

Jan 31 14:57:00 vibes slapd[4454]: daemon: conn=2 fd=10 connection from IP=10.10.40.3:2827 (IP=0.0.0.0:636) accepted.

Jan 31 14:57:00 vibes slapd[4454]: conn=-1 fd=10 closed

Jan 31 14:57:00 vibes slapd[4454]: daemon: conn=3 fd=10 connection from IP=10.10.40.3:2828 (IP=0.0.0.0:636) accepted.

Jan 31 14:57:00 vibes slapd[4454]: conn=-1 fd=10 closed

Jan 31 14:57:00 vibes postfix/trivial-rewrite[4666]: warning: dict_ldap_lookup: Search error 81: Can't contact LDAP server 

Jan 31 14:57:00 vibes postfix/trivial-rewrite[4666]: fatal: ldap:aliases: table lookup problem

Jan 31 14:57:01 vibes postfix/smtpd[4664]: warning: premature end-of-input on private/rewrite socket while reading input attribute name

Jan 31 14:57:01 vibes postfix/smtpd[4664]: warning: resolve_clnt_query: bad read: Success

Jan 31 14:57:01 vibes postfix/master[4659]: warning: process /usr/lib/postfix/trivial-rewrite pid 4666 exit status 1

```

main.cf for Postfix:

```

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/lib/postfix

mail_owner = postfix

myhostname = <my_hostname>

mydomain = <my_domain>

transport_maps = hash:/etc/postfix/transport

mydestination = $myhostname, localhost.$mydomain, $mydomain, $transport_maps

proxy_interfaces = <my_proxy>

alias_maps = hash:/etc/mail/aliases

alias_database = hash:/etc/mail/aliases

aliases_server_host = <my_ldap_host>

aliases_server_port = 636

aliases_search_base = <base_dn>

aliases_query_filter = (&(mail=%s)(objectClass=CourierMailAlias))

aliases_result_attribute = maildrop

aliases_bind = no

accounts_server_host = <my_ldap_host>

accounts_server_port = 636

accounts_search_base = <base_dn>

accounts_query_filter = (&(mail=%s)(objectClass=CourierMailAccount))

accounts_result_attribute = mailbox

accounts_bind = no

accountsmap_server_host = <my_ldap_host>

accountsmap_server_port = 636

accountsmap_search_base = <base_dn>

accountsmap_query_filter = (&(mail=%s)(objectClass=CourierMailAccount))

accountsmap_result_attribute = mail

accountsmap_bind = no

virtual_maps = ldap:aliases

virtual_mailbox_base = /home/vmail/domains

virtual_mailbox_maps = ldap:accounts

virtual_minimum_uid = 1008

virtual_uid_maps = static:1008

virtual_gid_maps = static:1008

local_recipient_maps = $alias_maps unix:passwd.byname $virtual_mailbox_maps

local_transport = virtual

unknown_local_recipient_reject_code = 450

home_mailbox = .maildir/

local_destination_concurrency_limit = 2

default_destination_concurrency_limit = 10

debug_peer_level = 2

sendmail_path = /usr/sbin/sendmail

newaliases_path = /usr/bin/newaliases

mailq_path = /usr/bin/mailq

setgid_group = postdrop

manpage_directory = /usr/share/man

sample_directory = /etc/postfix/sample

readme_directory = /usr/share/doc/postfix-2.0.11

smtpd_sender_restrictions = reject_non_fqdn_sender, reject_unknown_address, reject_maps_rbl

smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_relay_domain

s, permit_tls_clientcerts, check_relay_ccerts

smtpd_sasl_auth_enable = yes

smtpd_sasl2_auth_enable = yes

smtpd_sasl_security_options = noanonymous

broken_sasl_auth_clients = yes

smtpd_sasl_local_domain =

smtpd_use_tls = yes

smtpd_tls_auth_only = yes

smtpd_tls_key_file = /etc/ssl/postfix/server.key

smtpd_tls_cert_file = /etc/ssl/postfix/server.crt

smtpd_tls_CAfile = /etc/ssl/postfix/server.pem

smtpd_tls_loglevel = 3

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

smtpd_tls_use_session_cache = yes

smtpd_tls_session_cache_database = sdbm:/etc/postfix/smtpd_scache

tls_random_source = dev:/dev/urandom

```

slapd.conf for LDAP:

```

include         /etc/openldap/schema/core.schema

include         /etc/openldap/schema/cosine.schema

include         /etc/openldap/schema/nis.schema

include         /etc/openldap/schema/courier.schema

# Use crypt to hash the passwords

password-hash {crypt}

# Define SSL and TLS properties

TLSCertificateFile      /etc/openldap/ssl/ldap.cert.pem

TLSCertificateKeyFile   /etc/openldap/ssl/ldap.cert.key

TLSCACertificateFile    /etc/ssl/ca-cert.pem

TLSVerifyClient         never

pidfile         /var/run/openldap/slapd.pid

argsfile        /var/run/openldap/slapd.args

defaultaccess   auth

# Setting up database

database        ldbm

directory       /var/lib/openldap-ldbm

suffix          <suffix>

# Setting up root account

rootdn          <root_account>

rootpw          <crypted_pass>

# Creating index to speed up searches

index           objectClass  pres,eq

index           mail,cn      eq,sub

access to dn="" by * read

access to attr=userPassword

        by self write

        by anonymous auth

        by * none

access to dn=<mail_dn> by * read

access to *

        by self write

        by dn.base=<root_account> write

        by * none

```

Thanks for the hepl, it's getting me crazy.

----------

## SnEptUne

I got the same problem.  What did you do to get it working?

----------

