Displaying 20 results from an estimated 100 matches similar to: "can't dovecot tls/ssl to openldap"
2020 Nov 19
0
Dovecot authentication hangs when ldap_start_tls_s() fails for invalid certificate
On a Debian10 I've installed postfix 3.4.14 and dovecot 2.3.4.1.
I've configured multiple passdb sources and I expect that if one fails
the other ones are tested.
This is usually the case, except when the failure is due to an invalid
certificate from the ldap server.
In that case all authentication attempts from that moment on will fail.
I've trimmed down the configuration as much as
2002 Jun 21
1
Bug in 2.2.5 ? Configure can't find ldap_start_tls_s ..
Hi everybody,
i just tried to install v 2.2.5 but i get the following
mesage from configure :
-----snipp----
checking for ldap_start_tls_s... no
-----snipp----
grep in /usr/include tells me :
-----snipp----
486dx66:/usr/include # grep --line-number ldap_start_tls_s
ldap*
ldap.h:1075:ldap_start_tls_s LDAP_P((
486dx66:/usr/include #
-----snipp----
Looking into /usr/include/ldap.h from line
2019 May 16
0
Dovecot not connecting to OpenLDAP
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 15 May 2019, Elias Falconi via dovecot wrote:
> 2019-05-15 16:27:43 auth: Error: LDAP /etc/dovecot/dovecot-ldap.conf.ext:
> ldap_start_tls_s() failed: Can't contact LDAP server
> 2019-05-15 16:39:36 auth: Error: LDAP /etc/dovecot/dovecot-ldap.conf.ext:
> ldap_start_tls_s() failed: Connect error
> 2019-05-15 16:39:43 auth:
2015 Dec 29
2
moving LDAP from one domain to another
Hello,
I am moving LDAP from one domain to another
We have moved off of a.wustl.edu network to b.school.edu network.
I have searched
vi /etc/nslcd.conf
vi /etc/openldap/ldap.conf
and removed all referances to "a"
I restarted
/etc/init.d/nscd restart
this is redhat 6.7, and my ldap server is now ldap.b.wustl.edu:389
a.school.edu to b.school.edu
I keep getting messages
2010 May 20
1
LDAP against Novell eDirectory: 'Confidentiality required'
Hi list!
I am trying to get dovecot to authenticate users against Novell eDirectory via LDAP. I have successfully gotten open-xchange to authenticate, and I have written a PHP module that authenticates, however I cannot seem to get Dovecot working.
If I turn on TLS and restart dovecot, I get:
dovecot: 2010-05-20 09:22:05 Error: auth(default): LDAP: ldap_start_tls_s() failed: Connect error
2017 Mar 20
2
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
I have also tested with 2.2.28 and this version has the same issue.
The finding of compatible ciphers is not the problem because I have
uncommented the ldap entrys:
TLSCipherSuite
SECURE128:-ARCFOUR-128:-CAMELLIA-128-CBC:-3DES-CBC:-CAMELLIA-128-GCM
TLSProtocolMin 3.1
Maybe you have further ideas.
Am 2017-03-20 17:42, schrieb Aki Tuomi:
>> On March 20, 2017 at 5:28 PM
2015 Dec 29
0
moving LDAP from one domain to another
Am 29.12.2015 um 22:03 schrieb Dan Hyatt:
> Hello,
>
> I am moving LDAP from one domain to another
> We have moved off of a.wustl.edu network to b.school.edu network.
>
> I have searched
> vi /etc/nslcd.conf
>
> vi /etc/openldap/ldap.conf
>
> and removed all referances to "a"
>
> I restarted
> /etc/init.d/nscd restart
Wrong service
2017 Mar 20
0
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
> On March 20, 2017 at 5:28 PM info at gwarband.de wrote:
>
>
> Can sombody say something about this request?
>
> This is an email from the openldap-technical mailinglist from openldap.
>
> Systemdetails are mention in the other email.
>
> -------- Originalnachricht --------
> Betreff: Re: Dovecot can't connect to openldap over starttls
> Datum:
2017 Mar 20
0
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
Well, those actually *reduce* the possible algorithms that can be used, so uncommenting those can make things worse.
Anyways, your pcap seems incomplete, can you try again?
Aki
> On March 20, 2017 at 8:14 PM info at gwarband.de wrote:
>
>
> I have also tested with 2.2.28 and this version has the same issue.
>
> The finding of compatible ciphers is not the problem because I
2012 May 13
2
doveadm not working
Hi,
I know I must have done some misconfiguration, but I do not know where to start searching for. All began when looking at my weekly cron message, where doveadm purge -A is run. That fails. So I tried doveadm quota -A as well, which several weeks ago was working perfectly.
Example:
doveadm quota get -A
doveadm(root): Error: User listing returned failure
doveadm: Error: Failed to iterate
2017 Mar 20
0
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
Did you do some succesful lookup with something there? I can see few failed attempts and one that seems to have worked just fine.
As pointed out earlier, are you using security frameworks like SELinux or AppArmor? Also, can you provide namei -l /etc/ssl/certs/LetsEncrypt.pem
The failed attempts are really short, indicating a VERY early problem with SSL handshake.
Aki
> On March 20, 2017 at
2019 May 15
2
Dovecot not connecting to OpenLDAP
Hi,
We recently shutdown our old LDAP server and repointed our mail server
(dovecot + postfix) to our new LDAP server and ever since we've been unable
to fetch mail. Mail is getting delivered, but we just can't pop it. We're
using Ubuntu 16.04, btw.
We keep on getting the following error messages in /var/log/dovecote:
2019-05-15 16:27:43 auth: Error: LDAP
2017 Mar 20
2
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
I have a new pcap from beginning to the end with openldap "TLS
negoiation failed"
https://gwarband.de/openldap/tracefile.dump
The sourceports are 45376 and 45377
Tobias
Am 2017-03-20 19:59, schrieb Aki Tuomi:
> Well, those actually *reduce* the possible algorithms that can be
> used, so uncommenting those can make things worse.
>
> Anyways, your pcap seems incomplete,
2017 Mar 21
0
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
Could you copy LetsEncrypt.pem to a world-readable location, with
world-readable rights, and see if this helps with your problem. I saw
you tried with cat using su(do), but unfortunately supplementary groups
are not always used with processes.
Aki
On 20.03.2017 23:09, info at gwarband.de wrote:
> The one that works fine was my openxchange server, that loads contacts
> from openldap.
>
2017 Mar 20
2
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
Can sombody say something about this request?
This is an email from the openldap-technical mailinglist from openldap.
Systemdetails are mention in the other email.
-------- Originalnachricht --------
Betreff: Re: Dovecot can't connect to openldap over starttls
Datum: 2017-03-20 16:18
Absender: Dan White <dwhite at cafedemocracy.org>
Empf?nger: info at gwarband.de
Kopie:
2007 May 22
1
dovecot + ldap tls
hi...
i trying to have a secure conetion between dovecot and directory server, but
i cant do it. The documentation are so poor (
http://wiki.dovecot.org/AuthDatabase/LDAP)
these are my configurations files:
(pre: i have a directory server accepting secure conections (port 389 via
TLS and port 636 via SSL).
File "/opt/csw/etc/dovecot-ldap.conf":
hosts=100.0.4.98
dn =
2017 Mar 20
2
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
The one that works fine was my openxchange server, that loads contacts
from openldap.
In my opinion I don't have installed a security framework list SELinux
or AppArmor.
The output of namei -l /etc/ssl/certs/LetsEncrypt.pem
f: /etc/ssl/certs/LetsEncrypt.pem
drwxr-xr-x root root /
drwxr-xr-x root root etc
drwxr-xr-x root root ssl
drwxr-xr-x root root certs
lrwxrwxrwx root
2008 Aug 27
3
Solaris nss_ldap vs PADL nss_ldap
Hi All,
Any thoughts on why, while everything seems ok at the OS level
(getent , id -a ) Samba
doesn't pickup any supplementary groups when Solaris is configured with
'group: files ldap' in
nsswitch.conf and using it's own native nss_ldap.so.1 but does when
using PADL's nss_ldap?
Everything else is equal.
Do they use/accept different calls or could it be an
2002 Jun 24
0
patch for 2.2.5 and check for start_tls with OpenLDAP 2.0.x libs
FYI....
There is a bu in the configure script for 2.2.5 that prevents the script
from locating the start_tls function in the OpenLDAP 2.0.x libs.
Apply this patch and rerun autoconf. Should fix it. Patches
configure.in and passdb/pdb_ldap.c
Sorry for the inconvience.
cheers, jerry
---------------------------------------------------------------------
Hewlett-Packard
2016 Jan 06
0
Stymied with samba vs openldap SSL ("Failed to issue the StartTLS instruction...")
On 01/06/2016 01:34 PM, Lee Brown wrote:
> On Wed, Jan 6, 2016 at 10:36 AM, Graham Allan <allan at physics.umn.edu
> <mailto:allan at physics.umn.edu>> wrote:
>
> On 01/06/2016 09:53 AM, Graham Allan wrote:
>
>
> The packet dump is a good idea. I get the same failure using
> straight
> SSL to port 636, but wireshark might be able