Cyrus, pam_ldap, ldap postfix installation

mayankjohri · 07-18-2002, 06:09 AM

Hello friend,

I have to install cyrus, pam_ldap and ldap with ldap as base database for email system.
Can u help me in this regards...

Now in details
I am asked to develop a email system using cyrus, cyrus-sasl, pam_ldap for authentication, ldap for database, postfix

I have installed all the packages but i am unable to make cyrus and ldap talk with eachother every time i try i gets the following error in my /var/log/messages logfile

---------------------------
Jul 18 15:56:41 mayank imapd[1381]: pam_ldap: ldap_set_option(LDAP_OPT_X_TLS_REQUIRE_CERT): Unknown error
Jul 18 15:56:41 mayank imapd[1381]: pam_ldap: _set_ssl_default_options failed
Jul 18 15:56:41 mayank imapd[1381]: pam_ldap: ldap_simple_bind Can't contact LDAP server
--------------------------------------------------
My config files are as follows
1. /etc/ldap/slapd.conf
++++++++++++++++++++++++++++++++++++++++
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.6 2001/04/20 23:32:43 kurt Exp $
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema

pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args

# Load dynamic backend modules:
# modulepath /usr/sbin/ldap
# moduleload back_ldap.la
# moduleload back_ldbm.la
# moduleload back_passwd.la
# moduleload back_shell.la
concurrency 2
#############################
# ldbm database definitions

database ldbm
suffix "dc=intranet,dc=com"
#suffix "o=My Organization Name,c=US"

rootdn "cn=Manager,dc=intranet,dc=com"
rootpw {SSHA}tfLshvBFhpnFLd1fKh6+ylmV50sGxUFz

# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd/tools. Mode 700 recommended.
directory /var/ldap/openldap-ldbm

# Size/number of indices/entries to cache - slapd's memory consumption
# increases significantly if these values are increased:
cachesize 1000
dbcachesize 50000

# Indices to maintain - this has to be set before entries are added to
# slapd databases:
#index objectClass,uid,uidNumber,gidNumber pres,eq
index objectClass,uid pres,eq
index cn,sn eq,sub

access to attr="userPassword"
by self write
by dn="cn=Manager,dc=intranet,dc=com" write
by dn="cn=admin,ou=user,dc=intranet,dc=com" write
by anonymous auth
by * none

access to dn=".*,ou=user,dc=intranet,dc=com"
by dn="cn=Manager,dc=intranet,dc=com" write
by dn="cn=admin,ou=user,dc=intranet,dc=com" write
by * read

access to *
by dn="cn=Manager,dc=intranet,dc=com" write
by * read
+++++++++++++++++++++++++++++++++++++++++++++

2. /etc/pam_ldap/auth_ldap.conf
=============================================
host 127.0.0.1
base ou=user,dc=intranet,dc=com
binddn ou=user,dc=intranet,dc=com
bindpw admin# OpenLDAP SSL mechanism
# start_tls mechanism uses the normal LDAP port, LDAPS typically 636
#ssl start_tls
ssl on
+++++++++++++++++++++++++++++++++++++++++++++

3. admin.ldif : ldif file used to create admin account in ldap
=============================================
dn: dc=intranet,dc=com
objectclass: top
objectclass: dcObject
dc: intranet

dn: ou=user,dc=intranet,dc=com
objectclass: top
objectclass: organizationalUnit
ou: user

dn: cn=admin,ou=user,dc=intranet,dc=com
objectclass: top
objectclass: person
objectclass: account
cn: admin
sn: admin
uid: admin
userPassword: admin
=============================================

Can anyone tell me where i am wrong

Thanks

Mayank