Hi,

I am configuring postfix+squirrelmail+dovecot server and user will get authenticated with openldap in rhel6.1

Can you please help me to get the rh-mail.schema.
I have rhel3(rh-mail.schema) schema but it is getting conflict.

Thanks,
Shankar

why do you think you need this schema, and what do you think it will do for you?

Hi Chris,

I have configured but getting error.

[root@mail openldap]# cat Usertest.ldif
dn: uid=redhat,ou=people,o=cseb
uid: redhat
cn: redhat
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: qmailUser
objectClass: inetMailPerson
sn: res
designation: J.E.
department: S.E.(EITC)
ecode: 5099919
dob: 18-Nov-77
doj: 21-Jun-04
telephoneNumber: 77774127
mobileNumber: 1193001818
mail: redhat@cseb.gov.in
mailAlternateAddress: redhat@cseb.gov.in
mailForwardingAddress: redhat@cseb.gov.in
userPassword: {CRYPT}gzu0Z1n3IT8Zs
mailMessageStore: /mailslice/redhat/Maildir/
accountStatus: active
loginShell: /sbin/nologin
uidNumber: 1000
gidNumber: 1000
homeDirectory: /mailslice/redhat
mailReplyText: blank
mailQuotaSize: 25000000000
[root@mail openldap]# ldapadd -x -D “cn=Manager,o=cseb” -W -f Usertest.ldif -c
Enter LDAP Password:
adding new entry “uid=redhat,ou=people,o=cseb”
ldap_add: Invalid syntax (21)
additional info: objectClass: value #5 invalid per syntax
[root@mail openldap]#

but when we are using this ldif format getting done.

[root@mail openldap]# ldapadd -x -D “cn=Manager,o=cseb” -W -f raj.ldif -c
Enter LDAP Password:
adding new entry “uid=redhat,ou=people,o=cseb”
ldap_add: Already exists (68)
[root@mail openldap]# cat raj.ldif
dn: uid=redhat,ou=people,o=cseb
objectClass: top
objectClass: person
#objectClass: organizationalPerson
objectClass: inetOrgPerson
#objectClass: posixAccount
#objectClass: qmailUser
#objectClass: inetMailPerson
uid: redhat
cn: redhat
sn: res
ou: people
#designation: JE
#department: EECT
#ecode: 5099919
mail: redhat@cseb.gov.in
userPassword: password
[root@mail openldap]#

That means there is some issue with mail schema and I am not able to figure out.

Thanks,
Shankar

so where does a qmail objectClass come from? sounds liek you're following an inappropriate document or something?

Hi,

I am getting mails through local user but can't with openldap user.
Also adding users in ldif, can't reflect in phpldapadmin page.

Kindly suggest!!

Thanks,
Shankar

Suggest what?? Your LDIF isn't compatible with the schemas on your server, but you've not explained why you want to use those additional object classes in the first place. What do you actually need from these new user accounts? And again, where did the refernces to these qmail specific config come from?

Thanks for the reply.

Now I am able to add user from phpldapadmin and acn find the user details in slapcat out command.

But when login with squirrelmail with openldap user getting below error:

ul 14 17:00:25 mail dovecot: auth: Error: Can't open configuration file /etc/dovecot/dovecot-ldap.conf.ext: No such file or directory
Jul 14 17:00:25 mail dovecot: master: Error: service(auth): command startup failed, throttling
Jul 14 17:00:25 mail dovecot: log: Error: service(auth): child 14906 returned error 89 (Fatal failure)
Jul 14 17:00:25 mail dovecot: log: Error: service(auth): child 14906 returned error 89 (Fatal failure)
Jul 14 17:01:00 mail dovecot: imap-login: Error: Timeout waiting for handshake from auth server. my pid=14904, input bytes=0
Jul 14 17:01:25 mail dovecot: auth: Error: Can't open configuration file /etc/dovecot/dovecot-ldap.conf.ext: No such file or directory
Jul 14 17:01:25 mail dovecot: log: Error: service(auth): child 15842 returned error 89 (Fatal failure)
Jul 14 17:01:25 mail dovecot: master: Error: service(auth): command startup failed, throttling
Jul 14 17:01:25 mail dovecot: master: Error: service(auth): command startup failed, throttling
Jul 14 17:01:55 mail dovecot: imap-login: Error: Timeout waiting for handshake from auth server. my pid=14904, input bytes=0
Jul 14 17:02:25 mail dovecot: imap-login: Error: Timeout waiting for handshake from auth server. my pid=14904, input bytes=0
Jul 14 17:02:25 mail dovecot: auth: Error: Can't open configuration file /etc/dovecot/dovecot-ldap.conf.ext: No such file or directory
Jul 14 17:02:25 mail dovecot: master: Error: service(auth): command startup failed, throttling
Jul 14 17:02:25 mail dovecot: log: Error: service(auth): child 16765 returned error 89 (Fatal failure)
Jul 14 17:03:00 mail dovecot: imap-login: Error: Timeout waiting for handshake from auth server. my pid=14904, input bytes=0

---------------
[root@mail openldap]# dovecot -n
# 2.0.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-131.0.15.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 6.1 (Santiago)
auth_mechanisms = plain login
base_dir = /var/run/dovecot/
disable_plaintext_auth = no
listen = *
mail_location = maildir:~/Maildir
mbox_write_locks = fcntl
passdb {
driver = pam
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
}
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
userdb {
driver = passwd
}
userdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
[root@mail openldap]#
==========================

[root@mail openldap]# postconf -n
alias_database = $alias_maps
alias_maps = hash:/etc/postfix/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = all
local_recipient_maps = $alias_database, $virtual_mailbox_maps
local_transport = maildrop
mail_owner = postfix
mail_spool_directory = /var/spool/mail fallback_transport = virtual
mailbox_size_limit = 1073741824
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 10485760
mydestination = 172.16.23.0/24, 127.0.0.0/8, $myhostname, localhost.$mydomain, localhost, $mydomain, mail.cseb.gov.in
mydomain = cseb.gov.in
myhostname = mail.cseb.gov.in
mynetworks = 172.16.23.0/24, 172.16.18.0/24, 127.0.0.0/8, 172.16.21.0/24
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
relay_domains = $mydestination
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_banner = $banner
smtpd_client_restrictions = permit_mynetworks,permit-auth_destination,permit_sasl_authenticated,reject
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual, ldap:virtualforward, ldap:aliases, ldap:accountsmap
virtual_gid_maps = static:1000
virtual_mailbox_base = /
virtual_mailbox_maps = ldap:accounts
virtual_minimum_uid = 1000
virtual_uid_maps = static:1000
[root@mail openldap]#
-------------------

looking for the findings.

Thanks,
Shankar

Now I have created a symlink for /etc/dovecot/dovecot-ldap.conf.ext to /etc/dovecot/conf.d/dovecot-ldap.conf.ext


[root@mail conf.d]# dovecot -n
# 2.0.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-131.0.15.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 6.1 (Santiago)
auth_mechanisms = plain login
auth_username_format = %Lu
base_dir = /var/run/dovecot/
disable_plaintext_auth = no
listen = *
mail_location = maildir:~/Maildir
mbox_write_locks = fcntl
passdb {
driver = pam
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
user = root
}
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
userdb {
driver = passwd
}
userdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
protocol pop3 {
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
pop3_uidl_format = %08Xu%08Xv
}
=================================

[root@mail dovecot]# cat dovecot-new.conf
# 2.0.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-131.0.15.el6.x86_64 x86_64 Red Hat Enterprise Linux Server release 6.1 (Santiago)
auth_mechanisms = plain login
listen = *
protocols = imap pop3 imaps
mail_location = maildir:~/Maildir
mbox_write_locks = fcntl
auth_bind = yes
#auth_bind_userdn = cn=%u,ou=people,o=cseb
auth_bind_userdn = cn=%u,o=cseb
pass_attrs = uid=user
pass_filter = (&(objectClass=posixAccount)(uid=%u))
auth_verbose = yes
auth_debug = yes
auth_username_format = %Lu
passdb {
driver = pam
}
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
userdb {
driver = passwd
}
[root@mail dovecot]#
=========================================================

[root@mail dovecot]# tailf /var/log/maillog
Jul 15 13:54:05 mail dovecot: master: Error: service(auth): command startup failed, throttling
Jul 15 15:03:49 mail postfix/postfix-script[13851]: stopping the Postfix mail system
Jul 15 15:03:49 mail postfix/master[708]: terminating on signal 15
Jul 15 15:03:50 mail postfix/postfix-script[14070]: warning: not owned by root: /var/spool/postfix
Jul 15 15:03:50 mail postfix/postfix-script[14098]: starting the Postfix mail system
Jul 15 15:03:50 mail postfix/master[14099]: daemon started -- version 2.6.6, configuration /etc/postfix
Jul 15 15:03:59 mail dovecot: master: Warning: Killed with signal 15 (by pid=14121 uid=0 code=kill)
Jul 15 15:04:00 mail dovecot: master: Dovecot v2.0.9 starting up (core dumps disabled)
Jul 15 15:04:27 mail dovecot: auth: Fatal: LDAP: No base given
Jul 15 15:04:27 mail dovecot: master: Error: service(auth): command startup failed, throttling
Jul 15 15:05:02 mail dovecot: imap-login: Error: Timeout waiting for handshake from auth server. my pid=14666, input bytes=0
===================================

[root@mail dovecot]# telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK Waiting for authentication process to respond..
=========================================================
but still not able to login.

Thanks,
Shankar

so have you read the documentation for configuring LDAP under postfix? It took me 10 seconds to google "ldap postfix base" and get the answer. Can I suggest that in general you spend a little longer researching these issues before asking for help?

Hi,
Mail is getting delivered but stuck in queue and repeatidily coming in inbox.

Whay may be the caused?

Thanks,
Shankar

No idea without seeing logs. (sound familiar?)

Hi,

Please find the logs and suggest.
/mailslice/user7/Maildir/new... is the mount point coming from NAS bos as NFS and mounted through cluster.


[root@mail postfix]# tailf /var/log/maillog
Jul 25 13:47:12 mail postfix/qmgr[11359]: AD1E025000899: from=<user2@cseb.gov.in>, size=711, nrcpt=2 (queue active)
Jul 25 13:47:12 mail postfix/virtual[11552]: AD1E025000899: to=<user2@cseb.gov.in>, relay=virtual, delay=347, delays=347/0.02/0/0.04, dsn=2.0.0, status=sent (delivered to maildir)
Jul 25 13:47:12 mail postfix/virtual[11552]: AD1E025000899: to=<user7@cseb.gov.in>, relay=virtual, delay=347, delays=347/0.02/0/0.05, dsn=2.0.0, status=sent (delivered to maildir)
Jul 25 13:47:12 mail postfix/virtual[11552]: fatal: update queue file active/AD1E025000899: Input/output error
Jul 25 13:47:13 mail postfix/qmgr[11359]: warning: private/virtual socket: malformed response
Jul 25 13:47:13 mail postfix/qmgr[11359]: warning: transport virtual failure -- see a previous warning/fatal/panic logfile record for the problem description
Jul 25 13:47:13 mail postfix/master[10454]: warning: process /usr/libexec/postfix/virtual pid 11552 exit status 1
Jul 25 13:47:13 mail postfix/master[10454]: warning: /usr/libexec/postfix/virtual: bad command startup -- throttling
Jul 25 13:47:14 mail postfix/error[11553]: AD1E025000899: to=<user2@cseb.gov.in>, relay=none, delay=348, delays=347/1.1/0/0.01, dsn=4.3.0, status=deferred (unknown mail transport error)
Jul 25 13:47:14 mail postfix/error[11553]: AD1E025000899: to=<user7@cseb.gov.in>, relay=none, delay=348, delays=347/1.1/0/0.12, dsn=4.3.0, status=deferred (unknown mail transport error)
Jul 25 13:48:00 mail dovecot: imap-login: Login: user=<user7>, method=PLAIN, rip=172.16.17.8, lip=172.16.17.9, mpid=12276, TLS
Jul 25 13:48:00 mail dovecot: imap(user7): Error: rename(/mailslice/user7/Maildir/new/1342850551.V18I800aa3M653680.mail.cseb.gov.in, /mailslice/user7/Maildir/cur/1342850551.V18I800aa3M653680.mail.cseb.gov.in:2,) failed: Input/output error
Jul 25 13:48:00 mail dovecot: imap(user7): Error: rename(/mailslice/user7/Maildir/new/1342851881.V18I800aa6M419928.mail.cseb.gov.in, /mailslice/user7/Maildir/cur/1342851881.V18I800aa6M419928.mail.cseb.gov.in:2,) failed: Input/output error
Jul 25 13:48:00 mail dovecot: imap(user7): Error: rename(/mailslice/user7/Maildir/new/1342853609.V18I800aa9M558938.mail.cseb.gov.in, /mailslice/user7/Maildir/cur/1342853609.V18I800aa9M558938.mail.cseb.gov.in:2,) failed: Input/output error
Jul 25 13:48:00 mail dovecot: imap(user7): Error: rename(/mailslice/user7/Maildir/new/1342853939.V18I1800aa7M910757.mail.cseb.gov.in, /mailslice/user7/Maildir/cur/1342853939.V18I1800aa7M910757.mail.cseb.gov.in:2,) failed: Input/output error
Jul 25 13:48:00 mail dovecot: imap(user7): Error: rename(/mailslice/user7/Maildir/new/1342854350.V18I2000ab2M599346.mail.cseb.gov.in, /mailslice/user7/Maildir/cur/1342854350.V18I2000ab2M599346.mail.cseb.gov.in:2,) failed: Input/output error
Jul 25 13:48:00 mail dovecot: imap(user7): Error: rename(/mailslice/user7/Maildir/new/1342854497.V18I5000ab7M559322.mail.cseb.gov.in, /mailslice/user7/Maildir/cur/13428

Thanks,
Shankar

Hi,

I have removed /var/spool/postfix and /mailslice from NAS and mounted locally and everything works fine.

Hence for NFS mount from NAS, I/O error was coming.
Is there anyway to work on NFS side to overcome this error.

Thanks,
Shankar