info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
virtual_alias_maps + freeipa postmap: dict_ldap_debug: connect errno: 115
38 views
Skip to first unread message
Fernando André
Aug 16, 2020, 5:57:37 AM8/16/20
to
Hello,
I've hit the below error trying to connect postfix with freeipa
postmap -q "fernand...@a1.net106.local" ldap:/etc/postfix/ldap_aliases.cf
postmap: dict_ldap_debug: ldap_create
postmap: dict_ldap_debug: ldap_url_parse_ext(ldap://freeipa.a1.net106.local:389)
postmap: dict_ldap_debug: ldap_search_ext
postmap: dict_ldap_debug: put_filter: "(mail=fernand...@a1.net106.local)"
postmap: dict_ldap_debug: put_filter: simple
postmap: dict_ldap_debug: put_simple_filter: "mail=fernand...@a1.net106.local"
postmap: dict_ldap_debug: ldap_send_initial_request
postmap: dict_ldap_debug: ldap_new_connection 1 1 0
postmap: dict_ldap_debug: ldap_int_open_connection
postmap: dict_ldap_debug: ldap_connect_to_host: TCP freeipa.a1.net106.local:389
postmap: dict_ldap_debug: ldap_new_socket: 4
postmap: dict_ldap_debug: ldap_prepare_socket: 4
postmap: dict_ldap_debug: ldap_connect_to_host: Trying 192.168.1.6:389
postmap: dict_ldap_debug: ldap_pvt_connect: fd: 4 tm: 10 async: 0
postmap: dict_ldap_debug: ldap_ndelay_on: 4
postmap: dict_ldap_debug: attempting to connect:
postmap: dict_ldap_debug: connect errno: 115
postmap: dict_ldap_debug: ldap_int_poll: fd: 4 tm: 10
postmap: dict_ldap_debug: ldap_is_sock_ready: 4
postmap: dict_ldap_debug: ldap_ndelay_off: 4
postmap: dict_ldap_debug: ldap_pvt_connect: 0
postmap: dict_ldap_debug: ldap_open_defconn: successful
postmap: dict_ldap_debug: ldap_send_server_request
postmap: dict_ldap_debug: ber_scanf fmt ({it) ber:
postmap: dict_ldap_debug: ber_scanf fmt ({) ber:
postmap: dict_ldap_debug: ber_flush2: 108 bytes to sd 4
postmap: dict_ldap_debug: ldap_write: want=108, written=108
postmap: dict_ldap_debug: 0000: 30 6a 02 01 01 63 65 04 24 63 6e 3d 61 63 63 6f 0j...ce.$cn=acco
postmap: dict_ldap_debug: 0010: 75 6e 74 73 2c 64 63 3d 61 31 2c 64 63 3d 6e 65 unts,dc=a1,dc=ne
postmap: dict_ldap_debug: 0020: 74 31 30 36 2c 64 63 3d 6c 6f 63 61 6c 0a 01 02 t106,dc=local...
postmap: dict_ldap_debug: 0030: 0a 01 00 02 01 00 02 01 0a 01 01 00 a3 27 04 04 .............'..
postmap: dict_ldap_debug: 0040: 6d 61 69 6c 04 1f 66 65 72 6e 61 6e 64 6f 72 69 mail..fernandori
postmap: dict_ldap_debug: 0050: 62 65 69 72 6f 40 61 31 2e 6e 65 74 31 30 36 2e be...@a1.net106.
postmap: dict_ldap_debug: 0060: 6c 6f 63 61 6c 30 05 04 03 75 69 64 local0...uid
postmap: dict_ldap_debug: ldap_result ld 0x55cfa86ff230 msgid 1
postmap: dict_ldap_debug: wait4msg ld 0x55cfa86ff230 msgid 1 (timeout 10000000 usec)
postmap: dict_ldap_debug: wait4msg continue ld 0x55cfa86ff230 msgid 1 all 1
postmap: dict_ldap_debug: ** ld 0x55cfa86ff230 Connections:
postmap: dict_ldap_debug: * host: freeipa.a1.net106.local port: 389 (default)
postmap: dict_ldap_debug: refcnt: 2 status: Connected
postmap: dict_ldap_debug: last used: Sun Aug 16 10:37:19 2020
postmap: dict_ldap_debug:
postmap: dict_ldap_debug: ** ld 0x55cfa86ff230 Outstanding Requests:
postmap: dict_ldap_debug: * msgid 1, origid 1, status InProgress
postmap: dict_ldap_debug: outstanding referrals 0, parent count 0
postmap: dict_ldap_debug: ld 0x55cfa86ff230 request count 1 (abandoned 0)
postmap: dict_ldap_debug: ** ld 0x55cfa86ff230 Response Queue:
postmap: dict_ldap_debug: Empty
postmap: dict_ldap_debug: ld 0x55cfa86ff230 response count 0
postmap: dict_ldap_debug: ldap_chkResponseList ld 0x55cfa86ff230 msgid 1 all 1
postmap: dict_ldap_debug: ldap_chkResponseList returns ld 0x55cfa86ff230 NULL
postmap: dict_ldap_debug: ldap_int_select
postmap: dict_ldap_debug: read1msg: ld 0x55cfa86ff230 msgid 1 all 1
postmap: dict_ldap_debug: ber_get_next
postmap: dict_ldap_debug: ldap_read: want=8, got=8
postmap: dict_ldap_debug: 0000: 30 0c 02 01 01 65 07 0a 0....e..
postmap: dict_ldap_debug: ldap_read: want=6, got=6
postmap: dict_ldap_debug: 0000: 01 00 04 00 04 00 ......
postmap: dict_ldap_debug: ber_get_next: tag 0x30 len 12 contents:
postmap: dict_ldap_debug: read1msg: ld 0x55cfa86ff230 msgid 1 message type search-result
postmap: dict_ldap_debug: ber_scanf fmt ({eAA) ber:
postmap: dict_ldap_debug: read1msg: ld 0x55cfa86ff230 0 new referrals
postmap: dict_ldap_debug: read1msg: mark request completed, ld 0x55cfa86ff230 msgid 1
postmap: dict_ldap_debug: request done: ld 0x55cfa86ff230 msgid 1
postmap: dict_ldap_debug: res_errno: 0, res_error: <>, res_matched: <>
postmap: dict_ldap_debug: ldap_free_request (origid 1, msgid 1)
postmap: dict_ldap_debug: ldap_parse_result
postmap: dict_ldap_debug: ber_scanf fmt ({iAA) ber:
postmap: dict_ldap_debug: ber_scanf fmt (}) ber:
postmap: dict_ldap_debug: ldap_msgfree
postmap: dict_ldap_debug: ldap_free_connection 1 1
postmap: dict_ldap_debug: ldap_send_unbind
postmap: dict_ldap_debug: ber_flush2: 7 bytes to sd 4
postmap: dict_ldap_debug: ldap_write: want=7, written=7
postmap: dict_ldap_debug: 0000: 30 05 02 01 02 42 00 0....B.
postmap: dict_ldap_debug: ldap_free_connection: actually freed
My configuration postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
compatibility_level = 2
cyrus_sasl_config_path = /etc/postfix/sasl
debug_peer_level = 6
debug_peer_list = 127.0.0.1
import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY LANG=C KRB5_KTNAME=/etc/postfix/smtp.keytab
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
mydestination = $myhostname, stmp.a1.net106.local, localhost.a1.net106.local, , localhost
myhostname = stmp.a1.net106.local
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sasl_type = cyrus
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_domains = a1.net106.local
virtual_alias_maps = ldap:/etc/postfix/ldap_aliases.cf
ldap_aliases.cf
server_host = freeipa.a1.net106.local
search_base = cn=accounts,dc=a1,dc=net106,dc=local
query_filter = (mail=%s)
result_attribute = uid
bind = no
debuglevel = 3
start_tls = no
version = 3
ldapsearch mail=fernand...@a1.net106.local correctly returns the user from local line
I'm thinking that the issue is the auth using krb5 is not working,
from this line
import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY LANG=C KRB5_KTNAME=/etc/postfix/smtp.keytab
Any sugestions?
Thank you in advance.
Best regards,
I've hit the below error trying to connect postfix with freeipa
postmap -q "fernand...@a1.net106.local" ldap:/etc/postfix/ldap_aliases.cf
postmap: dict_ldap_debug: ldap_create
postmap: dict_ldap_debug: ldap_url_parse_ext(ldap://freeipa.a1.net106.local:389)
postmap: dict_ldap_debug: ldap_search_ext
postmap: dict_ldap_debug: put_filter: "(mail=fernand...@a1.net106.local)"
postmap: dict_ldap_debug: put_filter: simple
postmap: dict_ldap_debug: put_simple_filter: "mail=fernand...@a1.net106.local"
postmap: dict_ldap_debug: ldap_send_initial_request
postmap: dict_ldap_debug: ldap_new_connection 1 1 0
postmap: dict_ldap_debug: ldap_int_open_connection
postmap: dict_ldap_debug: ldap_connect_to_host: TCP freeipa.a1.net106.local:389
postmap: dict_ldap_debug: ldap_new_socket: 4
postmap: dict_ldap_debug: ldap_prepare_socket: 4
postmap: dict_ldap_debug: ldap_connect_to_host: Trying 192.168.1.6:389
postmap: dict_ldap_debug: ldap_pvt_connect: fd: 4 tm: 10 async: 0
postmap: dict_ldap_debug: ldap_ndelay_on: 4
postmap: dict_ldap_debug: attempting to connect:
postmap: dict_ldap_debug: connect errno: 115
postmap: dict_ldap_debug: ldap_int_poll: fd: 4 tm: 10
postmap: dict_ldap_debug: ldap_is_sock_ready: 4
postmap: dict_ldap_debug: ldap_ndelay_off: 4
postmap: dict_ldap_debug: ldap_pvt_connect: 0
postmap: dict_ldap_debug: ldap_open_defconn: successful
postmap: dict_ldap_debug: ldap_send_server_request
postmap: dict_ldap_debug: ber_scanf fmt ({it) ber:
postmap: dict_ldap_debug: ber_scanf fmt ({) ber:
postmap: dict_ldap_debug: ber_flush2: 108 bytes to sd 4
postmap: dict_ldap_debug: ldap_write: want=108, written=108
postmap: dict_ldap_debug: 0000: 30 6a 02 01 01 63 65 04 24 63 6e 3d 61 63 63 6f 0j...ce.$cn=acco
postmap: dict_ldap_debug: 0010: 75 6e 74 73 2c 64 63 3d 61 31 2c 64 63 3d 6e 65 unts,dc=a1,dc=ne
postmap: dict_ldap_debug: 0020: 74 31 30 36 2c 64 63 3d 6c 6f 63 61 6c 0a 01 02 t106,dc=local...
postmap: dict_ldap_debug: 0030: 0a 01 00 02 01 00 02 01 0a 01 01 00 a3 27 04 04 .............'..
postmap: dict_ldap_debug: 0040: 6d 61 69 6c 04 1f 66 65 72 6e 61 6e 64 6f 72 69 mail..fernandori
postmap: dict_ldap_debug: 0050: 62 65 69 72 6f 40 61 31 2e 6e 65 74 31 30 36 2e be...@a1.net106.
postmap: dict_ldap_debug: 0060: 6c 6f 63 61 6c 30 05 04 03 75 69 64 local0...uid
postmap: dict_ldap_debug: ldap_result ld 0x55cfa86ff230 msgid 1
postmap: dict_ldap_debug: wait4msg ld 0x55cfa86ff230 msgid 1 (timeout 10000000 usec)
postmap: dict_ldap_debug: wait4msg continue ld 0x55cfa86ff230 msgid 1 all 1
postmap: dict_ldap_debug: ** ld 0x55cfa86ff230 Connections:
postmap: dict_ldap_debug: * host: freeipa.a1.net106.local port: 389 (default)
postmap: dict_ldap_debug: refcnt: 2 status: Connected
postmap: dict_ldap_debug: last used: Sun Aug 16 10:37:19 2020
postmap: dict_ldap_debug:
postmap: dict_ldap_debug: ** ld 0x55cfa86ff230 Outstanding Requests:
postmap: dict_ldap_debug: * msgid 1, origid 1, status InProgress
postmap: dict_ldap_debug: outstanding referrals 0, parent count 0
postmap: dict_ldap_debug: ld 0x55cfa86ff230 request count 1 (abandoned 0)
postmap: dict_ldap_debug: ** ld 0x55cfa86ff230 Response Queue:
postmap: dict_ldap_debug: Empty
postmap: dict_ldap_debug: ld 0x55cfa86ff230 response count 0
postmap: dict_ldap_debug: ldap_chkResponseList ld 0x55cfa86ff230 msgid 1 all 1
postmap: dict_ldap_debug: ldap_chkResponseList returns ld 0x55cfa86ff230 NULL
postmap: dict_ldap_debug: ldap_int_select
postmap: dict_ldap_debug: read1msg: ld 0x55cfa86ff230 msgid 1 all 1
postmap: dict_ldap_debug: ber_get_next
postmap: dict_ldap_debug: ldap_read: want=8, got=8
postmap: dict_ldap_debug: 0000: 30 0c 02 01 01 65 07 0a 0....e..
postmap: dict_ldap_debug: ldap_read: want=6, got=6
postmap: dict_ldap_debug: 0000: 01 00 04 00 04 00 ......
postmap: dict_ldap_debug: ber_get_next: tag 0x30 len 12 contents:
postmap: dict_ldap_debug: read1msg: ld 0x55cfa86ff230 msgid 1 message type search-result
postmap: dict_ldap_debug: ber_scanf fmt ({eAA) ber:
postmap: dict_ldap_debug: read1msg: ld 0x55cfa86ff230 0 new referrals
postmap: dict_ldap_debug: read1msg: mark request completed, ld 0x55cfa86ff230 msgid 1
postmap: dict_ldap_debug: request done: ld 0x55cfa86ff230 msgid 1
postmap: dict_ldap_debug: res_errno: 0, res_error: <>, res_matched: <>
postmap: dict_ldap_debug: ldap_free_request (origid 1, msgid 1)
postmap: dict_ldap_debug: ldap_parse_result
postmap: dict_ldap_debug: ber_scanf fmt ({iAA) ber:
postmap: dict_ldap_debug: ber_scanf fmt (}) ber:
postmap: dict_ldap_debug: ldap_msgfree
postmap: dict_ldap_debug: ldap_free_connection 1 1
postmap: dict_ldap_debug: ldap_send_unbind
postmap: dict_ldap_debug: ber_flush2: 7 bytes to sd 4
postmap: dict_ldap_debug: ldap_write: want=7, written=7
postmap: dict_ldap_debug: 0000: 30 05 02 01 02 42 00 0....B.
postmap: dict_ldap_debug: ldap_free_connection: actually freed
My configuration postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
compatibility_level = 2
cyrus_sasl_config_path = /etc/postfix/sasl
debug_peer_level = 6
debug_peer_list = 127.0.0.1
import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY LANG=C KRB5_KTNAME=/etc/postfix/smtp.keytab
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
mydestination = $myhostname, stmp.a1.net106.local, localhost.a1.net106.local, , localhost
myhostname = stmp.a1.net106.local
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sasl_type = cyrus
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_domains = a1.net106.local
virtual_alias_maps = ldap:/etc/postfix/ldap_aliases.cf
ldap_aliases.cf
server_host = freeipa.a1.net106.local
search_base = cn=accounts,dc=a1,dc=net106,dc=local
query_filter = (mail=%s)
result_attribute = uid
bind = no
debuglevel = 3
start_tls = no
version = 3
ldapsearch mail=fernand...@a1.net106.local correctly returns the user from local line
I'm thinking that the issue is the auth using krb5 is not working,
from this line
import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY LANG=C KRB5_KTNAME=/etc/postfix/smtp.keytab
Any sugestions?
Thank you in advance.
Best regards,
0 new messages