Postfix

警告:dict_ldap_lookup:搜尋錯誤 1:操作錯誤

  • November 29, 2012

請我需要有關 ldap 搜尋過濾器的幫助,以用於從 ldap 檢索使用者電子郵件資訊。我正在執行 Ubuntu 伺服器 12.04 的 postfix_ldap。一切似乎都很好,除了從搜尋中獲取返回的值。

版本 1

server_host = ldap://samba.example.com
search_base = dc=company, dc=example, dc=com
query_filter = mail=%s
bind = no
domain = example.com

版本 2

server_host = ldap://samba.example.com
search_base = dc=company, dc=example, dc=com
query_filter = mail=%s
bind_dn = cn=Users,dc=company,dc=example,dc=com
domain = example.com

郵件日誌

Nov 26 11:13:26 mail postfix/smtpd[19662]: match_string: example.com ~? example.com
Nov 26 11:13:26 mail postfix/smtpd[19662]: dict_ldap_lookup: No existing connection for LDAP source /etc/postfix/ldap-aliases.cf, reopening
Nov 26 11:13:26 mail postfix/smtpd[19662]: dict_ldap_connect: Connecting to server ldap://samba.example.com
Nov 26 11:13:26 mail postfix/smtpd[19662]: dict_ldap_connect: Actual Protocol version used is 3.
Nov 26 11:13:26 mail postfix/smtpd[19662]: dict_ldap_connect: Binding to server ldap://samba.example.com with dn cn=Users,dc=company,dc=example,dc=com
Nov 26 11:13:26 mail postfix/smtpd[19662]: warning: dict_ldap_connect: Unable to bind to server ldap://samba.example.com with dn cn=Users,dc=company,dc=example,dc=com: 49 (Invalid credentials)
Nov 26 11:13:26 mail postfix/smtpd[19662]: warning: ldap:/etc/postfix/ldap-aliases.cf lookup error for "tola.akintola@example.com"
Nov 26 11:13:26 mail postfix/smtpd[19662]: maps_find: virtual_alias_maps: tola.akintola@example.com: search aborted
Nov 26 11:13:26 mail postfix/smtpd[19662]: mail_addr_find: tola.akintola@example.com -> (try again)
Nov 26 11:13:26 mail postfix/smtpd[19662]: NOQUEUE: reject: RCPT from col0-omc3-s2.col0.hotmail.com[65.55.34.140]: 451 4.3.0 <tola.akintola@example.com>: Temporary lookup failure; from=<bodus458@live.com> to=<tola.akintola@example.com> proto=ESMTP helo=<col0-omc3-s2.col0.hotmail.com>
Nov 26 11:13:26 mail postfix/smtpd[19662]: > col0-omc3-s2.col0.hotmail.com[65.55.34.140]: 451 4.3.0 <tola.akintola@example.com>: Temporary lookup failure

這是另一個具有成功搜尋結果的日誌,但無法獲取結果的值

Nov 26 12:04:56 mail postfix/smtpd[20463]: dict_ldap_lookup: Using existing connection for LDAP source /etc/postfix/ldap-aliases.cf
Nov 26 12:04:56 mail postfix/smtpd[20463]: dict_ldap_lookup: /etc/postfix/ldap-aliases.cf: Searching with filter mail=tola.akintola@example.com
Nov 26 12:04:56 mail postfix/smtpd[20463]: dict_ldap_get_values[1]: Search found 1 match(es)
Nov 26 12:04:56 mail postfix/smtpd[20463]: dict_ldap_get_values[1]: Leaving dict_ldap_get_values
Nov 26 12:04:56 mail postfix/smtpd[20463]: dict_ldap_lookup: Search returned nothing
Nov 26 12:04:56 mail postfix/smtpd[20463]: maps_find: virtual_alias_maps: tola.akintola@example.com: not found
Nov 26 12:04:56 mail postfix/smtpd[20463]: dict_ldap_lookup: In dict_ldap_lookup
Nov 26 12:04:56 mail postfix/smtpd[20463]: dict_ldap_lookup: /etc/postfix/ldap-aliases.cf: Skipping lookup of key 'tola.akintola': domain mismatch
Nov 26 12:04:56 mail postfix/smtpd[20463]: maps_find: virtual_alias_maps: tola.akintola: not found
Nov 26 12:04:56 mail postfix/smtpd[20463]: dict_ldap_lookup: In dict_ldap_lookup
Nov 26 12:04:56 mail postfix/smtpd[20463]: dict_ldap_lookup: /etc/postfix/ldap-aliases.cf: Skipping lookup of key '@example.com': domain mismatch
Nov 26 12:04:56 mail postfix/smtpd[20463]: maps_find: virtual_alias_maps: @example.com: not found
Nov 26 12:04:56 mail postfix/smtpd[20463]: mail_addr_find: tola.akintola@example.com -> (not found)

我精煉的 ldap-aliases.cf 看起來像這樣:

server_host = ldap://samba.example.com
server_port = 3268
search_base = dc=company, dc=example, dc=com
query_filter = mail=%s
result_attribute = uid
bind_dn = cn=Administrator,cn=Users,dc=company,dc=example,dc=com
bind_pw = pass
domain = example.com

所以我想知道什麼 ldap 過濾器適合讓它工作。

感謝您的幫助。

經過一些調整後,下面的後綴配置可以工作:

server_host = ldap://samba.example.com
server_port = 3268
search_base = dc=company, dc=example, dc=com
query_filter = (&(mail=%s))
result_attribute = 
leaf_result_attribute = mail
bind_dn = cn=Administrator,cn=Users,dc=company,dc=example,dc=com
bind_pw = passwd
domain = example.com

引用自:https://serverfault.com/questions/452147