Using ldap zimbra in another postfix server

[rojoblandino]

I have to servers, an old server with a postfix configured by hand and a new server with zimbra.

I have been trying to connect the postfix in the old server to the ldap zimbra db but not success.

Installing zimbra in the other one is not a solution i just want to use the same users db.

[rojoblandino]

Another thing testing the ldapsearch is successfull i can see all the users, but when connecting the postfix to the ldap i have not had success.

[rojoblandino]

Thanks to all but i already solved it, the problem resides in the filter i was using. Now i will explain how to do it.

I am using debian so I edit /etc/default/saslauthd

Code:

MECHANISMS="ldap"
MECH_OPTIONS="/etc/saslauthd.conf"

Then i move the saslauthd directory to be read by postfix chroot environment:

Code:

mv  /var/run/saslauthd/ /var/spool/postfix/var/run/
ln -s /var/spool/postfix/var/run/saslauthd  /var/run/
adduser postfix sasl

Then I create /etc/saslauthd.conf

Code:

# LDAP
# --
ldap_servers: ldap://$iphost/
ldap_bind_dn: uid=zmpostfix,cn=appaccts,cn=zimbra
ldap_bind_pw: $passwordzimbra
ldap_auth_method: bind
ldap_filter: (&(|(uid=%u)(zimbraMailDeliveryAddress=%u)(zimbraMailAlias=%u))(zimbraMailStatus=enabled))
#ldap_search_base: uid=user,ou=people,dc=dominio,dc=com
#ldap_scope: base
ldap_timeout: 15
#-------------- FIN

In this section i was using the zimbra filter with %s and not %u, i changed and everything came out easy, i mean i was using the filter in the ldap-vam.cf of the zimbra conf file, changing the %s by %u solve the problem.


Then i run the saslauthd for testing purpose

Code:

# /usr/sbin/saslauthd -a ldap -O /etc/saslauthd.conf -c -m /var/run/saslauthd -n 5 -d

and then in a new console i run

Code:

# testsaslauthd -u user -p freedom
0: OK "Success."

Then i edit /etc/postfix/sasl/smtpd.conf

Code:

log_level: 3
pwcheck_method: saslauthd
mech_list: plain ntlm cram-md5 login digest-md5
auxprop_plugin: ldap

Stop saslauthd and run everything:

Code:

/etc/init.d/saslauthd stop;/etc/init.d/saslauthd start;/etc/init.d/postfix stop; /etc/init.d/postfix start

I make a Auth Plain test code:

Code:

# echo "AUTH PLAIN "`perl -MMIME::Base64 -e 'print encode_base64("user\0user\0freedom");'`
AUTH PLAIN dXNlcgB1c2VyAGZyZWVkb20=

I copy the output and try the telnet

Code:

# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.dominio.com ESMTP Postfix (Debian/GNU)
AUTH PLAIN dXNlcgB1c2VyAGZyZWVkb20=
235 2.7.0 Authentication successful