Loading ...
Sorry, an error occurred while loading the content.

Re: LDAP maps and bind referrals

Expand Messages
  • Victoriano Giralt
    ... Hash: SHA1 ... Thanks, Victor. As usual, you re right ;) Once the LDAP library has been properly tamed, everything is working nicely. For the records, as
    Message 1 of 3 , Aug 30 10:00 AM
    • 0 Attachment
      -----BEGIN PGP SIGNED MESSAGE-----
      Hash: SHA1

      Victor Duchovni wrote:
      |> It seems that postfix tries does not know what to do, as the system in the
      |> referral is not reachable (that is what might require second thoughts), but
      |> the firewall produces an immediate TCP reset, so 10.0.1.6 should, IMHO, be
      |> considered unreachable and 10.0.1.7 tried instead.
      |>
      |> Am I totally confused? Is this the intended flow?
      |
      | The LDAP library hands Postfix a connection, when Postfix fails
      | to bind it gives up.
      Thanks, Victor. As usual, you're right ;)

      Once the LDAP library has been properly tamed, everything is working nicely.

      For the records, as it is OpenLDAP under the hood, adding

      NETWORK_TIMEOUT 2
      REFERRALS off

      to /etc/openldap/ldap.conf (normal RHEL location, YMMV) made the trick. The
      timeout value is incidental, I have reduced it as directory servers are
      very close (same LAN segment) to Postfix servers and should respond almost
      immediately.

      - --
      Victoriano Giralt
      Systems Manager
      Central ICT Services
      University of Malaga
      SPAIN
      - -
      A: Yes.
      | > Q: Are you sure ?
      |> >> A: Because it reverses the logical flow of conversation.
      |>> >>> Q: Why is top posting annoying in email ?
      -----BEGIN PGP SIGNATURE-----
      Version: GnuPG v1.4.5 (GNU/Linux)
      Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org

      iD8DBQFMe+OWV6+mDjj1PTgRAh6DAKCUtOqEjsw46h9JqRG805C1M5XqiACgy+gf
      mahu0/1tEk7mei8zAJVmZC0=
      =w70H
      -----END PGP SIGNATURE-----
    Your message has been successfully submitted and would be delivered to recipients shortly.