Re: LDAP maps and bind referrals
- -----BEGIN PGP SIGNED MESSAGE-----
Victor Duchovni wrote:
|> It seems that postfix tries does not know what to do, as the system in the
|> referral is not reachable (that is what might require second thoughts), but
|> the firewall produces an immediate TCP reset, so 10.0.1.6 should, IMHO, be
|> considered unreachable and 10.0.1.7 tried instead.
|> Am I totally confused? Is this the intended flow?
| The LDAP library hands Postfix a connection, when Postfix fails
| to bind it gives up.
Thanks, Victor. As usual, you're right ;)
Once the LDAP library has been properly tamed, everything is working nicely.
For the records, as it is OpenLDAP under the hood, adding
to /etc/openldap/ldap.conf (normal RHEL location, YMMV) made the trick. The
timeout value is incidental, I have reduced it as directory servers are
very close (same LAN segment) to Postfix servers and should respond almost
Central ICT Services
University of Malaga
| > Q: Are you sure ?
|> >> A: Because it reverses the logical flow of conversation.
|>> >>> Q: Why is top posting annoying in email ?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----