sasl ldap problem

Bernhard Reiter bernhard at intevation.de
Thu Nov 16 18:42:56 CET 2006 

Hello Divan,

On Thursday 16 November 2006 13:04, Divan Santana wrote:
> I went live today on new kolab server! Was easy to setup and all was quite
> good.

which version did you set up?
The one I would set up is Kolab Server/OpenPKG version 2.1beta3.

> But we are having some problems unfortunately. Maybe its something small,
> not sure.
>
> We use POP over ssl(995) and smtp over ssl(25).
> Often it will time out or just take long, even though its local lan.
>
> Its seems that if we pop and smtp "normally" everything is quicker and
> errors less.

Which client do you use?
For Outlook to be quick with over SSL you need to import 
the SSL certificate into windows.
See Doc3 (Outlook Setup) from http://www.kolab.org/documentation.html .


> I have noticed this in /kolab/var/sasl/log/saslauthd.log
>
> tail -f /kolab/var/sasl/log/saslauthd.log
> Nov 16 13:10:01 tmgmen-bbb <debug> saslauthd[21428]: ldap_simple_bind()
> failed -1 (Can't contact LDAP server).
> Nov 16 13:10:01 tmgmen-bbb <info> saslauthd[21428]: Retrying authentication
> Nov 16 13:10:01 tmgmen-bbb <debug> saslauthd[21428]: Domain/Realm not
> available.
> Nov 16 13:10:01 tmgmen-bbb <debug> saslauthd[21428]: Domain/Realm not
> available.
> Nov 16 13:10:13 tmgmen-bbb <debug> saslauthd[21441]: ldap_simple_bind()
> failed -1 (Can't contact LDAP server).
> Nov 16 13:10:13 tmgmen-bbb <info> saslauthd[21441]: Retrying authentication
> Nov 16 13:10:29 tmgmen-bbb <debug> saslauthd[21428]: ldap_simple_bind()
> failed -1 (Can't contact LDAP server).
> Nov 16 13:10:29 tmgmen-bbb <info> saslauthd[21428]: Retrying authentication


Sometimes this happens when kolabconf restarts OpenLDAP.


> Any ideas?
>
> I have checked my hosts file thinking it could be that. All points to
> 127.0.0.1. Sure its something small thats wrong.
>
> I can create users through interface and authenticate so don't know why
> gettings these ldap errors but think its related.
>
> Anyone have any ideas or things I could check?

Monitor the Openldap logs and corresponding processes.
See if you can connect using gnutls-cli or something similiar.

Best,
Bernhard

-- 
Managing Director - Owner, www.intevation.net       (Free Software Company)
Germany Coordinator, fsfeurope.org       (Non-Profit Org for Free Software)
www.kolab-konsortium.com   (Email/Groupware Solution, Professional Service)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1310 bytes
Desc: not available
URL: <http://lists.kolab.org/pipermail/users/attachments/20061116/3167653f/attachment.p7s>

More information about the users mailing list