strange behaviour of ptloader unable to canonify identifier
Liutauras Adomaitis
adomaitis at kolabsystems.com
Mon Aug 14 15:29:43 CEST 2017
Hi,
On 2017 m. rugpjūčio 11 d., penktadienis 17:52:34 EEST Jan Kowalsky wrote:
> Lookup works:
>
> [11/Aug/2017:16:08:49 +0200] conn=2131533 op=2 SRCH
> base="dc=example,dc=org" scope=2
> filter="(&(objectClass=inetorgperson)(|(uid=example.user1)(mail=example.user
> 1 at fas-dresden.de)(alias=example.user1 at fas-dresden.de)))" attrs="displayName
> mail alias nsRoleDN uid"
>
> Lookup doesn't work
>
> [11/Aug/2017:16:14:14 +0200] conn=2118186 op=8777 SRCH
> base="dc=example,dc=org" scope=2
> filter="(|(&(|(uid=cyrus-admin)(uid=cyrus-murder))(uid=example.user2))(&(|(u
> id=example.user2)(mail=example.user2 at fas-dresden.de)(mail=example.user2@))(o
> bjectClass=kolabinetorgperson)))" attrs="1.1"
>
> But other entries with attrs="1.1" don't lead to problems.
>
> I I change the ldap Server in the second webmailer for using the other
> ldap-server: no problem. But we have some fancy aci for separating domains.
>
> So one question: does the ldapserver cyrus makes its lookups from have
> to be the same where the mailclient (roundcube) looks up?
No, but if you use different servers, then you must know what you are doing,
as that can lead to all sorts of problems.
> I have no Idea for further debugging. Any hint is welcome.
The LDAP log which doesn't work looks like generated by Cyrus PTS module. What
i would do is:
- take that filter from LDAP log record and use it for manual ldapsearch
command line utility to find out why it doesn't find what you expect. Make
sure you use same bind dn and password as it is configured in /etc/imapd.conf
for pts module. I usually remove parts of the filter until ldapsearch utility
finds the LDAP object.
Regards,
Liutauras
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.kolab.org/pipermail/users/attachments/20170814/e0cff6ba/attachment.sig>
More information about the users
mailing list