[tpop3d-discuss] RE: LDAP Authentication

Thai Tran t_tran99 at yahoo.com
Wed, 18 Sep 2002 16:59:11 -0500


Hello,
	Well I tried the filter listed below in tpop3d and with ldapsearch.  When
using the filter listed below I receive this error:

ldapsearch -x -b "o=mye-znet" (&(uid=t_tran99)(dc=mye-znet.com))
bash: syntax error near unexpected token `&'

	I understand LDAP enough to get around but I'm not sure if tpop3d uses a
format such as 'ldapsearch' does.  This is the result of a my anonymous bind
search:

[root@ldap etc]# ldapsearch -x -b "o=mye-znet" uid=t_tran99
version: 2

#
# filter: uid=t_tran99
# requesting: ALL
#

# t_tran99, mye-znet.com, mye-znet
dn: cn=t_tran99,dc=mye-znet.com,o=mye-znet
objectClass: top
objectClass: person
objectClass: mailUser
objectClass: radiusprofile
dc: mye=znet.com
sn: Tran
cn: Thai
uid: t_tran99
mailQuota: 5M
radiusAuthType: LDAP
radiusFramedProtocol: PPP
radiusIdleTimeout: 10
radiusPasswordRetry: 3
radiusPortLimit: 1
radiusServiceType: Framed-User
radiusSimultaneousUse: 1
mail: t_tran99@mye-znet.com
mailMessageStore: /home/mailspool/mye-znet.com/t_tran99/
radiusExpiration: "15 Sep 2003"
userPassword:: e2NyeXB0fWRUYXRLZEdOaS8xWWs=

So I'm pretty sure that the anonymous bind works fine.  Also if tpop3d asks
for a ldap url isn't it searching in a url format, correct me if I'm wrong.
My installation and configuration of FreeRadius and Exim are able to use an
anonymous bind fine.

However I modify my search filter tpop3d still returns an error of
ldap_search_s: No such object.

Is there something I'm doing wrong?

Thanks,
Thai

-----Original Message-----
From: Prune [mailto:prune@lecentre.net]
Sent: Wednesday, September 18, 2002 1:34 PM
To: t_tran99@yahoo.com
Cc: tpop3d
Subject: Re: [tpop3d-discuss] RE: LDAP Authentication


Hi,

as said chris, the search filter is the same as when you use ldapsearch.
from the man page (with anonymous bind, may not work for you)  :
ldapsearch  -b "c=US" "(o=University*)"  description

which mean, give me the "description" attribute of envery entry containing
the attribut "o" = "University*", starting from "c=US" in the DN.
do you understand that ?

for you, this will give :

ldapsearch  -b "o=mye-znet" "(uid=t_tran99)" mailMessageStore

this will work if you supply only 't_tran99' as login, and don't add the
domain after.
the search filter can be more complicates, for example :
(&(uid=t_tran99)(dc=mye-znet.com))

so :     (&(uid=$(local_part))(dc=$(domain)))

I hope this will work

chris : am I right ?

thai : understand ?

Cheers,

Prune
Thai