configure postfix to query active directory

Discussion in 'Server Operation' started by sojavelo, Nov 26, 2019.

  1. sojavelo

    sojavelo New Member

    Hello,
    I need to setup postfix mail server to query ACTIVE DIRECTORY. I am looking for a detailed tutorial explaining every steps I have to follow.

    Thanks in advance.
    Soja
     
  2. Steini86

    Steini86 Active Member

    Last edited: Nov 27, 2019
  3. sojavelo

    sojavelo New Member

    Thanks for your interst and sorry for the lack of information. It was my mistake.
    In fact, to make it short my configuration is : Debian 10 (Buster) + Postfix + Dovecot + MS Windows Server 2016 (LDAP server)
    I just want to note that I have already tried these steps without result.
    Is there a synthetic way to sort out my problem ?
    Thanks in advance
     
  4. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Find an expert and pay him/her to do the work for you.
     
  5. sojavelo

    sojavelo New Member

    OK. It is a way but it doesn't help me. Doing so, you are not helping me also.
     
  6. Steini86

    Steini86 Active Member

    We still do not know, 'what' exactly your problem is.
    Is not a good description of your problem!
    What you want to achieve is not a trivial task which could be solved by installing something or pasting one line of code and you are good to go. It is complicated and requires some knowledge. If you do not have it at this time you need to read the manual. Sorry for that.
     
  7. sojavelo

    sojavelo New Member

    You are right. I am sorry. It'd better to start to an exct clarified issue.
    To summarize : AD - postfix/dovecot is already installed. Now, I am testing if users are queried from AD with the following command :
    Here after the content of ldap_virtual_recipients.cf :
    bind = yes
    bind_dn = cn=vmail, cn=users, dc=mydomain, dc=com
    bin_pw=*******
    server_host=192.168.1.2
    search_base= ou=people,dc=mydomain,dc=local
    version = 3
    scope=sub
    query_filter= (&(mail=%s) (mailEnabled=TRUE))
    result_attribute = mail​

    Here after what I get when I test with the following command
    postmap -v -q [email protected] ldap:/etc/postfix/ldap_virtual_recipients.cf
    postmap: name_mask: all
    postmap: inet_addr_local: configured 2 IPv4 addresses
    postmap: inet_addr_local: configured 2 IPv6 addresses
    postmap: dict_ldap_open: Using LDAP source /etc/postfix/ldap_virtual_recipients.cf
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: server_host = 192.168.1.2
    postmap: cfg_get_int: /etc/postfix/ldap_virtual_recipients.cf: server_port = 389
    postmap: cfg_get_int: /etc/postfix/ldap_virtual_recipients.cf: version = 3
    postmap: dict_ldap_open: /etc/postfix/ldap_virtual_recipients.cf server_host URL is ldap://192.168.1.2:389
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: scope = sub
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: search_base = ou=people,dc=mydomain,dc=com
    postmap: cfg_get_int: /etc/postfix/ldap_virtual_recipients.cf: timeout = 10
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: query_filter = (&(mail=%s)(mailEnabled=TRUE))
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: result_format = <NULL>
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: result_filter = %s
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: domain = mydomain.com
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: terminal_result_attribute =
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: leaf_result_attribute =
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: result_attribute = mail
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: special_result_attribute =
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: bind = yes
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: bind_dn = cn=Administrateur,cn=users,dc=mydomain,dc=com
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: bind_pw = StdUpBibb.4652
    postmap: cfg_get_bool: /etc/postfix/ldap_virtual_recipients.cf: cache = off
    postmap: cfg_get_int: /etc/postfix/ldap_virtual_recipients.cf: cache_expiry = -1
    postmap: cfg_get_int: /etc/postfix/ldap_virtual_recipients.cf: cache_size = -1
    postmap: cfg_get_int: /etc/postfix/ldap_virtual_recipients.cf: recursion_limit = 1000
    postmap: cfg_get_int: /etc/postfix/ldap_virtual_recipients.cf: expansion_limit = 0
    postmap: cfg_get_int: /etc/postfix/ldap_virtual_recipients.cf: size_limit = 0
    postmap: cfg_get_int: /etc/postfix/ldap_virtual_recipients.cf: dereference = 0
    postmap: cfg_get_bool: /etc/postfix/ldap_virtual_recipients.cf: chase_referrals = off
    postmap: cfg_get_bool: /etc/postfix/ldap_virtual_recipients.cf: start_tls = off
    postmap: cfg_get_bool: /etc/postfix/ldap_virtual_recipients.cf: tls_require_cert = off
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: tls_ca_cert_file =
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: tls_ca_cert_dir =
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: tls_cert =
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: tls_key =
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: tls_random_file =
    postmap: cfg_get_str: /etc/postfix/ldap_virtual_recipients.cf: tls_cipher_suite =
    postmap: cfg_get_int: /etc/postfix/ldap_virtual_recipients.cf: debuglevel = 0
    postmap: dict_open: ldap:/etc/postfix/ldap_virtual_recipients.cf
    postmap: dict_ldap_lookup: In dict_ldap_lookup
    postmap: match_string: /etc/postfix/ldap_virtual_recipients.cf: mydomain.com ~? mydomain.com
    postmap: dict_ldap_lookup: No existing connection for LDAP source /etc/postfix/ldap_virtual_recipients.cf, reopening
    postmap: dict_ldap_connect: Connecting to server ldap://192.168.1.2:389
    postmap: dict_ldap_connect: Actual Protocol version used is 3.
    postmap: dict_ldap_connect: Binding to server ldap://192.168.1.2:389 with dn cn=Administrateur,cn=users,dc=mydomain,dc=com
    postmap: dict_ldap_connect: Successful bind to server ldap://192.168.1.2:389 with dn cn=Administrateur,cn=users,dc=mydomain,dc=com
    postmap: dict_ldap_connect: Cached connection handle for LDAP source /etc/postfix/ldap_virtual_recipients.cf
    postmap: dict_ldap_lookup: /etc/postfix/ldap_virtual_recipients.cf: Searching with filter (&([email protected])(mailEnabled=TRUE))
    postmap: warning: dict_ldap_lookup: /etc/postfix/ldap_virtual_recipients.cf: Search base 'ou=people,dc=mydomain,dc=com' not found: 32: No such object
    postmap: fatal: table ldap:/etc/postfix/ldap_virtual_recipients.cf: query error: Success

    In my opinion, there are some incoherence in last 2 lines.

    Many thanks for the help to detect what is wrongly configured.
     
  8. sojavelo

    sojavelo New Member

    Finally, I was able to sort out my problem of querying AD with postmap by changing the following lines in my configuration file
    query_filter = (&(&(objectCategory=person) (sAMAccountName=%u)) (!(userAccountControl:1.2.840.113556.1.4.803:=2)))
    result_attribute = mail​

    Maybe it can help.
    Anyway, thanks for the interaction.
     
    Steini86 likes this.

Share This Page