Problem with firewall?
IEM - Network Operation Center
noc at iem.at
Mon Jan 17 09:34:14 UTC 2005
Andrew Afliatunov wrote:
>
> Authentication fails, and in mail.log I see:
> --
> Dec 24 11:24:15 web imapd[3408]: pam_ldap: ldap_simple_bind Can't
> contact LDAP server
> --
>
> Here I must say, that when I built test Linux server in local network
> with the same configuration and test Windows AD server in the same
> network, I was able to authenticate in IMAP. The only difference between
> WAN and LAN servers is firewall.
> So - isn't it enough to open port 636 on it (although firewall log says
> that ldap packets go in both directions)?
have you changed the ldap-servers address ;-) ?
are you sure that pam_ldap is using port 636 / SSL ?
are the ports forwarded to the correct machine ?
try to connect to your ldap-server via "telnet remote.server 636"
try to connect to your ldap-server with some command-line tools like
"ldapsearch" (on debian this is in ldap-utils; on slackware i don't
know) and get some information
in the past, i have had problems with the certificates being not
installed on the client-machine (your imap-server)
furthermore, a lot of imap-servers have built-in ldap-support, so you
could use this instead of pam. (i guess this is somewhat flamish on this
list)
mfg.as.dr
IOhannes
--
IEM - network operation center
mailto:noc at iem.at
More information about the Pam-list
mailing list