Sles 10 + LDAP + Postfix error

mnt_schred · May 5, 2008, 11:00am

I’ve installed webmin and virtualmin on a fresh SLES (Suse Linux Enteprise Server) 10 box, and I’ve managed to configure everything just fine except from postfix:

—begin of generated code from virtualmin—

In domain testsite.com
Creating administration group testsite …
… done

Creating administration user testsite …
… done

Creating aliases for administration user …
… aliases failed : LDAP add of cn=testsite@testsite.com,ou=people,dc=ebrius,dc=nl failed : attribute ‘suseMailAcceptAddress’ not allowed at …/web-lib-funcs.pl line 980.

Adding administration user to groups …
… done

Creating home directory …
… done

Creating mailbox for administration user …
… done

Adding to email domains list …
… Mail for domain failed! : LDAP add of cn=testsite.com,ou=people,dc=ebrius,dc=nl failed : attribute ‘suseMailAcceptAddress’ not allowed at …/web-lib-funcs.pl line 980.

Adding new virtual website …
… done

Adding Apache user wwwrun to server’s group …
… done

Setting up scheduled Webalizer reporting …
… done

Setting up log file rotation …
… done

Creating MySQL login …
… done

Creating MySQL database testsite …
… done

Creating PostgreSQL login …
… done

Creating PostgreSQL database testsite …
… done

Creating Webmin user …
… done

Applying web server configuration …
… done

Re-loading Webmin …
… done

Saving server details …
… done

Sending email notification to domain owner …
… email sent to testsite@testsite.com

—end of generated code from virtualmin—

So it looks like the default config is incorrect. However, I can add domains in YaST (Suse’s shell based management tool) just fine.
I’m not a LDAP guru, so I’m a bit stuck.

Clues anybody?

Joe · May 6, 2008, 2:39am

Do you actually need LDAP? Unless you actually have need of it, keeping it simple will make things much easier on yourself. (And using the standard passwd db will be faster up until you’re dealing with 1000+ user accounts.)

But, if you must use LDAP, you’ll need to read up on configuring Virtualmin to work with LDAP:

http://www.virtualmin.com/documentation/id,combining_virtualmin_and_ldap/

It appears from the error messages that SUSE has setup some custom fields that are unknown to Virtualmin and Postfix (and the rest of the world). SUSE has a tendency to do stuff like that for the convenience of the YaST developers.

Since I know next to nothing about the way SUSE is using LDAP (or LDAP in general, for that matter), I’m not able to be much help beyond that. I know you need all of the various components to agree on the schema–and since SUSE has seemingly created a weird schema of their very own, you’ll need to teach everybody else in your stack how to deal with it.

mnt_schred · May 8, 2008, 8:26am

Well, the problem is that in the ‘out of the box, into YaST’-config, everything works with LDAP. Can’t I just use LDAP exept for Postfix? Then I’ll just let the postfix module of YaST unused… I think that’s the easiest approach?

mnt_schred · May 9, 2008, 10:34am

Well, I’ve consulted with my colleague and not use LDAP for postfix is not an option because then you have users exist in both LDAP and Postfix.

The fact I have to use LDAP is because I need Open-Exchange, wich uses LDAP. So, what’s the best option? Seeking help from an Suse expert?

mnt_schred · June 6, 2008, 12:36pm

I’m a bit further now, I’m left with the following errors:

----begin code----
Creating administration group testdomain …
… done

Creating administration user testdomain …
… done

Creating aliases for administration user …
… aliases failed : LDAP add of cn=testdomain@testdomain.nl,ou=DNS,dc=ebrius,dc=nl failed : no structural object class provided at …/web-lib-funcs.pl line 980.

Adding administration user to groups …
… done

Creating home directory …
… done

Creating mailbox for administration user …
… done

Adding to email domains list …
… Mail for domain failed! : LDAP add of cn=testdomain.nl,ou=DNS,dc=ebrius,dc=nl failed : zoneName: value #0 provided more than once at …/web-lib-funcs.pl line 980.

Adding new virtual website …
… done
—end code—

The seccond error has been reported as a bug, but the first error is clearly a misconfiguration. I’ve configured the postfix modules of webmin as described in the LDAP/virtuamin document, and even have managed to use SLES’s exoctic objectclasses etc.

My questions:

does anyone know what I’ve done wrong with the structural object class in the aliases configuraton and
is the bug solved/where can I find it in the tracker?

mnt_schred · June 30, 2008, 9:15am

I’ve solved it by not using LDAP for my postfix. A dirty cheat, but it works
Only problem is that the mailsettings aren’t in LDAP, but I can live with that…

Joe · June 30, 2008, 6:54pm

Thanks for the update. You’re treading in waters that no one else has ventured into, so I didn’t really have any good answers for you.

mnt_schred · June 30, 2008, 7:05pm

Well, The documentation on how to setup virtualmin/webmin with LDAP did most of the trick, but the only problem in the end was how YaST handles postfix on LDAP basis.

However, I think I will encounter this problem again because Open Xchange needs all LDAP facilities but I think I’ll solve this by seperating webservers from open exchange servers

If people are interested I can post some p.o.i.'s