Yast Configuration of Mailserver fails when reading/modifying mail transport from openLDAP

First, usual apologies if I have missed something simple, or related topic in forums, mail archives, etc… I’ve searched nd found nothing, so am asking for help.

I’ve built postfix+cyrus+openLDAP mailserver multiple times in past using yast without problems on older distributions of openSuSE. This time on 13.1 I am encountering problems.

  1. OpenLDAP server and client are set up listening on 389 and 636 (SSL). Schemas for dnszone and suse-mailserver are loaded.

  2. Tested with ldapsearch and testsasl. All works fine.

  3. When using yast to configure mailserver (advanced) I get the following four errors:

    Cannot read mail server transports
    Cannot read mail server preventions
    Cannot read mail server relay settings
    Cannot read mail serve local delivery settings

  4. As well, changes to configuration of mail transport, etc… do not stick. Next time we run yast they are missing again. As well menus for local transport, e.g. cyrus, are missing.

I turned on logging for the ldap server and examined the yast logs (see below). As the first error is generated “Cannot read mail server transports” there is the following error in yast log:

2014-06-02 21:22:36 <3> pacaya(26981) [agent-ldap] LdapAgent.cc(debug_exception):505 ldap error while modifying cn=userTemplate,dc=celoso,dc=net (32): No such object
2014-06-02 21:22:36 <3> pacaya(26981) -e] SCR_INIT_FAILED[2655:/usr/share/YaST2/modules/YaPI/MailServer.pm] LDAP modify failed
2014-06-02 21:22:36 <3> pacaya(26981) -e] Description: 32 : No such object
2014-06-02 21:22:36 <3> pacaya(26981) [Ruby] modules/MailServer.rb:412 Cannot read mail server transports.

In syslog from ldap server I see:

2014-06-02T21:24:46.862906+01:00 pacaya slapd[26799]: conn=2181 op=3 SRCH base=“dc=celoso,dc=net” scope=2 deref=0 filter="(objectClass=suseUserTemplate)"
2014-06-02T21:24:46.863068+01:00 pacaya slapd[26799]: => bdb_filter_candidates
2014-06-02T21:24:46.863237+01:00 pacaya slapd[26799]: #011AND
2014-06-02T21:24:46.863444+01:00 pacaya slapd[26799]: => bdb_list_candidates 0xa0
2014-06-02T21:24:46.863626+01:00 pacaya slapd[26799]: => bdb_filter_candidates
2014-06-02T21:24:46.863814+01:00 pacaya slapd[26799]: #011OR
2014-06-02T21:24:46.864009+01:00 pacaya slapd[26799]: => bdb_list_candidates 0xa1
2014-06-02T21:24:46.864206+01:00 pacaya slapd[26799]: => bdb_filter_candidates
2014-06-02T21:24:46.864572+01:00 pacaya slapd[26799]: #011EQUALITY
2014-06-02T21:24:46.864776+01:00 pacaya slapd[26799]: <= bdb_filter_candidates: id=0 first=0 last=0
2014-06-02T21:24:46.864973+01:00 pacaya slapd[26799]: => bdb_filter_candidates
2014-06-02T21:24:46.865173+01:00 pacaya slapd[26799]: #011EQUALITY
2014-06-02T21:24:46.865539+01:00 pacaya slapd[26799]: <= bdb_filter_candidates: id=1 first=6 last=6
2014-06-02T21:24:46.865738+01:00 pacaya slapd[26799]: <= bdb_list_candidates: id=1 first=6 last=6
2014-06-02T21:24:46.865965+01:00 pacaya slapd[26799]: <= bdb_filter_candidates: id=1 first=6 last=6
2014-06-02T21:24:46.866165+01:00 pacaya slapd[26799]: <= bdb_list_candidates: id=1 first=6 last=6
2014-06-02T21:24:46.867305+01:00 pacaya slapd[26799]: <= bdb_filter_candidates: id=1 first=6 last=6
2014-06-02T21:24:46.867500+01:00 pacaya slapd[26799]: => test_filter
2014-06-02T21:24:46.867639+01:00 pacaya slapd[26799]: EQUALITY
2014-06-02T21:24:46.867769+01:00 pacaya slapd[26799]: <= test_filter 6
2014-06-02T21:24:46.867894+01:00 pacaya slapd[26799]: conn=2181 op=3 SEARCH RESULT tag=101 err=0 nentries=1 text=
2014-06-02T21:24:46.868022+01:00 pacaya slapd[26799]: conn=2181 op=4 BIND anonymous mech=implicit ssf=0
2014-06-02T21:24:46.868162+01:00 pacaya slapd[26799]: conn=2181 op=4 BIND dn=“cn=Administrator,dc=celoso,dc=net” method=128
2014-06-02T21:24:46.868301+01:00 pacaya slapd[26799]: conn=2181 op=4 BIND dn=“cn=Administrator,dc=celoso,dc=net” mech=SIMPLE ssf=0
2014-06-02T21:24:46.868481+01:00 pacaya slapd[26799]: conn=2181 op=4 RESULT tag=97 err=0 text=
2014-06-02T21:24:46.868684+01:00 pacaya slapd[26799]: connection_input: conn=2181 deferring operation: binding
2014-06-02T21:24:46.868813+01:00 pacaya slapd[26799]: conn=2181 op=5 MOD dn=“cn=userTemplate,dc=celoso,dc=net”

Testing with ldapsearch I see the following:

pacaya:~ # ldapsearch -H ldaps://pacaya.celoso.net -D “cn=Administrator,dc=celoso,dc=net” -W -v “cn=userTemplate,dc=celoso,dc=net”
ldap_initialize( ldaps://pacaya.celoso.net:636/??base )
Enter LDAP Password:
filter: cn=userTemplate,dc=celoso,dc=net
requesting: All userApplication attributes

extended LDIF

LDAPv3

base <dc=celoso,dc=net> (default) with scope subtree

filter: cn=userTemplate,dc=celoso,dc=net

requesting: ALL

search result

search: 2
result: 0 Success

numResponses: 1

pacaya:~ # ldapsearch -H ldaps://pacaya.celoso.net -D “cn=Administrator,dc=celoso,dc=net” -W -v “cn=userTemplate”
ldap_initialize( ldaps://pacaya.celoso.net:636/??base )
Enter LDAP Password:
filter: cn=userTemplate
requesting: All userApplication attributes

extended LDIF

LDAPv3

base <dc=celoso,dc=net> (default) with scope subtree

filter: cn=userTemplate

requesting: ALL

usertemplate, ldapconfig, celoso.net

dn: cn=usertemplate,ou=ldapconfig,dc=celoso,dc=net
cn: usertemplate
objectClass: top
objectClass: suseObjectTemplate
objectClass: suseUserTemplate
suseDefaultValue: homeDirectory=/home/%uid
suseDefaultValue: loginShell=/bin/bash
suseNamingAttribute: uid
susePlugin: UsersPluginLDAPAll

search result

search: 2
result: 0 Success

numResponses: 2

numEntries: 1

pacaya:~ #

I do not know what permissions I need to change or what configuration in ldap needs to be changed.

Any suggestion would be much appreciated.

Kind regards,

Michael Hieb

IMO you need to identify the mailserver app you’re running,
plus any guides you are following for configuration.

So, for instance square one is to verify that YAST still supports the mailserver you’re using which could answer all your YAST related questions.

Then, depending on what guide you’re following to configure your mailserver if necessary you may have an alternative to YAST for configuring.

If this is a brand new install and as last resort in your position I might consider installing in 12.3 if you know everything works there, then upgrade. But, weigh the possibility your maintenance/support options could be limited moving forward.

TSU

No howto, these are simply the standard choices in yast i.e. postfix + cyrus + sasl. There are some older howto on opensuse SDB, tldp, etc… but it hasn’t been necessary for a great many releases to follow a howto, only configure with standard choices in yast. Until yast was released broken in opensuse 13.1.