• Skip to primary navigation
  • Skip to main content

Inodes

Fractional CTO Consulting

  • Home
  • About Us
  • Contact Us
  • Block Examples
  • Landing Page
  • Pricing Page
  • Show Search
Hide Search

Hardy, exim4, SMTP-AUTH and LDAP… (or debian openssl causes pain)

John Ferlito · 15 May 2008 · Leave a Comment

As most people will know yesterday caused a lot of people a lot of pain as they ran around replacing SSH keys and SSL certificates.

While running around fixing up all our servers, most of them in one felll swoop thanks to puppet, I realised two of our servers were still running Edgy. I figured it was high time I moved them to Hardy.

Everything went fairly smoothly with some minor hicups, except for SMTP-AUTH for exim. We use an ldap backed SMTP-AUTH and this just wouldn’t work after the upgrade. The following error was appearing in the logs.

Plaintext
ldap_search failed: -7, Bad search filter	

This lead to hours upon hours of google searches, staring at debug messages and even at one stage resorting to using GDB. Eventually after staring at debug messages harder it twigged when I saw the following.

Plaintext
perform_ldap_search: ldapdn URL = "ldap:///ou=people,o=vquence?dn?sub?(uid=moo) "

Notice the space just before the closing double quote. It seems that the new openldap libraries don’t like errant spaces in your search filter.

Now to remember what I was doing yesterday morning before this whole derailment began.

Note: Before anyone comments I will completely deny that during these upgrades I did anything as silly as rm -rf `dpkg -L random-font-package`, no matter what twitter says.

Sysadmin auth, edgy, exim, hardy, ldap, smtp

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Hit the ground running with a minimalist look. Learn More

Copyright © 2025 · Inodes Pty Ltd · Log in

  • Privacy Policy