Winbind auhentication

Luciano Mannucci luciano at vespaperitivo.it
Fri Mar 10 20:05:16 UTC 2023 

On Fri, 10 Mar 2023 14:22:26 -0500
"John Stoffel" <john at stoffel.org> wrote:

> Now you don't say if your local user account works or not,
> but I'd work on getting just the AD part (really, you're using
> windind?) first.
Yes the local user works.
 
> Also, have you compared your postfix and dovecot setups?  There are
> good docs out there on how you combine them to use the same
> authentication backend.
Well, postfix doesn't need to authenticate users: it accepts all if
it comes from mynetworks.
I know it is not wise; it is just a test to explore single sign on
with didderent sources.
 
> And the info you posted really don't help much, since you don't post
> any log messages from when the authentication fails.  That will tell
> you more I'm sure.
Apologies, you are absolutely right. Here they are:

Mar 10 14:59:12 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth
Mar 10 14:59:12 auth: Debug: Module loaded: /usr/local/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
Mar 10 14:59:12 auth: Debug: Read auth token secret from /var/run/dovecot/auth-token-secret.dat
Mar 10 14:59:12 auth: Debug: auth client connected (pid=4221)
Mar 10 14:59:25 auth: Debug: client in: AUTH    1       PLAIN   service=pop3    session=yQtBK4z2lOzAqIoP        lip=192.168.138.18      rip=192.168.138.15      lport=110       rport=60564     resp=AG1jcwBrYXE5LnBpcA== (previous base64 data may contain sensitive data)
Mar 10 14:59:25 auth: Debug: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Performing passdb lookup
Mar 10 14:59:25 auth: Debug: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): cache miss
Mar 10 14:59:25 auth-worker(4223): Debug: Loading modules from directory: /usr/local/lib/dovecot/auth
Mar 10 14:59:25 auth-worker(4223): Debug: Module loaded: /usr/local/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): Server accepted connection (fd=13)
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): Sending version handshake
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<1>: Handling PASSV request
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<1>: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Performing passdb lookup
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<1>: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): lookup
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<1>: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Finished passdb lookup
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<1>: Finished
Mar 10 14:59:25 auth: Debug: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Finished passdb lookup
Mar 10 14:59:25 auth: Debug: auth(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Auth request finished
Mar 10 14:59:25 auth: Debug: client passdb out: OK      1       user=mcs        
Mar 10 14:59:25 auth: Debug: master in: REQUEST 980549633       4221    1       19c7b19fec4f0dee8512545a1ae27501        session_pid=4224
Mar 10 14:59:25 auth: Debug: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Performing userdb lookup
Mar 10 14:59:25 auth: Debug: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): userdb cache miss
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<2>: Handling USER request
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<2>: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Performing userdb lookup
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<2>: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): lookup
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<2>: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Finished userdb lookup
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<2>: Finished
Mar 10 14:59:25 auth: Debug: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Finished userdb lookup
Mar 10 14:59:25 auth: Debug: master userdb out: USER    980549633       mcs     system_groups_user=mcs  uid=1001        gid=1001        home=/home/mcs  auth_mech=PLAIN
Mar 10 14:59:25 pop3-login: Info: Login: user=<mcs>, method=PLAIN, rip=192.168.138.15, lip=192.168.138.18, mpid=4224, session=<yQtBK4z2lOzAqIoP>
Mar 10 14:59:32 pop3(mcs)<4224><yQtBK4z2lOzAqIoP>: Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0
Mar 10 14:59:35 auth: Debug: auth client connected (pid=4225)
Mar 10 14:59:59 auth: Debug: client in: AUTH    1       PLAIN   service=pop3    session=q5FJLYz2n+zAqIoP        lip=192.168.138.18      rip=192.168.138.15      lport=110       rport=60575     resp=************** (previous base64 data may contain sensitive data)
Mar 10 14:59:59 auth: Debug: passwd(geoplan,192.168.138.15,<q5FJLYz2n+zAqIoP>): Performing passdb lookup
Mar 10 14:59:59 auth: Debug: passwd(geoplan,192.168.138.15,<q5FJLYz2n+zAqIoP>): cache miss
Mar 10 14:59:59 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<3>: Handling PASSV request
Mar 10 14:59:59 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<3>: passwd(geoplan,192.168.138.15,<q5FJLYz2n+zAqIoP>): Performing passdb lookup
Mar 10 14:59:59 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<3>: passwd(geoplan,192.168.138.15,<q5FJLYz2n+zAqIoP>): lookup
Mar 10 14:59:59 auth-worker(4223): Info: conn unix:auth-worker (uid=0): auth-worker<3>: passwd(geoplan,192.168.138.15,<q5FJLYz2n+zAqIoP>): invalid password field '*'
Mar 10 14:59:59 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<3>: passwd(geoplan,192.168.138.15,<q5FJLYz2n+zAqIoP>): Finished passdb lookup
Mar 10 14:59:59 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<3>: Finished: user_disabled
Mar 10 14:59:59 auth: Debug: passwd(geoplan,192.168.138.15,<q5FJLYz2n+zAqIoP>): Finished passdb lookup
Mar 10 14:59:59 auth: Debug: auth(geoplan,192.168.138.15,<q5FJLYz2n+zAqIoP>): Auth request finished
Mar 10 15:00:01 auth: Debug: client passdb out: FAIL    1       user=geoplan    code=user_disabled
Mar 10 15:00:04 pop3-login: Info: Disconnected: Aborted login by logging out (user disabled): user=<geoplan>, method=PLAIN, rip=192.168.138.15, lip=192.168.138.18, session=<q5FJLYz2n+zAqIoP>
Mar 10 15:00:59 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): Disconnected: Connection closed (fd=-1)

Thanks for your answer,

Luciano.
-- 
 /"\                         /Via A. Salaino, 7 - 20144 Milano (Italy)
 \ /  ASCII RIBBON CAMPAIGN / PHONE : +39 02485781 FAX: +39 0248028247
  X   AGAINST HTML MAIL    /  E-MAIL: posthamster at sublink.sublink.ORG
 / \  AND POSTINGS        /   WWW: http://www.lesassaie.IT/

More information about the dovecot mailing list