[Dovecot] dovecot-ldap : can't find user in OU subtree

Achim Gottinger achim at ag-web.biz
Thu Oct 31 01:42:44 EET 2013


Am 30.10.2013 21:17, schrieb me at electronico.nc:
> Hello and thanks for your answer.
>
> Le 30/10/2013 19:32, Steffen Kaiser a écrit :
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> On Wed, 30 Oct 2013, me at electronico.nc wrote:
>>
>>>> passdb {
>>>>   args = /etc/dovecot/dovecot-ldap-passdb.conf.ext
>>>>   driver = ldap
>>>> }
>>>
>>> /etc/dovecot/dovecot-ldap-passdb.conf.ext:
>>>> hosts = localhost
>>>> auth_bind = yes
>>>> auth_bind_userdn = cn=%u,OU=users,dc=domain,dc=lan
>>
>> You define your bind DN as cn=%u,OU=users,dc=domain,dc=lan
>>
>>>> ldap_version = 3
>>>> base = ou=users,dc=domain,dc=lan
>>>> scope = subtree
>>>> pass_filter = (&(objectClass=person)(cn=%u)(mail=*))
>
You should use

/etc/dovecot/dovecot-ldap-passdb.conf.ext

hosts = localhost
dn = cn=ldap,cn=Users,DC=domain,DC=lan
dnpass = My_secret_pass
auth_bind = yes
ldap_version = 3
base = OU=users,DC=domain,DC=lan
scope = subtree
pass_filter = (&(objectClass=person)(cn=%u)(mail=*))

That way pass_filter should match 
cn=%u,OU=administrative,OU=Users,DC=domain,DC=lan as well. Take an look 
at http://wiki2.dovecot.org/AuthDatabase/LDAP/AuthBinds DN lookup vs. DN 
template.



More information about the dovecot mailing list