[Dovecot] dovecot Digest, Vol 40, Issue 65

suranga de silva suranga at nic.lk
Fri Aug 18 21:14:29 EEST 2006


Dear Tim Schafer,

Take a look at my sample dovecot-ldap.conf


hosts = localhost
dn = cn=root,dc=ceylonlinux,dc=com
dnpass = secret 
ldap_version = 3
base = dc=ceylonlinux,dc=com
deref = never
scope = subtree
user_attrs =
mail,homeDirectory=mailMessageStore,uidNumber=1003,gidNumber=1003 
user_filter = (&(objectClass=user)(mail=%u))
pass_attrs = mail=user,userPassword=password
pass_filter = (&(objectClass=user)(mail=%u)) 
default_pass_scheme = CRYPT
user_global_uid = 1003
user_global_gid = 1003


Here I am using my own schema called "user", but in your case change it
to inetOrgPerson or the schema name you are using.

I think the most common problem in this process is the ldap filter.
Above in my configuration user_filter and pass_filter are used as ldap
filters for querying user name and password. There I am using mail
attribute.


gid and uid are belong to the user vmail.

May be this explanation will help you to figure out your problem

You can refer my article in the following link for further reference

http://www.ceylonlinux.com/pdf/openldap_backsql_postfix_maildir_cl.pdf


Cheers!!!

Suranga De Silva.
CTO
CEYLON LINUX


On Thu, 2006-08-17 at 21:32 +0300, dovecot-request at dovecot.org wrote:
> Send dovecot mailing list submissions to
> 	dovecot at dovecot.org
> 
> To subscribe or unsubscribe via the World Wide Web, visit
> 	http://dovecot.org/cgi-bin/mailman/listinfo/dovecot
> or, via email, send a message with subject or body 'help' to
> 	dovecot-request at dovecot.org
> 
> You can reach the person managing the list at
> 	dovecot-owner at dovecot.org
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of dovecot digest..."
> 
> 
> Today's Topics:
> 
>    1. Re: LDAP usernames with spaces (Tim Schafer)
>    2. Supporting local and virtual LDAP users,	with seperate
>       mail_env (Tim Schafer)
>    3. Dovecot sometimes Down ! (kleiton at pcs.com.br)
>    4. Re: dovecot mbox to dovecot maildir migration (Timo Sirainen)
>    5. Re: Supporting local and virtual LDAP users,	with	seperate
>       mail_env (Timo Sirainen)
>    6. Re: Supporting local and virtual LDAP users,	with	seperate
>       mail_env (Timo Sirainen)
>    7. Re: Supporting local and virtual LDAP users, with	seperate
>       mail_env (Tim Schafer)
>    8. BSD kqueue testing, once more before 1.0rc7 (Timo Sirainen)
>    9. Re: Supporting local and virtual LDAP users,	with	seperate
>       mail_env (Timo Sirainen)
>   10. Re: BSD kqueue testing, once more before 1.0rc7 (Timo Sirainen)
> 
> 
> ----------------------------------------------------------------------
> 
> Message: 1
> Date: Thu, 17 Aug 2006 10:00:37 -0700
> From: Tim Schafer <tim_schafer at shipfsp.com>
> Subject: Re: [Dovecot] LDAP usernames with spaces
> To: Johannes Berg <johannes at sipsolutions.net>
> Cc: dovecot at dovecot.org
> Message-ID: <44E4A0B5.50608 at shipfsp.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> 
> Thank you Johannes,
> 
> By modifying auth_username_chars in dovecot.conf
> I was able to allow spaces in usernames.
> 
> Regards,
> Tim Schafer
> 
> Johannes Berg said the following on 8/17/2006 12:24 AM:
> > On Wed, 2006-08-16 at 18:14 -0700, Tim Schafer wrote:
> >
> > > I'm assuming it doesn't like the spaces.
> > > Any way around this?
> >
> > You can set the allowed characters somehow. I forgot how, but check the
> > annotated config file.
> >
> > > Also, I don't see any way to support the seperate username and userid
> > > where the username is for authentication
> > > and the userid is used for on disk pathname.
> > > Anyway to support this?
> >
> > I know with SQL that's possible by just returning user= from the query,
> > I guess LDAP as well. I think Timo just posted about this in some other
> > ldap thread. Not quite sure though.
> >
> > Sorry to be so vague, I just happened to have skimmed some messages that
> > seem to related to this recently.
> >
> > johannes
> >   
> 
> 
> ------------------------------
> 
> Message: 2
> Date: Thu, 17 Aug 2006 10:20:03 -0700
> From: Tim Schafer <tim_schafer at shipfsp.com>
> Subject: [Dovecot] Supporting local and virtual LDAP users,	with
> 	seperate mail_env
> To: dovecot at dovecot.org
> Message-ID: <44E4A543.3070100 at shipfsp.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> 
> Is it possible to have local users with mail in
> maildir:%h/.maildir
> 
> and virutal users with mail in
> maildir:/home/exim/%u/.maildir
> 
> 
> I seem to have authentication working for both local users and LDAP users.
> But I'm getting this error trying to access a virtual users mail.
> 
> Aug 17 08:12:08 hostname dovecot: IMAP(Firstname Lastname): maildir: 
> data=/HOME_DIRECTORY_USED_BUT_NOT_GIVEN_BY_USERDB/.maildir
> Aug 17 08:12:08 hostname dovecot: IMAP(Firstname Lastname): maildir: 
> root=/HOME_DIRECTORY_USED_BUT_NOT_GIVEN_BY_USERDB/.maildir, 
> index=/HOME_DIRECTORY_USED_BUT_NOT_GIVEN_B
> Y_USERDB/.maildir, control=, inbox=
> Aug 17 08:12:08 hostname dovecot: IMAP(Firstname Lastname): 
> mkdir(/HOME_DIRECTORY_USED_BUT_NOT_GIVEN_BY_USERDB/.maildir/cur) failed: 
> Permission denied
> 
> -- 
> 
> 
> Regards,
> Tim Schafer
> Information Technology
>                     Logistics Easier with Technology
> 
> 
> Freight Solution Providers                    direct 916-376-6190
> 10453 Old Placerville Road                    fax    916-376-6156
> Sacramento, CA 95827                      tim_schafer at shipfsp.com
> 
> 
> 
> ------------------------------
> 
> Message: 3
> Date: Thu, 17 Aug 2006 14:26:48 -0300 (BRT)
> From: kleiton at pcs.com.br
> Subject: [Dovecot] Dovecot sometimes Down !
> To: dovecot at dovecot.org
> Message-ID:
> 	<34339.157.86.6.55.1155835608.squirrel at pcsoffice.dyndns.biz>
> Content-Type: text/plain;charset=utf-8
> 
> 
> Please, my dovecot sometimes down !
> 
> Aug 17 14:20:01 netrasun dovecot: pop3-login: Can't connect to auth server
> at default: Resource temporarily unavailable
> Aug 17 14:20:02 netrasun last message repeated 3 times
> Aug 17 14:20:03 netrasun dovecot: pop3-login: Disconnected: Inactivity:
> rip=157.86.6.55, lip=157.86.6.55
> Aug 17 14:20:04 netrasun dovecot: pop3-login: Can't connect to auth server
> at default: Resource temporarily unavailable
> Aug 17 14:20:16 netrasun last message repeated 19 times
> Aug 17 14:20:16 netrasun dovecot: pop3-login: Disconnected: Inactivity:
> rip=157.86.6.55, lip=157.86.6.55
> Aug 17 14:20:16 netrasun dovecot: pop3-login: Can't connect to auth server
> at default: Resource temporarily unavailable
> Aug 17 14:20:21 netrasun last message repeated 6 times
> Aug 17 14:20:21 netrasun dovecot: pop3-login: Disconnected: Inactivity:
> rip=157.86.6.55, lip=157.86.6.55
> Aug 17 14:20:21 netrasun dovecot: pop3-login: Can't connect to auth server
> at default: Resource temporarily unavailable
> Aug 17 14:20:24 netrasun last message repeated 4 times
> Aug 17 14:20:25 netrasun dovecot: pop3-login: Disconnected: Inactivity:
> rip=157.86.6.55, lip=157.86.6.55
> Aug 17 14:20:25 netrasun dovecot: pop3-login: Can't connect to auth server
> at default: Resource temporarily unavailable
> Aug 17 14:20:38 netrasun last message repeated 13 times
> Aug 17 14:20:39 netrasun dovecot: pop3-login: Disconnected: Inactivity:
> rip=157.86.6.55, lip=157.86.6.55
> Aug 17 14:20:39 netrasun dovecot: pop3-login: Can't connect to auth server
> at default: Resource temporarily unavailable
> Aug 17 14:20:47 netrasun last message repeated 9 times
> Aug 17 14:20:48 netrasun dovecot: pop3-login: Disconnected: Inactivity:
> rip=157.86.6.55, lip=157.86.6.55
> Aug 17 14:20:49 netrasun dovecot: pop3-login: Can't connect to auth server
> at default: Resource temporarily unavailable
> Aug 17 14:20:57 netrasun last message repeated 7 times
> Aug 17 14:20:58 netrasun dovecot: pop3-login: Disconnected: Inactivity:
> rip=157.86.6.55, lip=157.86.6.55
> Aug 17 14:21:00 netrasun dovecot: pop3-login: Can't connect to auth server
> at default: Resource temporarily unavailable
> Aug 17 14:21:08 netrasun last message repeated 7 times
> 
> Please, Help-me !
> 
> 
> 
> ------------------------------
> 
> Message: 4
> Date: Thu, 17 Aug 2006 20:48:38 +0300
> From: Timo Sirainen <tss at iki.fi>
> Subject: Re: [Dovecot] dovecot mbox to dovecot maildir migration
> To: Michael Blancas <mblancas at mozcom.com>
> Cc: dovecot at dovecot.org
> Message-ID: <1155836918.9142.1.camel at hurina>
> Content-Type: text/plain; charset="us-ascii"
> 
> On Fri, 2006-08-18 at 00:05 +0800, Michael Blancas wrote:
> > Hi,
> > 
> > I'm migrating accounts from one server with dovecot mbox and pam
> > nss-ldap authentication to a new server with dovecot maildir and mysql
> > auth (no posix accounts).
> > 
> > My problem is the pop3 uidl format on the two servers are different,
> > even though I'm using pop3_uidl_format = %08Xu%08Xv in both configs,
> > I'm always re-downloading left messages on my test runs. Is there a
> > way I could reuse the X-UID and X-IMAPbase headers on the converted
> > mails. Issuing the UIDL command via pop3 always give a different
> > result for the mbox and maildir spools.
> > 
> > The X-UID and X-IMAPbase headers are present in the converted mails.
> > The first number of X-IMAPbase maps to the mail UIDVALIDITY and the
> > second is the same as X-UID, the mail uid.
> 
> You'll have to make your conversion script create dovecot-uidlist file
> based on the X-IMAPbase and X-UID headers. There could be existing
> scripts to do that, but I'm not sure.
> 
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: not available
> Type: application/pgp-signature
> Size: 191 bytes
> Desc: This is a digitally signed message part
> Url : http://dovecot.org/pipermail/dovecot/attachments/20060817/0ce6cb38/attachment-0001.pgp 
> 
> ------------------------------
> 
> Message: 5
> Date: Thu, 17 Aug 2006 20:50:23 +0300
> From: Timo Sirainen <tss at iki.fi>
> Subject: Re: [Dovecot] Supporting local and virtual LDAP users,	with
> 	seperate mail_env
> To: Tim Schafer <tim_schafer at shipfsp.com>
> Cc: dovecot at dovecot.org
> Message-ID: <1155837023.9142.4.camel at hurina>
> Content-Type: text/plain; charset="us-ascii"
> 
> On Thu, 2006-08-17 at 10:20 -0700, Tim Schafer wrote:
> > Is it possible to have local users with mail in
> > maildir:%h/.maildir
> > 
> > and virutal users with mail in
> > maildir:/home/exim/%u/.maildir
> > 
> > 
> > I seem to have authentication working for both local users and LDAP users.
> > But I'm getting this error trying to access a virtual users mail.
> > 
> > Aug 17 08:12:08 hostname dovecot: IMAP(Firstname Lastname): maildir: 
> > data=/HOME_DIRECTORY_USED_BUT_NOT_GIVEN_BY_USERDB/.maildir
> 
> LDAP isn't returning home. You'll need to return it in user_attrs in
> dovecot-ldap.conf.
> 
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: not available
> Type: application/pgp-signature
> Size: 191 bytes
> Desc: This is a digitally signed message part
> Url : http://dovecot.org/pipermail/dovecot/attachments/20060817/77444ea0/attachment-0001.pgp 
> 
> ------------------------------
> 
> Message: 6
> Date: Thu, 17 Aug 2006 20:53:08 +0300
> From: Timo Sirainen <tss at iki.fi>
> Subject: Re: [Dovecot] Supporting local and virtual LDAP users,	with
> 	seperate mail_env
> To: Tim Schafer <tim_schafer at shipfsp.com>
> Cc: dovecot at dovecot.org
> Message-ID: <1155837188.9142.8.camel at hurina>
> Content-Type: text/plain; charset="us-ascii"
> 
> On Thu, 2006-08-17 at 10:20 -0700, Tim Schafer wrote:
> > Is it possible to have local users with mail in
> > maildir:%h/.maildir
> > 
> > and virutal users with mail in
> > maildir:/home/exim/%u/.maildir
> > 
> > 
> > I seem to have authentication working for both local users and LDAP users.
> > But I'm getting this error trying to access a virtual users mail.
> > 
> > Aug 17 08:12:08 hostname dovecot: IMAP(Firstname Lastname): maildir: 
> > data=/HOME_DIRECTORY_USED_BUT_NOT_GIVEN_BY_USERDB/.maildir
> 
> Or .. Well, two choices:
> 
> a) return /home/exim/user as home directory from LDAP
> 
> b) return mail=maildir:/home/exim/user/.maildir from LDAP.
> 
> You can't set multiple default_mail_env settings currently, so the home
> must come from LDAP. Or I suppose alternatively you could use static
> instead of LDAP as userdb if all your virtual users use the same UID.
> 
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: not available
> Type: application/pgp-signature
> Size: 191 bytes
> Desc: This is a digitally signed message part
> Url : http://dovecot.org/pipermail/dovecot/attachments/20060817/954bc982/attachment-0001.pgp 
> 
> ------------------------------
> 
> Message: 7
> Date: Thu, 17 Aug 2006 11:01:21 -0700
> From: Tim Schafer <tim_schafer at shipfsp.com>
> Subject: Re: [Dovecot] Supporting local and virtual LDAP users, with
> 	seperate mail_env
> To: Dovecot Mailing List <dovecot at dovecot.org>
> Message-ID: <44E4AEF1.70202 at shipfsp.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> 
> Thank you Timo,
> 
> I changed
> default_mail_env = maildir:/home/exim/%n/.maildir
> 
> I may not have to support local users
> 
> But I'm still running into the problem that the user authenticates as
> Firstname Lastname
> which is the cn in LDAP
> but the uid in LDAP, which would be something like
> flastname
> needs to be used for mail location.
> 
> Is there a way to use the uid in LDAP to specify the mail location, 
> without modifying the current LDAP database to include the full path?
> 
> Regards,
> Tim Schafer
> Information Technology
>                     Logistics Easier with Technology
> 
> 
> Freight Solution Providers                    direct 916-376-6190
> 10453 Old Placerville Road                    fax    916-376-6156
> Sacramento, CA 95827                      tim_schafer at shipfsp.com
> 
> 
> 
> Timo Sirainen said the following on 8/17/2006 10:53 AM:
> > On Thu, 2006-08-17 at 10:20 -0700, Tim Schafer wrote:
> > > Is it possible to have local users with mail in
> > > maildir:%h/.maildir
> > > 
> > > and virutal users with mail in
> > > maildir:/home/exim/%u/.maildir
> > > 
> > > 
> > > I seem to have authentication working for both local users and LDAP users.
> > > But I'm getting this error trying to access a virtual users mail.
> > > 
> > > Aug 17 08:12:08 hostname dovecot: IMAP(Firstname Lastname): maildir: 
> > > data=/HOME_DIRECTORY_USED_BUT_NOT_GIVEN_BY_USERDB/.maildir
> >
> > Or .. Well, two choices:
> >
> > a) return /home/exim/user as home directory from LDAP
> >
> > b) return mail=maildir:/home/exim/user/.maildir from LDAP.
> >
> > You can't set multiple default_mail_env settings currently, so the home
> > must come from LDAP. Or I suppose alternatively you could use static
> > instead of LDAP as userdb if all your virtual users use the same UID.
> >
> >   
> 
> 
> ------------------------------
> 
> Message: 8
> Date: Thu, 17 Aug 2006 21:06:41 +0300
> From: Timo Sirainen <tss at iki.fi>
> Subject: [Dovecot] BSD kqueue testing, once more before 1.0rc7
> To: dovecot at dovecot.org
> Message-ID: <1155838001.9142.18.camel at hurina>
> Content-Type: text/plain; charset="us-ascii"
> 
> I did a few more changes and it seems to be working with FreeBSD. I
> didn't before realize that event filters weren't bitmasks so that broke
> things.
> 
> Anyway, a bit more "real world testing" would be better than my test
> program and telnet localhost -tests :)
> 
> I'll release 1.0rc7 in any case today before I go to sleep (so, max. 6
> hours or so).
> 
> http://dovecot.org/nightly/dovecot-latest.tar.gz
> 
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: not available
> Type: application/pgp-signature
> Size: 191 bytes
> Desc: This is a digitally signed message part
> Url : http://dovecot.org/pipermail/dovecot/attachments/20060817/1b7ee951/attachment-0001.pgp 
> 
> ------------------------------
> 
> Message: 9
> Date: Thu, 17 Aug 2006 21:13:13 +0300
> From: Timo Sirainen <tss at iki.fi>
> Subject: Re: [Dovecot] Supporting local and virtual LDAP users,	with
> 	seperate mail_env
> To: Tim Schafer <tim_schafer at shipfsp.com>
> Cc: Dovecot Mailing List <dovecot at dovecot.org>
> Message-ID: <1155838393.9142.21.camel at hurina>
> Content-Type: text/plain; charset="us-ascii"
> 
> On Thu, 2006-08-17 at 11:01 -0700, Tim Schafer wrote:
> > Thank you Timo,
> > 
> > I changed
> > default_mail_env = maildir:/home/exim/%n/.maildir
> > 
> > I may not have to support local users
> > 
> > But I'm still running into the problem that the user authenticates as
> > Firstname Lastname
> > which is the cn in LDAP
> > but the uid in LDAP, which would be something like
> > flastname
> > needs to be used for mail location.
> > 
> > Is there a way to use the uid in LDAP to specify the mail location, 
> > without modifying the current LDAP database to include the full path?
> 
> It would have been easier to answer if you had given your
> dovecot-ldap.conf settings. But if "uid" in LDAP contains the short
> form, then giving pass_attrs = uid=user,.. should help. Although that
> was also there by default..
> 
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: not available
> Type: application/pgp-signature
> Size: 191 bytes
> Desc: This is a digitally signed message part
> Url : http://dovecot.org/pipermail/dovecot/attachments/20060817/84f6e789/attachment-0001.pgp 
> 
> ------------------------------
> 
> Message: 10
> Date: Thu, 17 Aug 2006 21:32:21 +0300
> From: Timo Sirainen <tss at iki.fi>
> Subject: Re: [Dovecot] BSD kqueue testing, once more before 1.0rc7
> To: Dovecot Mailing List <dovecot at dovecot.org>
> Message-ID: <1155839541.9142.24.camel at hurina>
> Content-Type: text/plain; charset="us-ascii"
> 
> On Thu, 2006-08-17 at 21:06 +0300, Timo Sirainen wrote:
> > I did a few more changes and it seems to be working with FreeBSD. I
> > didn't before realize that event filters weren't bitmasks so that broke
> > things.
> > 
> > Anyway, a bit more "real world testing" would be better than my test
> > program and telnet localhost -tests :)
> 
> Actually, forget about this for a while. Also because they weren't
> bitmasks now I understand why the original code actually worked. Anyway,
> I'm still doing a bit of cleanups. Will build a new snapshot soon.
> 
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: not available
> Type: application/pgp-signature
> Size: 191 bytes
> Desc: This is a digitally signed message part
> Url : http://dovecot.org/pipermail/dovecot/attachments/20060817/ae0e53ef/attachment.pgp 
> 
> ------------------------------
> 
> _______________________________________________
> dovecot mailing list
> dovecot at dovecot.org
> http://dovecot.org/cgi-bin/mailman/listinfo/dovecot
> 
> End of dovecot Digest, Vol 40, Issue 65
> ***************************************



More information about the dovecot mailing list