[Dovecot] Fwd: LDAP subtree search on AD
Bruno Puga
brpuga at gmail.com
Wed Jun 13 21:46:03 EEST 2007
With postfix using virtual_mailbox_maps through the same ldap backend, I can
make subtree searchs in the Active Directory without problems.
Any ideas?
I really need this information and appreciate any help or new ideas!
Thanks
Bruno.
---------- Forwarded message ----------
From: Bruno Puga <brpuga at gmail.com>
Date: Jun 12, 2007 6:04 PM
Subject: LDAP subtree search on AD
To: dovecot at dovecot.org
Hello people!
I'm new to the list and to dovecot too. In advance I'd like to thank
everybody who could help me, and I'll be very glad if a could help somebody
here.
I'm working in a project to integrate dovecot and active directory
authentication for 2 weeks without total success. I've tried so many ways to
solve my problem, but no one gave me the right answer. I'll appreciate if
someone could help me. First off all let me show some needed data.
Distro: Debian Etch
dovecot --version
1.0.0
dovecot -n
# /etc/dovecot/dovecot.conf
base_dir: /var/run/dovecot/
log_path: /var/log/dovecot-imapd.log
log_timestamp: %Y-%m-%d %H:%M:%S
protocols: imap
disable_plaintext_auth: no
login_dir: /var/run/dovecot//login
login_executable: /usr/lib/dovecot/imap-login
mail_debug: yes
imap_client_workarounds: outlook-idle delay-newmail
auth default:
verbose: yes
debug: yes
debug_passwords: yes
passdb:
driver: pam
args: dovecot
userdb:
driver: ldap
args: /etc/dovecot/dovecot-ldap.conf
socket:
type: listen
client:
master:
path: /var/run/dovecot/auth-master
mode: 384
user: vmail
group: vmail
/etc/dovecot/dovecot-ldap.conf
hosts = 192.168.0.11
dn = cn=dovecot,cn=Users,dc=tecnicopias01,dc=com,dc=br
dnpass = password
ldap_version = 3
auth_bind = yes
base = DC=tecnicopias01,DC=com,DC=br
deref = never
scope = subtree
user_attrs = info=mail
user_filter = (&(objectClass=organizationalPerson)(sAMAccountName=%u))
user_global_uid = 5000
user_global_gid = 5000
I can authenticate using pam+krb5 with success, but when I try to make a
userdb search to get maillocation for the authenticated user, I get in
trouble. The ldap_search doesn't make subtree search, making only onelevel
search. So, if I point the base directive (/etc/dovecot/dovecot- ldap.conf)
to where the user that is authenticating in that moment is, I can perfect
login and get the maillocation.
My question is: Why dovecot doesn't make ldap subtree search? Or, am I
missing anything?
Thanks
Bruno.
More information about the dovecot
mailing list