[Dovecot] Ldap Proxy

Harrison Metzger harrisonmetz at gmail.com
Mon Nov 26 15:46:22 EET 2007


I turned auth_bind off by commenting it out. Here is what my logs show:

Nov 26 07:40:56 holiday dovecot: auth(default): client in: AUTH 1
PLAIN  service=POP3     secured lip=127.0.0.1   rip=127.0.0.1
resp=AGFwcGxlc2VqAHRhYmxl
Nov 26 07:40:56 holiday dovecot: auth(default): ldap(applesej,127.0.0.1):
pass search: base=dc=beloit,dc=edu scope=subtree
filter=(&(objectClass=BCMailAccount)(BCMailEnable=true)(BCMailDovecotEnable=true)(uid=applesej))
fields=uid,proxy,nologin,nodelay,BCMailDovecotProxyHost
Nov 26 07:40:56 holiday dovecot: auth(default): ldap(applesej,127.0.0.1):
result: uid(user)=applesej BCMailDovecotProxyHost(host)=144.89.40.1
Nov 26 07:40:56 holiday dovecot: auth(default): ldap(applesej,127.0.0.1): No
password in reply
Nov 26 07:40:57 holiday dovecot: auth(default): client out: FAIL
1      user=applesej    temp    host=144.89.40.1
Nov 26 07:40:59 holiday dovecot: pop3-login: Aborted login: user=<applesej>,
method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured


When auth_bind = yes, it simply allows the user to login and reads from
their local mailbox.

Harrison Metzger

On Nov 26, 2007 7:33 AM, Timo Sirainen <tss at iki.fi> wrote:

> On Tue, 2007-11-20 at 21:08 -0600, Harrison Metzger wrote:
> > Hello
> >
> > I'm trying to do an ldap proxy but it is not working, it just continues
> to
> > access the user's mailbox. I was able to do a proxy with a user in a
> > "passwd-file", but not ldap directory. Here is part my "args" file on
> the
> > passdb ldap stanza:
> >
> > auth_bind = yes
>
> I'm not sure if this affects it. It shouldn't, but you could try if it
> works without.
>
> > pass_attrs = uid=user,proxy,BCMailDovecotProxyHost=host
>
> This looks ok.
>
> > I've turned on auth_verbose, debug, etc and still can't figure out why
> it
> > wont proxy. Ive tried adding user_attrs (the same as the pass attrs).
> I've
> > even just put nologin in the pass_attrs but the user is still able to
> login,
> > its like that field is not being processed.
>
> What do the logs show with auth_debug=yes?
>
>


More information about the dovecot mailing list