[Dovecot] Does dovecot work with OpenLDAP? (was Re: Please help: LDAP configuration _almost_ works.)
ghenry at suretecsystems.com
Thu Apr 17 01:20:03 EEST 2008
<quote who="Jack McKinney">
> No, it isn't. I have verified the connection with "openssl s_client".
> Besides, the server is receiving the username "jackmc at lorentz.com", so
> the connection has already been made by this time.
> What is happening every time is that dovecot sends the correct query to
> OpenLDAP (as noted in the log below), OpenLDAP receives that query
> (according to its log) and responds with one match, but dovecot never
> seems to see that response. 180 seconds after the auth fails, dovecot
> drops the connection with the IMAP client for inactivity.
I've gone back to your first post, and you slapd logs show:
Apr 3 08:13:30 fourier slapd: conn=7 op=3 SRCH
base="ou=users,dc=lorentz,dc=com" scope=1 deref=0
filter="(&(objectClass=inetOrgPerson)(mail=jackmc at lorentz.com))"
Apr 3 08:13:30 fourier slapd: conn=7 op=3 SRCH attr=uid
Apr 3 08:13:30 fourier slapd: conn=7 op=3 SEARCH RESULT tag=101
err=0 nentries=1 text=
Which shows the correct filter, but the requested attribute to return is
"uid", which is _not_ in your entry:
# Jack McKinney, users, lorentz.com
dn: cn=Jack McKinney,ou=users,dc=lorentz,dc=com
cn: Jack McKinney
givenName: Jack McKinney
mail: jackmc at lorentz.com
Try the same search again, but using (note uid on end):
ldapsearch -h ldap.lrtz -b 'ou=users, dc=lorentz, dc=com' -D
'cn=varmail,ou=users,dc=lorentz,dc=com' -x -W -s onelevel
'(&(objectClass=inetOrgPerson)(mail=jackmc at lorentz.com))' uid
It should be empty, hence why dovecot isn't getting anything.
More information about the dovecot