[Dovecot] "nopassword" extra field useless with LDAP passdb

Zohan 29e8c6f5 at mail.ru
Thu Dec 18 21:06:53 EET 2008


> Do you have a "nopassword" field in LDAP? If not, then it doesn't get
> set. Perhaps what you want is:
> 
> pass_attrs = uid=user, =nopassword=1

Timo,

Thank you for your tip. The correct dovecot-ldap.conf line should look like:

pass_attrs = uid=user, =password=, =nopassword=1

But even in this case we get:

dovecot: auth(default): ldap(user1,127.0.0.1): pass search: base=ou=People,dc=example,dc=local scope=subtree filter=(&(objectClass=inetOrgPerson)(uid=user1)) fields=uid
dovecot: auth(default): ldap(user1,127.0.0.1): result: uid(user)=user1
dovecot: auth(default): ldap(user1,127.0.0.1): No password in reply
dovecot: auth(default): client out: FAIL    1       user=user1      temp

in our logs. I beleive this is due to the way attribute templates/static fields are processed in db-ldap.c.

Thanks in advance!

P.S. By the way, could you please share your opinion about possible SASL EXTERNAL usage in this case? Do you think this is the appropriate use case?


More information about the dovecot mailing list