[Dovecot] %d not recognized with LDAP

Iain Conochie iain at shihad.org
Sat Jan 5 16:11:06 EET 2008 

Anil wrote:
> LDAP will return whatever the LDAP schema is defined as (for the
> case), which is "uid".
>
> I took out the pass_attrs, but didn't appear to be working.
>
> I then added:
> pass_attrs = uid
>
> then, it was able to find the domain!
>
> http://wiki.dovecot.org/AuthDatabase/LDAP
> is a bit confusing in the documentation of pass_attrs.
>
>
> IMO, pass_attrs_map is a better name, since its used for mapping
> attributes from LDAP attributes to Dovecot names.
>
> But, if "pass_attrs = uid" is working, what exactly is getting mapped to what?
>   

I _think_ i was having a similar problem to you.  I was trying to login 
with user at domain and in the ldap directory i have the ou=people with 
uid=user. When i had

pass_attrs = uid

in the logs i saw

Jan  4 16:17:45 slayer dovecot: auth(default): master out: 
USER^I2^Iiain^Igid=XXX^Ihome=/home/iain^Iuid=XXXX
Jan  4 16:17:45 slayer dovecot: imap-login: Login: user=<iain>, 
method=PLAIN, rip=X.X.X.X, lip=X.X.X.X, TLS
Jan  4 16:17:45 slayer dovecot: IMAP(iain): Ambiguous mail location 
setting, don't know what to do with it: /opt/mail//iain/ (try prefixing 
it with mbox: or maildir:)


I changed this to be

pass_attrs = uid=user at domain

And now i see

Jan  4 17:11:11 slayer dovecot: auth(default): master out: 
USER^I1^Iiain at shihad.org^Igid=XXX^Ihome=/home/iain^Iuid=XXXX
Jan  4 17:11:11 slayer dovecot: imap-login: Login: 
user=<iain at shihad.org>, method=PLAIN, rip=X.X.X.X, lip=X.X.X.X, TLS
Jan  4 17:11:11 slayer dovecot: IMAP(iain at shihad.org): Ambiguous mail 
location setting, don't know what to do with it: 
/opt/mail/shihad.org/iain/ (try prefixing it with mbox: or maildir:)

Please note that the "ambiguous mail location setting" is because i was 
daft enough to have

mail_location: /opt/mail/%d/%n/

And changing this to

mail_location: maildir:/opt/mail/%d/%n/

sorted the problem :) Also IP's etc change to protect the guilty ;)


So basically my ldap settings are now

#user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid
user_filter = (&(objectClass=posixAccount)(uid=%n))
pass_attrs = uid=user at domain,userPassword=password
pass_filter = (&(objectClass=posixAccount)(uid=%n))

and this seems to return the information i want

So perhaps you could try

pass_attrs = uid=user at domain

Cheers

Iain

>
>
>
>
>
> On Jan 4, 2008 4:04 PM, Timo Sirainen <tss at iki.fi> wrote:
>   
>> On Fri, 2008-01-04 at 08:12 -0800, Anil wrote:
>>     
>>> pass_attrs = uid=user
>>> pass_filter = uid=%n
>>>       
>> uid=user makes Dovecot change the full username to uid's value, which
>> means it drops the domain. You could probably just leave pass_attrs
>> empty. I don't remember if LDAP lookups are case-insensitive though. If
>> they are, use %Ln and %Ld in your home and mail_location to avoid
>> getting "user" and "User" and "uSer" directories.
>>
>>
>>

More information about the dovecot mailing list