[Dovecot] LDAP

Wojtek Bogusz Wojtek at FrontLineDefenders.org
Tue Mar 18 19:39:21 EET 2008


hi Steffen, i have to modify ldapsearch command you wrote and add '-x' 
switch for simple authentication instead of SASL. but otherwise the 
command display good results:

# extended LDIF
#
# LDAPv3
# base <ou=Users,dc=frontline> with scope subtree
# filter: (&(objectClass=posixAccount)(uid=wojtek))
# requesting: homeDirectory uidNumber
#

# wojtek, Users, frontline
dn: uid=wojtek,ou=Users,dc=frontline
uidNumber: 30000
homeDirectory: /home/samba/wojtek

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1


i am not sure how to show you the structure of the LDAP entry otherwise 
than just run a search without requesting specific field. here is the 
result:

# wojtek, Users, frontline
dn: uid=wojtek,ou=Users,dc=frontline
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
cn: wojtek
sn: wojtek
givenName: wojtek
uid: wojtek
uidNumber: 30000
gidNumber: 513
homeDirectory: /home/samba/wojtek
loginShell: /bin/false
gecos: Wojtek Bogusz
userPassword:: [password here]

cheers, Wojtek

Steffen Kaiser wrote:
> On Mon, 17 Mar 2008, Wojtek Bogusz wrote:
> 
>> bind: dn=uid=wojtek,ou=Users,dc=frontline
>> Mar 17 18:21:09 base dovecot: auth(default): client out: 
>> OK^I1^Iuser=wojtek
>> Mar 17 18:21:09 base dovecot: auth(default): master in: 
>> REQUEST^I2^I19185^I1
>> Mar 17 18:21:09 base dovecot: auth(default): 
>> ldap(wojtek,192.168.0.200): user search: base=ou=Users,dc=frontline 
>> scope=subtree filter=
>> (&(objectClass=posixAccount)(uid=wojtek)) fields=homeDirectory,uidNumber
>> Mar 17 18:21:09 base dovecot: auth(default): 
>> ldap(wojtek,192.168.0.200): Authenticated user not found
> 
> Dovecot differs between userdb and passdb.
> 
> It seems that passdb is running, but userdb is not.
> 
> How does your LDAP entry looks like? Should the user data be read from 
> LDAP, BTW?
> 
> Does the LDAP filter mentioned in the logs return the results for the 
> currently bound user, aka:
> 
> ldapsearch -D uid=wojtek,ou=Users,dc=frontline -W \
> -b ou=Users,dc=frontline \
> '(&(objectClass=posixAccount)(uid=wojtek))' homeDirectory uidNumber
> 
> displays home and uid?
> 
> Bye,
> 
> -- Steffen Kaiser


More information about the dovecot mailing list