[Dovecot] Postfix+Dovecot SASL+LDAP(AD)
Vitaliy Vladimirovich
artemrts at ukr.net
Wed Nov 18 14:21:32 EET 2009
I have tried configure Postfix with Dovecot SASL to authenticate remote users in LDAP (Active Directory).
Below my dovecot.conf:
protocols = none
ssl = none
auth default {
mechanisms = plain login
passdb ldap {
args = /usr/local/etc/dovecot-ldap.conf
}
userdb ldap {
args = /usr/local/etc/dovecot-ldap-userdb.conf
}
}
dovecot-ldap.conf
hosts = 10.55.0.2:389
debug_level = 1
auth_bind = yes
auth_bind_userdn = cn=%n,dc=example,dc=gov,dc=ua
ldap_version = 3
base = dc=example, dc=gov, dc=ua
scope = subtree
## 10.55.0.2 - Domain Controller
##
But it does not work:-(
Where is mistake?
Below log:
Nov 18 13:02:59 mx postfix/smtpd[12985]: connect from unknown[190.10.190.3]
Nov 18 13:02:59 mx postfix/smtpd[12985]: setting up TLS connection from unknown[190.10.190.3]
Nov 18 13:02:59 mx postfix/smtpd[12985]: Anonymous TLS connection established from unknown[190.10.190.3]: TLSv1 with cipher RC4-MD5 (128/128 bits)
Nov 18 13:02:59 mx dovecot: auth(default): ldap_bind
Nov 18 13:02:59 mx dovecot: auth(default): ldap_simple_bind
Nov 18 13:02:59 mx dovecot: auth(default): ldap_sasl_bind
Nov 18 13:02:59 mx dovecot: auth(default): ldap_send_initial_request
Nov 18 13:02:59 mx dovecot: auth(default): ldap_send_server_request
Nov 18 13:02:59 mx dovecot: auth(default): ldap_result ld 0x11847020 msgid -1
Nov 18 13:02:59 mx dovecot: auth(default): wait4msg ld 0x11847020 msgid -1 (timeout 0 usec)
Nov 18 13:02:59 mx dovecot: auth(default): wait4msg continue ld 0x11847020 msgid -1 all 1
Nov 18 13:02:59 mx dovecot: auth(default): ** ld 0x11847020 Connections:
Nov 18 13:02:59 mx dovecot: auth(default): * host: 10.55.0.2 port: 389 (default)
Nov 18 13:02:59 mx dovecot: auth(default): refcnt: 2 status: Connected
Nov 18 13:02:59 mx dovecot: auth(default): last used: Wed Nov 18 13:02:59 2009
Nov 18 13:02:59 mx dovecot: auth(default):
Nov 18 13:02:59 mx dovecot: auth(default):
Nov 18 13:02:59 mx dovecot: auth(default): ** ld 0x11847020 Outstanding Requests:
Nov 18 13:02:59 mx dovecot: auth(default): * msgid 3, origid 3, status InProgress
Nov 18 13:02:59 mx dovecot: auth(default): outstanding referrals 0, parent count 0
Nov 18 13:02:59 mx dovecot: auth(default): ld 0x11847020 request count 1 (abandoned 0)
Nov 18 13:02:59 mx dovecot: auth(default): ** ld 0x11847020 Response Queue:
Nov 18 13:02:59 mx dovecot: auth(default): Empty
Nov 18 13:02:59 mx dovecot: auth(default): ld 0x11847020 response count 0
Nov 18 13:02:59 mx dovecot: auth(default): ldap_chkResponseList ld 0x11847020 msgid -1 all 1
Nov 18 13:02:59 mx dovecot: auth(default): ldap_chkResponseList returns ld 0x11847020 NULL
Nov 18 13:02:59 mx dovecot: auth(default): ldap_int_select
Nov 18 13:02:59 mx dovecot: auth(default): read1msg: ld 0x11847020 msgid -1 all 1
Nov 18 13:02:59 mx dovecot: auth(default): read1msg: ld 0x11847020 msgid 3 message type bind
Nov 18 13:02:59 mx dovecot: auth(default): ldap_chase_referrals
Nov 18 13:02:59 mx dovecot: auth(default): read1msg: V2 referral chased, mark request completed, id = 3
Nov 18 13:02:59 mx dovecot: auth(default): read1msg: ld 0x11847020 0 new referrals
Nov 18 13:02:59 mx dovecot: auth(default): read1msg: mark request completed, ld 0x11847020 msgid 3
Nov 18 13:02:59 mx dovecot: auth(default): request done: ld 0x11847020 msgid 3
Nov 18 13:02:59 mx dovecot: auth(default): res_errno: 49, res_error: <80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece>, res_matched: <>
Nov 18 13:02:59 mx dovecot: auth(default): ldap_free_request (origid 3, msgid 3)
Nov 18 13:02:59 mx dovecot: auth(default): ldap_parse_result
Nov 18 13:02:59 mx dovecot: auth(default): ldap_parse_result
Nov 18 13:02:59 mx dovecot: auth(default): ldap(test_user at example.org.ua,190.10.190.3): invalid credentials
Nov 18 13:02:59 mx dovecot: auth(default): ldap_msgfree
Nov 18 13:02:59 mx dovecot: auth(default): ldap_result ld 0x11847020 msgid -1
Nov 18 13:02:59 mx dovecot: auth(default): wait4msg ld 0x11847020 msgid -1 (timeout 0 usec)
Nov 18 13:02:59 mx dovecot: auth(default): wait4msg continue ld 0x11847020 msgid -1 all 1
Nov 18 13:02:59 mx dovecot: auth(default): ** ld 0x11847020 Connections:
Nov 18 13:02:59 mx dovecot: auth(default): * host: 10.55.0.2 port: 389 (default)
Nov 18 13:02:59 mx dovecot: auth(default): refcnt: 1 status: Connected
Nov 18 13:02:59 mx dovecot: auth(default): last used: Wed Nov 18 13:02:59 2009
Nov 18 13:02:59 mx dovecot: auth(default):
Nov 18 13:02:59 mx dovecot: auth(default):
Nov 18 13:02:59 mx dovecot: auth(default): ** ld 0x11847020 Outstanding Requests:
Nov 18 13:02:59 mx dovecot: auth(default): Empty
Nov 18 13:02:59 mx dovecot: auth(default): ld 0x11847020 request count 0 (abandoned 0)
Nov 18 13:02:59 mx dovecot: auth(default): ** ld 0x11847020 Response Queue:
Nov 18 13:02:59 mx dovecot: auth(default): Empty
Nov 18 13:02:59 mx dovecot: auth(default): ld 0x11847020 response count 0
Nov 18 13:02:59 mx dovecot: auth(default): ldap_chkResponseList ld 0x11847020 msgid -1 all 1
Nov 18 13:02:59 mx dovecot: auth(default): ldap_chkResponseList returns ld 0x11847020 NULL
Nov 18 13:02:59 mx dovecot: auth(default): ldap_int_select
Nov 18 13:03:01 mx postfix/smtpd[12985]: warning: unknown[190.10.190.3]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Nov 18 13:03:01 mx postfix/smtpd[12985]: lost connection after AUTH from unknown[190.10.190.3]
More information about the dovecot
mailing list