[Dovecot] Dovecot 1.2.x masteruser proxy problem

Tom Mihalicek tomislav.mihalicek at gmail.com
Mon Nov 30 17:27:52 EET 2009 

Greetings to all

I need a masteruser/proxy account for some applications to be implemented
and i am having some problems. Normal users are proxyied through 
ldap queries to the remote machine and this is working like it sopose to,
but i can't make the master user to work. Below are both the dovecot.conf 
and dovecot-ldap.conf and verbose logs on the proxy machine.

If i log directly on the remote machine that should be proxied everything is
working normal ...

### dovecot.conf

protocols =  pop3 imap managesieve

mail_uid = 10021
mail_gid = 10021
mail_privileged_group = vmail
mail_access_groups = vmail

log_path =
info_log_path =
log_timestamp = "%b %d %H:%M:%S "
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
login_log_format = %$: %s
mail_log_prefix = "%Us(%u): "

disable_plaintext_auth = no
login_process_per_connection=yes
auth_default_realm = example.com
login_processes_count = 8
login_max_processes_count = 128
login_max_connections = 256
verbose_proctitle = yes
max_mail_processes = 512

mail_debug = yes
auth_verbose = yes
auth_debug = yes
auth_debug_passwords = yes

auth_master_user_separator = *
login_chroot = yes

ssl = no
protocol imap {
	imap_client_workarounds = delay-newmail outlook-idle netscape-eoh
tb-extra-mailbox-sep
	listen = xx.xx.xx.xx:143
	imap_max_line_length = 65536
	imap_logout_format = bytes=%i/%o
	mail_max_userip_connections = 10
}

protocol pop3 {
	pop3_uidl_format = %08Xu%08Xv
	pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
	pop3_enable_last = yes
	pop3_uidl_format = %08Xu%08Xv
	listen = xx.xx.xx.xx:110
	mail_max_userip_connections = 10
}

protocol managesieve {
        listen = xx.xx.xx.xx:2000
        login_executable =
/usr/local/dovecot/libexec/dovecot/managesieve-login
        mail_executable = /usr/local/dovecot/libexec/dovecot/managesieve
        managesieve_max_line_length = 65536
        managesieve_implementation_string = dovecot
        managesieve_logout_format = bytes ( in=%i : out=%o )
}

auth default {
mechanisms = plain login
user = vmail

passdb passwd-file {
        args = /etc/dovecot/passwd.masterusers
        master = yes
        pass = yes
}

passdb ldap {
	args = /etc/dovecot/dovecot-ldap.conf
}

userdb ldap {
        args = /etc/dovecot/dovecot-ldap.conf
}

socket listen {
	master { 
		path = /var/run/dovecot/auth-master
		mode = 0600
		user = vmail
		group = vmail
		}
	client {
		path = /var/spool/postfix/dovecot-auth
		mode = 0660
		user = postfix
		group = postfix
		}
    }
}

### dovecot-ldap.conf

hosts           = ldap.example.com
ldap_version    = 3
auth_bind       = yes
dn              = cn=vmail,dc=example,dc=com
dnpass          = secret_pass
base            = ou=Users,domainName=%d,o=domains,dc=example,dc=com
scope           = subtree
deref           = never
user_filter     =
(&(mail=%u)(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=%Ls))
user_attrs      =
storageBaseDirectory=home,mailHost=host,=proxy=yes,=nologin=yes,=nodelay=yes
pass_filter     =
(&(mail=%u)(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=%Ls))
pass_attrs      =
userPassword=password,mailHost=host,=proxy=yes,=nologin=yes,=nodelay=yes
default_pass_scheme = CRYPT

### /var/log/mail/dovecot.info

Nov 30 14:26:59 dougie dovecot: auth(default): new auth connection: pid=5873
Nov 30 14:27:28 dougie dovecot: auth(default): client in: AUTH	1	PLAIN
service=pop3	lip=xx.xx.xx.xx	rip=192.168.22.222	
lport=110	rport=36639
resp=AHRtaWhhbGljZWtAeG5ldC5sYW4qbWlncmF0aW9uQHhuZXQuaHIAbTFncjR0MTBu
Nov 30 14:27:28 dougie dovecot: auth(default):
passwd-file(migration at example.com,192.168.22.222,master): lookup:
user=master_user at example.com 
file=/etc/dovecot/passwd.masterusers
Nov 30 14:27:28 dougie dovecot: auth(default):
passdb(master_user at example.com,192.168.22.222,master): Master user logging
in as some_user at example.com
Nov 30 14:27:28 dougie dovecot: auth(default):
ldap(some_user at example.com,192.168.22.222): bind search: 
base=ou=Users,domainName=example.com,o=domains,dc=example,dc=com
filter=(&(mail=some_user at example.com)(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=pop3))
Nov 30 14:27:28 dougie dovecot: auth(default):
ldap(some_user at example.com,192.168.22.222): result:
mailHost(host)=xx.xx.xx.xx
Nov 30 14:27:28 dougie dovecot: auth(default):
ldap(some_user at example.com,192.168.22.222): invalid credentials (given
password: master_password)
Nov 30 14:27:28 dougie dovecot: auth(default): client out: FAIL	1
user=some_user at example.com	authz	nodelay	host=xx.xx.xx.xx	
proxynologin	pass=master_password	master=master_user at example.com
Nov 30 14:27:28 dougie dovecot: pop3-login: Ignoring unknown passdb extra
field: authz


-- 
View this message in context: http://old.nabble.com/Dovecot-1.2.x-masteruser-proxy-problem-tp26574804p26574804.html
Sent from the Dovecot mailing list archive at Nabble.com.

More information about the dovecot mailing list