[Dovecot] Dovecot passdb LDAP queries

Wilberth Pérez wilberth.perez at uady.mx
Tue Jun 15 21:49:21 EEST 2010


Hi:

When runs dovecot, I can see that dovecot sends two ldap queries to my
OpenLDAP server and establishes one conection, however when test my
dovecot-ldap configurarion with telnet  My OpenLDAP server don't
received ldap request from my clients.

dovecot-auth process need special permissions?.

my dovecot-ldap.conf file is wrong?.

Any suggestion ?

Thanks.

My Telnet messages are:


* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
AUTH=PLAIN
 AUTH=LOGIN] Dovecot ready.
1 login USER PASSWORD
1 NO [AUTHENTICATIONFAILED] Authentication failed.

My Dovecot logs are:

Jun 15 13:27:42 auth(default): Info: shadow(USER,X.X.X.X): lookup
Jun 15 13:27:42 auth(default): Info: shadow(USER,X.X.X.X): unknown user
Jun 15 13:27:42 auth(default): Info: ldap(USER,X.X.X.X): invalid
credentials (given password: PASSWORD)
Jun 15 13:27:44 auth(default): Info: client out: FAIL   1       user=USER


My dovecot.conf configuration:

log_path: /var/log/dovecot.log
info_log_path: /var/log/dovecot.log
protocols: imap pop3
listen(default): X.X.X.X:143
listen(imap): X.X.X.X:143
listen(pop3): X.X.X.X:110
ssl: no
disable_plaintext_auth: no
login_dir: /usr/local/var/run/dovecot/login
login_executable(default): /usr/local/libexec/dovecot/imap-login
login_executable(imap): /usr/local/libexec/dovecot/imap-login
login_executable(pop3): /usr/local/libexec/dovecot/pop3-login
first_valid_uid: 100
mail_location:
maildir:%h/Maildir/:INDEX=/var/indexes/%u/:CONTROL=/var/control/%u/:INBOX=/var/mail/%u/
mail_debug: yes
mail_full_filesystem_access: yes
mail_executable(default): /usr/local/libexec/dovecot/imap
mail_executable(imap): /usr/local/libexec/dovecot/imap
mail_executable(pop3): /usr/local/libexec/dovecot/pop3
mail_plugins(default): quota imap_quota trash
mail_plugins(imap): quota imap_quota trash
mail_plugins(pop3): quota
mail_plugin_dir(default): /usr/local/lib/dovecot/imap
mail_plugin_dir(imap): /usr/local/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3
pop3_reuse_xuidl(default): no
pop3_reuse_xuidl(imap): no
pop3_reuse_xuidl(pop3): yes
lda:
  mail_plugins: cmusieve quota
auth default:
  mechanisms: plain login
  verbose: yes
  debug: yes
  debug_passwords: yes
  passdb:
    driver: shadow
  passdb:
    driver: ldap
    args: /usr/local/etc/dovecot-ldap.conf
  userdb:
    driver: passwd
  userdb:
    driver: ldap
    args: /usr/local/etc/dovecot-ldap.conf
  socket:
    type: listen
    client:
      path: /var/spool/postfix/private/auth
      mode: 432
      user: postfix
      group: postfix
plugin:
  quota: fs:INBOX:mount=/var/mail/
  quota2: fs:HOME:mount=/u/
  quota_warning: storage=95%% /usr/local/bin/quota-warning.sh 95
  quota_warning2: storage=80%% /usr/local/bin/quota-warning.sh 80


My dovecot-ldap.conf configuration:

hosts = Y.Y.Y.Y:389
dn = cn=abc,ou=def,dc=ghi,dc=jk
dnpass = password
auth_bind = yes
ldap_version = 3
auth_bind_userdn = cn=abc,ou=def,dc=ghi,dc=jk
base = ou= xyz,dc=abc,dc=def
scope = subtree
pass_attrs = uid=user,userPassword=password
pass_filter = (&(objectClass=posixAccount)(uid=%u))
default_pass_scheme = CRYPT











-- 
--------------------------------------------------------
LCC Wilberth de Jesús Pérez Segura CCSA- Administración de Servicios y Seguridad de las TI
Correo: wilberth.perez at uady.mx
Universidad Autónoma de Yucatán
Secretaría General
Coordinación Administrativa de Tecnologías de Información
RIUADY
C-59 x Av. Itzáes (999)923-74-28 Ext. 1117
Mérida, Yucatán, México 2010
--------------------------------------------------------



More information about the dovecot mailing list