[Dovecot] Auth password problem

arleal nairda91 at hotmail.com
Thu Jun 14 22:18:35 EEST 2012 



Бранко Мајић-2 wrote:
> 
> Now, this answer won't help you, but you might find it useful (I've
> been fiddling with slapd access controls and what-not, so this helped
> me a lot). :)
> 
> The best thing to debug the LDAP issues is to set the olcLogLevel in
> the slapd configuration tree to 256 - this way you'd get enough
> information to see what's going on when Dovecot tries to talk with the
> slapd server, and you won't get overwhelmed by the debugging
> information. On Debian Squeeze you'll also have to make sure you've
> set-up the log facility for slapd (by default it uses local4). You
> could add a file /etc/rsyslog.d/slapd.conf with the following line:
> 
> local4.*                /var/log/slapd.log
> 
> Did you try logging-in by hand as well to the LDAP server? You could do
> it with, say:
> 
> ldapwhoami -W -D cn=prueba,ou=Users,dc=royoleal,dc=com -H
> ldap://localhost/
> 
> On Wed, 13 Jun 2012 13:46:20 -0700 (PDT)
> arleal <nairda91 at hotmail.com> wrote:
> 
>> 
>> i have debian squeeze. i have installed mds with ldap integration and
>> i want to use dovecot/LDAP but i have problems with login. I have
>> dovecot 1.2.
>> 
>> I try all of dovecot wiki but i dont know how to configure it good
>> 
>> dovecot.conf
>> 
>> protocols = imap imaps pop3 pop3s 
>> listen = *, ::
>> auth_verbose = yes
>> auth_debug = yes
>> auth_debug_passwords = yes
>> mail_debug = yes
>> verbose_ssl = yes
>> login_greeting = royoleal.com mailserver ready. 
>> mail_location = maildir:/home/users/%u/Maildir 
>> disable_plaintext_auth = no 
>> ssl_cert_file = /etc/ssl/certs/mail.pem 
>> ssl_key_file = /etc/ssl/private/mail.key 
>> log_path = /var/log/dovecot.log 
>> info_log_path = /var/log/dovecot.log 
>> 
>> # IMAP configuration 
>> protocol imap { 
>>  mail_plugins = quota imap_quota 
>> } 
>> 
>> # POP3 configuration 
>> protocol pop3 { 
>>  pop3_uidl_format = %08Xu%08Xv 
>>  mail_plugins = quota 
>> } 
>> 
>> # LDA configuration 
>> protocol lda { 
>>  postmaster_address = postmaster 
>>  auth_socket_path = /var/run/dovecot/auth-master 
>>  mail_plugins = quota 
>> } 
>> 
>> # LDAP authentication 
>> 
>> auth default { 
>>  mechanisms = plain login 
>> 
>>  passdb ldap { 
>>   args = /etc/dovecot/dovecot-ldap.conf 
>>  } 
>> 
>>  userdb ldap { 
>>   args = /etc/dovecot/dovecot-ldap.conf 
>>  } 
>> 
>>  socket listen { 
>>   master { 
>>    path = /var/run/dovecot/auth-master 
>>    mode = 0660 
>>    user = dovecot 
>>    group = mail 
>>   } 
>> 
>>   client { 
>>    path = /var/spool/postfix/private/auth 
>>    mode = 0660 
>>    user = postfix 
>>    group = postfix 
>>   }
>>  }
>> }
>> 
>> 
>> And this is dovecot-ldap.conf
>> 
>> hosts = 127.0.0.1
>> auth_bind = yes
>> ldap_version = 3
>> dn = cn=admin,dc=royoleal,dc=com
>> dnpass = royoleal
>> base = dc=royoleal,dc=com
>> auth_bind_userdn = cn=%u,ou=Users,dc=royoleal,dc=com
>> scope = subtree
>> user_attrs = uidNumber=uid,gidNumber=gid
>> user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
>> pass_attrs = mail=mail,userPassword=password
>> pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
>> default_pass_scheme = CRYPT
>> 
>> When i try login with telnet or other program i have this problem in
>> dovecot.log
>> 
>> 
>> Jun 13 22:45:13 auth(default): Info: client in: AUTH    1
>> PLAIN service=imap    secured lip=127.0.0.1   rip=127.0.0.1
>> lport=14      3 rport=55040
>> resp=AHBydWViYUByb3lvbGVhbC5jb20AcHJ1ZWJh Jun 13 22:45:13
>> auth(default): Info: ldap(prueba at royoleal.com,127.0.0.1): invalid
>> credentials (given password: prueba) Jun 13 22:45:13 auth(default):
>> Info: new auth connection: pid=2613 Jun 13 22:45:15 auth(default):
>> Info: client out: FAIL   1 user=prueba at royoleal.com
>> Jun 13 22:45:20 imap-login: Info: Aborted login (auth failed, 1
>> attempts): user=<prueba at royoleal.com>, method=PLAIN, rip=127.0.0.1,
>> lip= 127.0.0.1, secured
>> 
>> Thanks.
> 
> -- 
> Branko Majic
> Please use only Free formats when sending attachments to me.
> 
> Бранко Мајић
> Молим вас да додатке шаљете искључиво у слободним форматима.
> 
> 

I forgot see the ldap log.
In the ldap.log i cant see nothing about that user trying to login with user
prueba.

That autenticate good.

root at mds:~# ldapwhoami -W -D uid=prueba,ou=Users,dc=royoleal,dc=com -H
ldap://localhost/
Enter LDAP Password:
dn:uid=prueba,ou=Users,dc=royoleal,dc=com

With telnet error of authentication.
-- 
View this message in context: http://old.nabble.com/Auth-password-problem-tp34008289p34013988.html
Sent from the Dovecot mailing list archive at Nabble.com.

More information about the dovecot mailing list