[Dovecot] Authentification Dovecot + Samba4
Bob Miller
bob at computerisms.ca
Fri Dec 6 22:23:16 EET 2013
I wrote a wiki on how to build an ldap-authenticated network using
samba4. the dovecot part is on this page, but there are other relevant
parts reachable from the main page as well:
http://cocnm.computerisms.ca/index.php/Install_Qmail-ldap,_Dovecot,_and_Related_Email_Services
--
Computerisms
Bob Miller
867-334-7117 / 867-633-3760
http://computerisms.ca
On Fri, 2013-12-06 at 19:21 +0100, dago at quantentunnel.de wrote:
> Hello list,
>
> I am struggling with setting up dovecot 2.1.7 with samba 4.1.2 on debian wheezy. Dovecot should authenticate via LDAP, but I cannot get it to work reliably. Sometimes auth works, sometimes not. Referals are already activated in ldap.conf … LDAP-authentication works fine with other clients (Apache Directory Studio, …)
> Has somebody got a similar setup running? I would love some hints on how to debug this issue …
>
> Thank you!
>
>
> Regards
>
>
>
>
> dovecot-ldap.conf
> hosts = 192.168.188.156:389
> dn = CN=Administrator,CN=Users,DC=DOMAIN,DC=LOCAL
> dnpass = Test123
> auth_bind = yes
> ldap_version = 3
> base = DC=DOMAIN,DC=LOCAL
> tls = no
> debug_level = -1
> ldap_version = 3
> scope = subtree
> user_attrs = uidNumber=uid,gidNumber=gid
> user_filter = (&(&(objectClass=Person)(sAMAccountName=%u)))
> pass_attrs = sAMAccountName=user,userPassword=password
> pass_filter = (&(&(objectClass=Person)(sAMAccountName=%u)))
>
>
>
> logs:
> srv1 dovecot: auth: Debug: auth client connected (pid=0)
> srv1 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=doveadm#011resp=<hidden>
> srv1 dovecot: auth: Debug: ldap(john): bind search: base=DC=DOMAIN,DC=LOCAL filter=(&(&(objectClass=Person)(sAMAccountName=john)))
> srv1 dovecot: auth: Error: ldap_search
> srv1 dovecot: auth: Error: put_filter: "(&(&(objectClass=Person)(sAMAccountName=john)))"
> srv1 dovecot: auth: Error: put_filter: AND
> srv1 dovecot: auth: Error: put_filter_list "(&(objectClass=Person)(sAMAccountName=john))"
> srv1 dovecot: auth: Error: put_filter: "(&(objectClass=Person)(sAMAccountName=john))"
> srv1 dovecot: auth: Error: put_filter: AND
> srv1 dovecot: auth: Error: put_filter_list "(objectClass=Person)(sAMAccountName=john)"
> srv1 dovecot: auth: Error: put_filter: "(objectClass=Person)"
> srv1 dovecot: auth: Error: put_filter: simple
> srv1 dovecot: auth: Error: put_simple_filter: "objectClass=Person"
> srv1 dovecot: auth: Error: put_filter: "(sAMAccountName=john)"
> srv1 dovecot: auth: Error: put_filter: simple
> srv1 dovecot: auth: Error: put_simple_filter: "sAMAccountName=john"
> srv1 dovecot: auth: Error: ldap_build_search_req ATTRS: sAMAccountName
> srv1 dovecot: auth: Error: ldap_send_initial_request
> srv1 dovecot: auth: Error: ldap_send_server_request
> srv1 dovecot: auth: Error: ldap_result ld 0x7fef48794580 msgid -1
> srv1 dovecot: auth: Error: wait4msg ld 0x7fef48794580 msgid -1 (timeout 0 usec)
> srv1 dovecot: auth: Error: wait4msg continue ld 0x7fef48794580 msgid -1 all 0
> srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Connections:
> srv1 dovecot: auth: Error: * host: DOMAIN.local port: 0
> srv1 dovecot: auth: Error: refcnt: 1 status: Connected
> srv1 dovecot: auth: Error: last used: Fri Dec 6 19:08:49 2013
> srv1 dovecot: auth: Error:
> srv1 dovecot: auth: Error:
> srv1 dovecot: auth: Error: * host: 192.168.188.156 port: 389 (default)
> srv1 dovecot: auth: Error: refcnt: 2 status: Connected
> srv1 dovecot: auth: Error: last used: Fri 2013
> srv1 dovecot: auth: Error:
> srv1 dovecot: auth: Error:
> srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Outstanding Requests:
> srv1 dovecot: auth: Error: * msgid 37, origid 37, status InProgress
> srv1 dovecot: auth: Error: outstanding referrals 0, parent count 0
> srv1 dovecot: auth: Error: * msgid 35, origid 33, status InProgress
> srv1 dovecot: auth: Error: outstanding referrals 0, parent count 1
> srv1 dovecot: auth: Error: * msgid 33, origid 33, status RequestCompleted
> srv1 dovecot: auth: Error: outstanding referrals 1, parent count 1
> srv1 dovecot: auth: Error: ld 0x7fef48794580 request count 3 (abandoned 0)
> srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Response Queue:
> srv1 dovecot: auth: Error: Empty
> srv1 dovecot: auth: Error: ld 0x7fef48794580 response count 0
> srv1 dovecot: auth: Error: ldap_chkResponseList ld 0x7fef48794580 msgid -1 all 0
> srv1 dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fef48794580 NULL
> srv1 dovecot: auth: Error: ldap_int_select
> srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid -1 all 0
> srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid 35 message type search-result
> srv1 dovecot: auth: Error: ldap_chase_referrals
> srv1 dovecot: auth: Error: read1msg: V2 referral chased, mark request completed, id = 35
> srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 0 new referrals
> srv1 dovecot: auth: Error: read1msg: mark request completed, ld 0x7fef48794580 msgid 35
> srv1 dovecot: auth: Error: merged parent (id 33) error info: result errno 1, error <00002020: Operation unavailable without authentication>, matched <>
> srv1 dovecot: auth: Error: request done: ld 0x7fef48794580 msgid 33
> srv1 dovecot: auth: Error: res_errno: 1, res_error: <00002020: Operation unavailable without authentication>, res_matched: <>
> srv1 dovecot: auth: Error: ldap_free_request (origid 33, msgid 33)
> srv1 dovecot: auth: Error: ldap_free_request (origid 33, msgid 35)
> srv1 dovecot: auth: Error: ldap_free_connection 0 1
> srv1 dovecot: auth: Error: ldap_send_unbind
> srv1 dovecot: auth: Error: ldap_free_connection: actually freed
> srv1 dovecot: auth: Error: ldap_parse_result
> srv1 dovecot: auth: Error: ldap_err2string
> srv1 dovecot: auth: Error: ldap(john): ldap_search(base=DC=DOMAIN,DC=LOCAL filter=(&(&(objectClass=Person)(sAMAccountName=john)))) failed: Operations error
> srv1 dovecot: auth: Error: ldap_msgfree
> srv1 dovecot: auth: Error: ldap_result ld 0x7fef48794580 msgid -1
> srv1 dovecot: auth: Error: wait4msg ld 0x7fef48794580 msgid -1 (timeout 0 usec)
> srv1 dovecot: auth: Error: wait4msg continue ld 0x7fef48794580 msgid -1 all 0
> srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Connections:
> srv1 dovecot: auth: Error: * host: 192.168.188.156 port: 389 (default)
> srv1 dovecot: auth: Error: refcnt: 2 status: Connected
> srv1 dovecot: auth: Error: last used: Fri 2013
> srv1 dovecot: auth: Error:
> srv1 dovecot: auth: Error:
> srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Outstanding Requests:
> srv1 dovecot: auth: Error: * msgid 37, origid 37, status InProgress
> srv1 dovecot: auth: Error: outstanding referrals 0, parent count 0
> srv1 dovecot: auth: Error: ld 0x7fef48794580 request count 1 (abandoned 0)
> srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Response Queue:
> srv1 dovecot: auth: Error: Empty
> srv1 dovecot: auth: Error: ld 0x7fef48794580 response count 0
> srv1 dovecot: auth: Error: ldap_chkResponseList ld 0x7fef48794580 msgid -1 all 0
> srv1 dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fef48794580 NULL
> srv1 dovecot: auth: Error: ldap_int_select
> srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid -1 all 0
> srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid 37 message type search-entry
> srv1 dovecot: auth: Error: ldap_first_attribute
> srv1 dovecot: auth: Error: ldap_get_values
> srv1 dovecot: auth: Error: ldap_next_attribute
> srv1 dovecot: auth: Debug: auth(john): username changed john -> john
> srv1 dovecot: auth: Debug: ldap(john): result: sAMAccountName=john
> srv1 dovecot: auth: Error: ldap_get_dn
> srv1 dovecot: auth: Error: ldap_msgfree
> srv1 dovecot: auth: Error: ldap_result ld 0x7fef48794580 msgid -1
> srv1 dovecot: auth: Error: wait4msg ld 0x7fef48794580 msgid -1 (timeout 0 usec)
> srv1 dovecot: auth: Error: wait4msg continue ld 0x7fef48794580 msgid -1 all 0
> srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Connections:
> srv1 dovecot: auth: Error: * host: 192.168.188.156 port: 389 (default)
> srv1 dovecot: auth: Error: refcnt: 2 status: Connected
> srv1 dovecot: auth: Error: last used: Fri 2013
> srv1 dovecot: auth: Error:
> srv1 dovecot: auth: Error:
> srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Outstanding Requests:
> srv1 dovecot: auth: Error: * msgid 37, origid 37, status InProgress
> srv1 dovecot: auth: Error: outstanding referrals 0, parent count 0
> srv1 dovecot: auth: Error: ld 0x7fef48794580 request count 1 (abandoned 0)
> srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Response Queue:
> srv1 dovecot: auth: Error: Empty
> srv1 dovecot: auth: Error: ld 0x7fef48794580 response count 0
> srv1 dovecot: auth: Error: ldap_chkResponseList ld 0x7fef48794580 msgid -1 all 0
> srv1 dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fef48794580 NULL
> srv1 dovecot: auth: Error: ldap_int_select
> srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid -1 all 0
> srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid 37 message type search-reference
> srv1 dovecot: auth: Error: ldap_chase_v3referrals
> srv1 dovecot: auth: Error: ldap_url_parse_ext(ldap://DOMAIN.local/CN=Configuration,DC=DOMAIN,DC=local)
> srv1 dovecot: auth: Error: re_encode_request: new msgid 39, new dn <CN=Configuration,DC=DOMAIN,DC=local>
> srv1 dovecot: auth: Error: re_encode_request new request is:
> srv1 dovecot: auth: Error: ber_dump: buf=0x7fef4879d8d0 ptr=0x7fef4879d956 end=0x7fef4879e8ac len=134
> srv1 dovecot: auth: Error: 0000: 61 6d 65 4e 61 6d 65 00 00 00 00 00 00 00 00 00 ameName.........
> srv1 dovecot: auth: Error: 0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> srv1 dovecot: auth: Error: 0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> srv1 dovecot: auth: Error: 0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> srv1 dovecot: auth: Error: 0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> srv1 dovecot: auth: Error: 0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> srv1 dovecot: auth: Error: 0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> srv1 dovecot: auth: Error: 0070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> srv1 dovecot: auth: Error: 0080: 00 00 00 00 00 00 ......
> srv1 dovecot: auth: Error: ldap_chase_v3referral: msgid 37, url "ldap://DOMAIN.local/CN=Configuration,DC=DOMAIN,DC=local"
> srv1 dovecot: auth: Error: ldap_send_server_request
> srv1 dovecot: auth: Error: ldap_new_connection 0 1 1
> srv1 dovecot: auth: Error: ldap_int_open_connection
> srv1 dovecot: auth: Error: ldap_connect_to_host: TCP DOMAIN.local:389
> srv1 dovecot: auth: Error: ldap_new_socket: 19
> srv1 dovecot: auth: Error: ldap_prepare_socket: 19
> srv1 dovecot: auth: Error: ldap_connect_to_host: Trying 192.168.188.156:389
> srv1 dovecot: auth: Error: ldap_pvt_connect: fd: 19 tm: -1 async: 0
> srv1 dovecot: auth: Error: anonymous rebind via ldap_sasl_bind("")
> srv1 dovecot: auth: Error: ldap_sasl_bind
> srv1 dovecot: auth: Error: ldap_send_initial_request
> srv1 dovecot: auth: Error: ldap_send_server_request
> srv1 dovecot: auth: Error: ldap_result ld 0x7fef48794580 msgid 40
> srv1 dovecot: auth: Error: wait4msg ld 0x7fef48794580 msgid 40 (timeout 100000 usec)
> srv1 dovecot: auth: Error: wait4msg continue ld 0x7fef48794580 msgid 40 all 1
> srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Connections:
> srv1 dovecot: auth: Error: * host: DOMAIN.local port: 0
> srv1 dovecot: auth: Error: refcnt: 2 status: Connected
> srv1 dovecot: auth: Error: last used: Fri 2013
> srv1 dovecot: auth: Error: rebind in progress
> srv1 dovecot: auth: Error: queue is empty
> srv1 dovecot: auth: Error:
> srv1 dovecot: auth: Error: * host: 192.168.188.156 port: 389 (default)
> srv1 dovecot: auth: Error: refcnt: 3 status: Connected
> srv1 dovecot: auth: Error: last used: Fri 2013
> srv1 dovecot: auth: Error:
> srv1 dovecot: auth: Error:
> srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Outstanding Requests:
> srv1 dovecot: auth: Error: * msgid 40, origid 40, status InProgress
> srv1 dovecot: auth: Error: outstanding referrals 0, parent count 0
> srv1 dovecot: auth: Error: * msgid 37, origid 37, status InProgress
> srv1 dovecot: auth: Error: outstanding referrals 1, parent count 0
> srv1 dovecot: auth: Error: ld 0x7fef48794580 request count 2 (abandoned 0)
> srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Response Queue:
> srv1 dovecot: auth: Error: Empty
> srv1 dovecot: auth: Error: ld 0x7fef48794580 response count 0
> srv1 dovecot: auth: Error: ldap_chkResponseList ld 0x7fef48794580 msgid 40 all 1
> srv1 dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fef48794580 NULL
> srv1 dovecot: auth: Error: ldap_int_select
> srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid 40 all 1
> srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid 37 message type search-result
> srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 0 new referrals
> srv1 dovecot: auth: Error: read1msg: mark request completed, ld 0x7fef48794580 msgid 37
> srv1 dovecot: auth: Error: wait4msg ld 0x7fef48794580 0 s 99976 us to go
> srv1 dovecot: auth: Error: wait4msg continue ld 0x7fef48794580 msgid 40 all 1
> srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Connections:
> srv1 dovecot: auth: Error: * host: DOMAIN.local port: 0
> srv1 dovecot: auth: Error: refcnt: 2 status: Connected
> srv1 dovecot: auth: Error: last used: Fri 2013
> srv1 dovecot: auth: Error: rebind in progress
> srv1 dovecot: auth: Error: queue is empty
> srv1 dovecot: auth: Error:
> srv1 dovecot: auth: Error: * host: 192.168.188.156 port: 389 (default)
> srv1 dovecot: auth: Error: refcnt: 2 status: Connected
> srv1 dovecot: auth: Error: last used: Fri 2013
> srv1 dovecot: auth: Error:
> srv1 dovecot: auth: Error:
> srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Outstanding Requests:
> srv1 dovecot: auth: Error: * msgid 40, origid 40, status InProgress
> srv1 dovecot: auth: Error: outstanding referrals 0, parent count 0
> srv1 dovecot: auth: Error: * msgid 37, origid 37, status RequestCompleted
> srv1 dovecot: auth: Error: outstanding referrals 1, parent count 0
> srv1 dovecot: auth: Error: ld 0x7fef48794580 request count 2 (abandoned 0)
> srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Response Queue:
> srv1 dovecot: auth: Error: Empty
> srv1 dovecot: auth: Error: ld 0x7fef48794580 response count 0
> srv1 dovecot: auth: Error: ldap_chkResponseList ld 0x7fef48794580 msgid 40 all 1
> srv1 dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fef48794580 NULL
>
> dovecot -n:
> # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.2
> auth_debug = yes
> auth_verbose = yes
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
> passdb {
> args = /etc/dovecot/dovecot-ldap.conf
> driver = ldap
> }
> protocols = " imap lmtp sieve"
> service auth {
> unix_listener /var/spool/postfix/private/auth {
> group = vmail
> mode = 0660
> user = postfix
> }
> unix_listener auth-master {
> group = vmail
> mode = 0600
> user = vmail
> }
> }
> ssl = no
> userdb {
> driver = passwd
> }
More information about the dovecot
mailing list