Iteration for ldap userdb does not work

Holger A. Brinkhaus holger at brinkhaus.org
Thu Oct 19 20:37:07 EEST 2017


Hi,

I have a working ldap authentification for dovecot (with ldap based 
userdb query) for my Active Directory but iterations by doveadm -A runs 
in timeout.

I tried now for three days and get it not to work.

Best regards
   Holger

/etc/dovecot/dovecot-ldap-userdb.conf  is symlink to
/etc/doveconf/doveconf-ldap.conf

debug_level = 0
uris = ldaps://server1.office.hb-os.de:636
dn = cn=BINDUSER,cn=Users,dc=SUBDOM,dc=DOM,dc=de
dnpass = MYPASSWORD
auth_bind = yes
ldap_version = 3
deref = never
base = cn=Users,dc=SUBDOM,dc=DOM,dc=de
scope = subtree
user_attrs = =home=/usr/data/vmail/%d/%n, 
=mail=maildir:/usr/data/vmail/%d/%n/Maildir
user_filter = (&(objectClass=person)(mail=%u))
pass_filter = (&(objectClass=person)(mail=%u))
iterate_attrs = mail=user
iterate_filter = (objectClass=person)


doveconf -n

# 2.2.13: /etc/dovecot/dovecot.conf
# OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.9
auth_mechanisms = plain login
base_dir = /var/run/dovecot/
default_vsz_limit = 512 M
dict {
   expire = mysql:/etc/dovecot/dovecot-dict-expire.conf.ext
}
first_valid_uid = 100
imap_idle_notify_interval = 16 mins
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
log_path = /var/log/dovecot.log
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_gid = vmail
mail_home = /usr/data/vmail/%d/
mail_location = maildir:~/Maildir:LAYOUT=fs
mail_plugins = expire
mail_privileged_group = vmail
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date ihave
namespace inbox {
   inbox = yes
   location =
   mailbox Drafts {
     special_use = \Drafts
   }
   mailbox Junk {
     special_use = \Junk
   }
   mailbox Sent {
     special_use = \Sent
   }
   mailbox "Sent Messages" {
     special_use = \Sent
   }
   mailbox Trash {
     special_use = \Trash
   }
   prefix =
}
passdb {
   args = /etc/dovecot/dovecot-ldap.conf
   driver = ldap
}
plugin {
   antispam_backend = pipe
   antispam_debug_target = syslog
   antispam_pipe_program = /usr/data/vmail/spampipe.sh
   antispam_pipe_program_notspam_arg = --ham
   antispam_pipe_program_spam_arg = --spam
   antispam_pipe_tmp_dir = /tmp
   antispam_spam = Junk;SPAM;Spam
   antispam_trash = Trash
   expire = Trash
   expire2 = Trash/*
   expire3 = Junk
   expire_dict = proxy::expire
   sieve = /usr/data/vmail/%u/sieve/active-script.sieve
   sieve_before = /usr/data/vmail/sieve/spam-global.sieve
   sieve_dir = /usr/data/vmail/%d/%n/sieve/scripts/
   sieve_max_redirects = 4
   sieve_max_script_size = 1M
   sieve_quota_max_scripts = 128
}
postmaster_address = ME at DOMAIN.de
protocols = imap lmtp sieve
service auth {
   unix_listener /var/spool/postfix/private/auth {
     group = postfix
     mode = 0660
     user = postfix
   }
   unix_listener auth-userdb {
     group = postfix
     mode = 0600
     user = postfix
   }
   user = vmail
}
service dict {
   unix_listener dict {
     group = vmail
     mode = 0600
     user = vmail
   }
}
service imap-login {
   inet_listener imap {
     port = 143
   }
   inet_listener imaps {
     port = 993
     ssl = yes
   }
   process_min_avail = 10
   service_count = 1
}
service lmtp {
   unix_listener /var/spool/postfix/private/dovecot-lmtp {
     group = postfix
     mode = 0600
     user = postfix
   }
}
ssl_cert = </etc/ssl/certs/MY_CERT.crt
ssl_key = </etc/ssl/private/MY_CERT.key
userdb {
   args = /etc/dovecot/dovecot-ldap-userdb.conf
   driver = ldap
}
protocol lmtp {
   mail_plugins = expire sieve
}
protocol lda {
   mail_plugins = expire sieve
}
protocol imap {
   mail_max_userip_connections = 10
   mail_plugins = expire antispam
}


More information about the dovecot mailing list