LDAP and user duplicated with replication

Claudio Corvino ccorvino at trustitalia.it
Tue Dec 7 10:39:55 UTC 2021 

Hi Christian,

if I try:

/user_attrs =
sAMAccountName=user,=home=/mnt/mail-storage-lv0007/%$,=uid=501,=gid=501/

then the result on node A is:

/# doveadm user its-test//
//field    value//
//uid    501//
//gid    501//
//home    /mnt/mail-storage-lv0007///
//mail maildir:~/Maildir:INDEX=/var/indexes/its-test/

on node B where I didn't change anything the result is:

/# doveadm user its-test
field    value
uid    501
gid    501
home    /mnt/mail-storage-lv0007/its-test
mail maildir:~/Maildir:INDEX=/var/indexes/its-test/

I think that the home is correct on node B, don't you?

Then when I do a search like this:

/doveadm replicator status '*'/

I have the same result on both nodes:

/# doveadm replicator status '*'//
//username priority fast sync full sync success sync failed//
//its-test low      00:04:05  19:57:52  19:58:47     - //
//its-test2 none     19:59:43  19:59:43  44:01:24     - /

I have to specify that in these days I did some tests and removed all 
the users with domain part in the name with the following command:

/doveadm replicator remove its-test2 at domain.com/

/doveadm replicator remove its-test at domain.com/

But I don't know if this is useful, I have executed the same command in 
production servers and all the users with the domain part in the name 
reappeared after a few minutes; in test environment anyway after 
/doveadm replicator remove/ command, these users are not reappearing ... 
I don't know why.

Thanks for your help!

Kind Regards

On 06/12/21 14:43, Christian Mack wrote:
> Hello
>
> Am 02.12.21 um 17:54 schrieb Claudio Corvino:
>> Hi,
>>
>> I have two IMAP/LMTP Dovecot server in replica (version 2.3.4.1), I use
>> LDAP/AD for /userdb, /replica is working.
>>
>> When I do a search like:
>>
>> /doveadm replicator status '*'/
>>
>> I receive user duplicated, with and without the domain part, for example:
>>
>> /test/
>> /test at domain.com/
>>
>> but they are the same user; this lead the replicator doing twice the
>> work of replication.
>>
>> I think this is related to //etc/dovecot/dovecot-ldap.conf/ that is
>> configured in this way:
>>
>> /hosts = xxx/
>>
>> /base = dc=xxx,dc=xxx
>> ldap_version=3
>> auth_bind = yes
>> dn = cn=xxx,cn=Users,dc=xxx,dc=xxx
>> dnpass = xxx
>> scope = subtree
>> user_attrs =
>> sAMAccountName=home=/mnt/mail-storage-lv0007/%$,=uid=501,=gid=501
> [...]
>
> This is for sure wrong.
>
> Try:
> user_attrs =
> sAMAccountName=user,=home=/mnt/mail-storage-lv0007/%$,=uid=501,=gid=501
>
>
> Kind regards,
> Christian Mack
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20211207/4b20fb0e/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3517 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://dovecot.org/pipermail/dovecot/attachments/20211207/4b20fb0e/attachment-0001.bin>

More information about the dovecot mailing list