Winbind auhentication
Luciano Mannucci
luciano at vespaperitivo.it
Fri Mar 10 14:11:37 UTC 2023
Helo all!
I'm trying to set up a dovecot server so that it authenticates local
user via /etc/passwd (I'm on a Freebsd 13.1) and via winbindd for
those that it cannot find localy. The samba suite is alive and well,
postfix gets happily mail from domain users and saves it with correct
name and permissions from the windows domain. If I try to authenticate
a domain user via wbinfo it works, with dovecot it doesn't.
I guess I'v forgot something in the dovecot config... :)
Here is my doveconf -n:
# 2.3.20 (80a5ac675d): /usr/local/etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.20 (149edcf2)
# OS: FreeBSD 13.1-RELEASE-p5 powerpc ufs
# Hostname: numeron.mcs.it
auth_cache_size = 30 k
auth_debug_passwords = yes
auth_mechanisms = plain ntlm login
auth_use_winbind = yes
auth_username_format = %n
auth_winbind_helper_path = /usr/local/bin/ntlm_auth
default_client_limit = 1128
default_vsz_limit = 712 M
disable_plaintext_auth = no
first_valid_uid = 0
info_log_path = /var/log/dovecot/logfile.info
listen = *
lock_method = flock
log_path = /var/log/dovecot/logfile
login_greeting = Dovecot at Nameron Ready.
mail_location = mbox:/var/spool/dovecot/%u:INBOX=/var/mail/%u
mail_plugins = fts
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext
passdb {
driver = passwd
}
protocols = imap pop3
service replication-notify-fifo {
name = aggregator
}
service anvil-auth-penalty {
name = anvil
}
service auth-worker {
name = auth-worker
}
service auth-client {
user = root
name = auth
}
service config {
name = config
}
service dict-async {
name = dict-async
}
service dict {
name = dict
}
service login/proxy-notify {
name = director
}
service dns-client {
name = dns-client
}
service doveadm-server {
name = doveadm
}
service imap-hibernate {
name = imap-hibernate
}
service imap {
service_count = 0
name = imap-login
}
service imap-urlauth {
name = imap-urlauth-login
}
service imap-urlauth-worker {
name = imap-urlauth-worker
}
service token-login/imap-urlauth {
name = imap-urlauth
}
service imap-master {
name = imap
}
service indexer-worker {
name = indexer-worker
}
service indexer {
name = indexer
}
service ipc {
name = ipc
}
service lmtp {
name = lmtp
}
service log-errors {
name = log
}
service sieve {
name = managesieve-login
}
service login/sieve {
name = managesieve
}
service old-stats-mail {
name = old-stats
}
service pop3 {
process_limit = 255
service_count = 1
name = pop3-login
}
service login/pop3 {
name = pop3
}
service replicator-doveadm {
name = replicator
}
service login/stats-writer {
unix_listener {
group = mail
mode = 0666
user = dovecot
path = stats-reader
}
unix_listener {
group = mail
mode = 0666
user = dovecot
path = stats-writer
}
name = stats
}
service submission {
name = submission-login
}
service login/submission {
name = submission
}
ssl = no
userdb {
driver = passwd
}
protocol pop3 {
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
pop3_enable_last = yes
pop3_uidl_format = %08Xu%08Xv
service replication-notify-fifo {
name = aggregator
}
service anvil-auth-penalty {
name = anvil
}
service auth-worker {
name = auth-worker
}
service auth-client {
name = auth
}
service config {
name = config
}
service dict-async {
name = dict-async
}
service dict {
name = dict
}
service login/proxy-notify {
name = director
}
service dns-client {
name = dns-client
}
service doveadm-server {
name = doveadm
}
service imap-hibernate {
name = imap-hibernate
}
service imap {
name = imap-login
}
service imap-urlauth {
name = imap-urlauth-login
}
service imap-urlauth-worker {
name = imap-urlauth-worker
}
service token-login/imap-urlauth {
name = imap-urlauth
}
service imap-master {
name = imap
}
service indexer-worker {
name = indexer-worker
}
service indexer {
name = indexer
}
service ipc {
name = ipc
}
service lmtp {
name = lmtp
}
service log-errors {
name = log
}
service sieve {
name = managesieve-login
}
service login/sieve {
name = managesieve
}
service old-stats-mail {
name = old-stats
}
service pop3 {
name = pop3-login
}
service login/pop3 {
name = pop3
}
service replicator-doveadm {
name = replicator
}
service login/stats-writer {
name = stats
}
service submission {
name = submission-login
}
service login/submission {
name = submission
}
}
protocol lda {
debug_log_path = /var/log/dovecot/lda-debug.log
info_log_path = /var/log/dovecot/lda.info
log_path = /var/log/dovecot/lda.err
mail_debug = yes
postmaster_address = l at mcs.it
service replication-notify-fifo {
name = aggregator
}
service anvil-auth-penalty {
name = anvil
}
service auth-worker {
name = auth-worker
}
service auth-client {
name = auth
}
service config {
name = config
}
service dict-async {
name = dict-async
}
service dict {
name = dict
}
service login/proxy-notify {
name = director
}
service dns-client {
name = dns-client
}
service doveadm-server {
name = doveadm
}
service imap-hibernate {
name = imap-hibernate
}
service imap {
name = imap-login
}
service imap-urlauth {
name = imap-urlauth-login
}
service imap-urlauth-worker {
name = imap-urlauth-worker
}
service token-login/imap-urlauth {
name = imap-urlauth
}
service imap-master {
name = imap
}
service indexer-worker {
name = indexer-worker
}
service indexer {
name = indexer
}
service ipc {
name = ipc
}
service lmtp {
name = lmtp
}
service log-errors {
name = log
}
service sieve {
name = managesieve-login
}
service login/sieve {
name = managesieve
}
service old-stats-mail {
name = old-stats
}
service pop3 {
name = pop3-login
}
service login/pop3 {
name = pop3
}
service replicator-doveadm {
name = replicator
}
service login/stats-writer {
name = stats
}
service submission {
name = submission-login
}
service login/submission {
name = submission
}
}
root at numeron:~#
Thanks for any hint,
Luciano.
--
/"\ /Via A. Salaino, 7 - 20144 Milano (Italy)
\ / ASCII RIBBON CAMPAIGN / PHONE : +39 02485781 FAX: +39 0248028247
X AGAINST HTML MAIL / E-MAIL: posthamster at sublink.sublink.ORG
/ \ AND POSTINGS / WWW: http://www.lesassaie.IT/
More information about the dovecot
mailing list