<quote who="Jack McKinney"> > No, it isn't. I have verified the connection with "openssl s_client". > Besides, the server is receiving the username "jackmc@lorentz.com", so > the connection has already been made by this time. > What is happening every time is that dovecot sends the correct query to > OpenLDAP (as noted in the log below), OpenLDAP receives that query > (according to its log) and responds with one match, but dovecot never > seems to see that response. 180 seconds after the auth fails, dovecot > drops the connection with the IMAP client for inactivity. >
I've gone back to your first post, and you slapd logs show:
Apr 3 08:13:30 fourier slapd[14039]: conn=7 op=3 SRCH base="ou=users,dc=lorentz,dc=com" scope=1 deref=0 filter="(&(objectClass=inetOrgPerson)(mail=jackmc at lorentz.com))" Apr 3 08:13:30 fourier slapd[14039]: conn=7 op=3 SRCH attr=uid Apr 3 08:13:30 fourier slapd[14039]: conn=7 op=3 SEARCH RESULT tag=101 err=0 nentries=1 text=
Which shows the correct filter, but the requested attribute to return is "uid", which is _not_ in your entry:
# Jack McKinney, users, lorentz.com dn: cn=Jack McKinney,ou=users,dc=lorentz,dc=com objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson cn: Jack McKinney givenName: Jack McKinney sn: McKinney mail: jackmc at lorentz.com
Try the same search again, but using (note uid on end):
ldapsearch -h ldap.lrtz -b 'ou=users, dc=lorentz, dc=com' -D 'cn=varmail,ou=users,dc=lorentz,dc=com' -x -W -s onelevel '(&(objectClass=inetOrgPerson)(mail=jackmc at lorentz.com))' uid
It should be empty, hence why dovecot isn't getting anything.