Mayank Joshi wrote:
passdb: driver: pam userdb: driver: passwd
- Dovecot's PAM file (/etc/pam.d/dovecot) #%PAM-1.0 auth required pam_ldap.so account required pam_ldap.so session required pam_mkhomedir.so skel=/etc/skel umask=0077 session required pam_ldap.so
Our situation is similar (but not exact) to yours - I'm authenticating against LDAP though and not AD2003. Perhaps one of these settings I use may help:
dovecot.conf: login_process_per_connection: no
auth default: cache_size: 4096 cache_ttl: 7200 passdb: driver: pam args: cache_key=%u dovecot userdb: driver: passwd args: blocking=yes
The blocking=yes in the userdb might be the first thing you try, see these wiki pages for the reasons I have it like this:
http://wiki.dovecot.org/UserDatabase/NSS http://wiki.dovecot.org/AuthDatabase/Passwd
Additionally my pam.d dovecot uses the system stack, which *then* uses nss_ldap on it's own; I don't specifically bind pam_ldap into the dovecot pam.d file:
# cat /etc/pam.d/dovecot #%PAM-1.0 auth required pam_nologin.so auth required pam_stack.so service=system-auth account required pam_stack.so service=system-auth session required pam_stack.so service=system-auth
In this case the file /etc/nsswitch.conf is controlling my authentication mechanism (LDAP), and the pam_ldap.so stack entry is located in /etc/pam.d/system-auth (these are all Red Hat defaults out of the box).
Hope some of this helps, -te
-- Troy Engel | Systems Engineer Fluid, Inc | http://www.fluid.com