I have tried the user_filter you suggested, it did not change anything. I played around with some Active Directory permissions today and set it up so that I could perform anonymous queries and verified that they were successful with ldapsearch on the command line. This still didn't seem to help the problem.
As far as I can tell userdb ldap queries are run using the user specified in dn with the password specified in dnpass. I know those fields are correct as userdb has no problem querying users by sAMAccountName or mail attributes. I also know that the user_filter string works as I can run an ldapsearch using dn, dnpass, and user_filter and that returns the correct information. For some reason when the deliver process does this nothing is returned.
As I mentioned in the initial post, some fields work and others do not. If I change the filter to look for sn=%n and try to deliver to my last name then it delivers fine. If I set the filter to title=%n and try to deliver to my title then I get the same problem as with otherMailbox.
Is there schema information dovecot is using that defines certain userdb attributes it can and can't use?
On Thu, Oct 15, 2009 at 12:28 PM, Timo Sirainen <tss@iki.fi> wrote:
On Wed, 2009-10-14 at 16:00 -0400, Mark Schaub wrote:
user_filter = (&(objectclass=person)(|(sAMAccountName=%n)(mail=%n@sau24.org)(otherMailbox=%n@sau24.org)))
My LDAP knowledge isn't that great, but does | accept more than one parameter? Try changing this to:
user_filter = (&(objectclass=person)(|(sAMAccountName=%n)(|(mail=%n@sau24.org)(otherMailbox=%n@sau24.org))))
Other than that, I don't really have much ideas. Does the same filter work with e.g. ldapsearch?