Bug report: Expanding variables with filter
defaultin LDAP context does not suppress error logging if LDAP attribute is missing.[...] This results in the following log line:
> 2026-03-31T00:46:31.102690+02:00 mailserver dovecot:
auth(test,ipv4,sasl:plain)<YE81n0VOVuofEeSD>: Error: ldap: auth_passdb_post settings: Failed to parse configuration: Failed to expand passdb_fields/nologin setting variables: ldap: No such attribute 'shadowinactive'
In case anybody is hit by the issue and for reference: With Linux you can block the error messages in systemd respectively the logging facility:
- for systemd unit add file
/etc/systemd/system/dovecot.service.d/override.conf
[Service] LogFilterPatterns=~Error: ldap-dn: auth_passdb_post settings: Failed to parse configuration: Failed to expand passdb_fields/nologin setting variables: ldap: No such attribute 'shadowinactive'$
- for rsyslog add file
/etc/rsyslog.d/dovecot-ldap-errors.frule
if ($syslogfacility-text == 'mail') and \ ($msg endswith 'Error: ldap-dn: auth_passdb_post settings: Failed to parse configuration: Failed to expand passdb_fields/nologin setting variables: ldap: No such attribute \'shadowinactive\'') \ then { stop }
With openSUSE you need both. Make sure you adapt it to your attribute (and the syslog faciity). Finally run systemctl daemon-reload and systemctl restart rsyslog.
Best, Johannes
-- Johannes Nohl postmaster@i-t-cloud.de