SunOS pop01.unix 5.10 Generic_118844-26 i86pc i386 i86pc dovecot-1.0.beta3
It is most likely something I am doing wrong, but could someone take a look at why I can not get LDAP prefetch to work?
If I define things like this:
dovecot.conf:
passdb ldap { args = /usr/local/etc/dovecot-ldap.conf }
userdb ldap { args = /usr/local/etc/dovecot-ldap.conf }
dovecot-ldap.conf:
base = uid=%n, o=%d, ou=mail, dc=example, dc=com user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid user_filter = (&(objectClass=posixAccount)(mail=%u)) pass_attrs = mail=user,userPassword=password,homeDirectory=userdb_home,uidNumber =userdb_uid,gidNumber=userdb_gid pass_filter = (&(objectClass=posixAccount)(mail=%u))
This works correctly. Queries LDAP twice, but retrieves home, uid, gid and mail correctly. Authenticates well.
If I replace the userdb line in dovecot.conf with:
userdb prefetch {
}
It does no longer work. The passdb query is still correct, and it is followed by a second "empty" ldap query (as seen from snoop) with the following errors:
Mar 20 15:58:06 pop01.unix dovecot: [ID 474965 mail.info] Dovecot v1.0.beta3 starting up Mar 20 15:58:14 pop01.unix dovecot: [ID 107833 mail.error] auth(default): prefetch(fred@uranus.com,172.20.12.12): userdb_uid not returned Mar 20 15:58:14 pop01.unix dovecot: [ID 107833 mail.error] auth(default): prefetch(fred@uranus.com,172.20.12.12): userdb_gid not returned Mar 20 15:58:14 pop01.unix dovecot: [ID 107833 mail.error] auth(default): userdb(fred@uranus.com,172.20.12.12): user not found from userdb Mar 20 15:58:14 pop01.unix dovecot: [ID 107833 mail.info] pop3-login: Internal login failure: user=<fred@uranus.com>, method=PLAIN, rip=172.20.12.12, lip=172.20.12.8
Snoop of failing lookup:
LDAP: Operation *[APPL 3: Search Request] LDAP: [Base Object] LDAP: uid=fred, o=uranus.com, ou=mail, LDAP: dc=example, dc=com [snip] LDAP: And *[0] LDAP: Equality Match *[3] LDAP: [Attr Descr] LDAP: objectClass LDAP: [Value] LDAP: posixAccount LDAP: *[3] LDAP: [OctetString] LDAP: mail LDAP: [OctetString] LDAP: fred@uranus.com LDAP: *[Sequence] LDAP: [OctetString] LDAP: mail LDAP: [OctetString] LDAP: userPassword LDAP: [OctetString] LDAP: homeDirectory LDAP: [OctetString] LDAP: uidNumber LDAP: [OctetString] LDAP: gidNumber [snip] LDAP: Operation *[APPL 4: Search ResEntry] LDAP: [Object Name] LDAP: uid=fred,o=uranus.com,ou=mail,dc LDAP: =example,dc=com LDAP: *[Partial Attributes] LDAP: *[Attribute] LDAP: [Type] LDAP: uidNumber LDAP: *[Vals] LDAP: [Value] LDAP: 105 LDAP: *[Attribute] LDAP: [Type] LDAP: gidNumber LDAP: *[Vals] LDAP: [Value] LDAP: 200 LDAP: *[Attribute] LDAP: [Type] LDAP: homeDirectory LDAP: *[Vals] LDAP: [Value] LDAP: /export/nfs/mail/com/s/u/ur LDAP: anus/fred/ LDAP: *[Attribute] LDAP: [Type] LDAP: userPassword LDAP: *[Vals] LDAP: [Value] LDAP: {crypt}QAa3SPeYrDARs (its "test", no leak fun here) LDAP: *[Attribute] LDAP: [Type] LDAP: mail LDAP: *[Vals] LDAP: [Value] LDAP: fred@uranus.com [snip] TCP: Destination port = 389 (LDAP) LDAP: ----- LDAP: ----- LDAP: LDAP: "" LDAP: TCP: Destination port = 389 (LDAP) LDAP: ----- LDAP: ----- LDAP: LDAP: "" LDAP:
Please advice!
Lund
-- Jorgen Lundman | <lundman@lundman.net> Unix Administrator | +81 (0)3 -5456-2687 ext 1017 (work) Shibuya-ku, Tokyo | +81 (0)90-5578-8500 (cell) Japan | +81 (0)3 -3375-1767 (home)