Am 30.10.2013 21:17, schrieb me@electronico.nc:
Hello and thanks for your answer.
Le 30/10/2013 19:32, Steffen Kaiser a écrit :
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 30 Oct 2013, me@electronico.nc wrote:
passdb { args = /etc/dovecot/dovecot-ldap-passdb.conf.ext driver = ldap }
/etc/dovecot/dovecot-ldap-passdb.conf.ext:
hosts = localhost auth_bind = yes auth_bind_userdn = cn=%u,OU=users,dc=domain,dc=lan
You define your bind DN as cn=%u,OU=users,dc=domain,dc=lan
ldap_version = 3 base = ou=users,dc=domain,dc=lan scope = subtree pass_filter = (&(objectClass=person)(cn=%u)(mail=*))
You should use
/etc/dovecot/dovecot-ldap-passdb.conf.ext
hosts = localhost dn = cn=ldap,cn=Users,DC=domain,DC=lan dnpass = My_secret_pass auth_bind = yes ldap_version = 3 base = OU=users,DC=domain,DC=lan scope = subtree pass_filter = (&(objectClass=person)(cn=%u)(mail=*))
That way pass_filter should match cn=%u,OU=administrative,OU=Users,DC=domain,DC=lan as well. Take an look at http://wiki2.dovecot.org/AuthDatabase/LDAP/AuthBinds DN lookup vs. DN template.