Hello list,
I am struggling with setting up dovecot 2.1.7 with samba 4.1.2 on debian wheezy. Dovecot should authenticate via LDAP, but I cannot get it to work reliably. Sometimes auth works, sometimes not. Referals are already activated in ldap.conf … LDAP-authentication works fine with other clients (Apache Directory Studio, …) Has somebody got a similar setup running? I would love some hints on how to debug this issue …
Thank you!
Regards
dovecot-ldap.conf hosts = 192.168.188.156:389 dn = CN=Administrator,CN=Users,DC=DOMAIN,DC=LOCAL dnpass = Test123 auth_bind = yes ldap_version = 3 base = DC=DOMAIN,DC=LOCAL tls = no debug_level = -1 ldap_version = 3 scope = subtree user_attrs = uidNumber=uid,gidNumber=gid user_filter = (&(&(objectClass=Person)(sAMAccountName=%u))) pass_attrs = sAMAccountName=user,userPassword=password pass_filter = (&(&(objectClass=Person)(sAMAccountName=%u)))
logs:
srv1 dovecot: auth: Debug: auth client connected (pid=0)
srv1 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=doveadm#011resp=<hidden>
srv1 dovecot: auth: Debug: ldap(john): bind search: base=DC=DOMAIN,DC=LOCAL filter=(&(&(objectClass=Person)(sAMAccountName=john)))
srv1 dovecot: auth: Error: ldap_search
srv1 dovecot: auth: Error: put_filter: "(&(&(objectClass=Person)(sAMAccountName=john)))"
srv1 dovecot: auth: Error: put_filter: AND
srv1 dovecot: auth: Error: put_filter_list "(&(objectClass=Person)(sAMAccountName=john))"
srv1 dovecot: auth: Error: put_filter: "(&(objectClass=Person)(sAMAccountName=john))"
srv1 dovecot: auth: Error: put_filter: AND
srv1 dovecot: auth: Error: put_filter_list "(objectClass=Person)(sAMAccountName=john)"
srv1 dovecot: auth: Error: put_filter: "(objectClass=Person)"
srv1 dovecot: auth: Error: put_filter: simple
srv1 dovecot: auth: Error: put_simple_filter: "objectClass=Person"
srv1 dovecot: auth: Error: put_filter: "(sAMAccountName=john)"
srv1 dovecot: auth: Error: put_filter: simple
srv1 dovecot: auth: Error: put_simple_filter: "sAMAccountName=john"
srv1 dovecot: auth: Error: ldap_build_search_req ATTRS: sAMAccountName
srv1 dovecot: auth: Error: ldap_send_initial_request
srv1 dovecot: auth: Error: ldap_send_server_request
srv1 dovecot: auth: Error: ldap_result ld 0x7fef48794580 msgid -1
srv1 dovecot: auth: Error: wait4msg ld 0x7fef48794580 msgid -1 (timeout 0 usec)
srv1 dovecot: auth: Error: wait4msg continue ld 0x7fef48794580 msgid -1 all 0
srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Connections:
srv1 dovecot: auth: Error: * host: DOMAIN.local port: 0
srv1 dovecot: auth: Error: refcnt: 1 status: Connected
srv1 dovecot: auth: Error: last used: Fri Dec 6 19:08:49 2013
srv1 dovecot: auth: Error:
srv1 dovecot: auth: Error:
srv1 dovecot: auth: Error: * host: 192.168.188.156 port: 389 (default)
srv1 dovecot: auth: Error: refcnt: 2 status: Connected
srv1 dovecot: auth: Error: last used: Fri 2013
srv1 dovecot: auth: Error:
srv1 dovecot: auth: Error:
srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Outstanding Requests:
srv1 dovecot: auth: Error: * msgid 37, origid 37, status InProgress
srv1 dovecot: auth: Error: outstanding referrals 0, parent count 0
srv1 dovecot: auth: Error: * msgid 35, origid 33, status InProgress
srv1 dovecot: auth: Error: outstanding referrals 0, parent count 1
srv1 dovecot: auth: Error: * msgid 33, origid 33, status RequestCompleted
srv1 dovecot: auth: Error: outstanding referrals 1, parent count 1
srv1 dovecot: auth: Error: ld 0x7fef48794580 request count 3 (abandoned 0)
srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Response Queue:
srv1 dovecot: auth: Error: Empty
srv1 dovecot: auth: Error: ld 0x7fef48794580 response count 0
srv1 dovecot: auth: Error: ldap_chkResponseList ld 0x7fef48794580 msgid -1 all 0
srv1 dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fef48794580 NULL
srv1 dovecot: auth: Error: ldap_int_select
srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid -1 all 0
srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid 35 message type search-result
srv1 dovecot: auth: Error: ldap_chase_referrals
srv1 dovecot: auth: Error: read1msg: V2 referral chased, mark request completed, id = 35
srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 0 new referrals
srv1 dovecot: auth: Error: read1msg: mark request completed, ld 0x7fef48794580 msgid 35
srv1 dovecot: auth: Error: merged parent (id 33) error info: result errno 1, error <00002020: Operation unavailable without authentication>, matched <>
srv1 dovecot: auth: Error: request done: ld 0x7fef48794580 msgid 33
srv1 dovecot: auth: Error: res_errno: 1, res_error: <00002020: Operation unavailable without authentication>, res_matched: <>
srv1 dovecot: auth: Error: ldap_free_request (origid 33, msgid 33)
srv1 dovecot: auth: Error: ldap_free_request (origid 33, msgid 35)
srv1 dovecot: auth: Error: ldap_free_connection 0 1
srv1 dovecot: auth: Error: ldap_send_unbind
srv1 dovecot: auth: Error: ldap_free_connection: actually freed
srv1 dovecot: auth: Error: ldap_parse_result
srv1 dovecot: auth: Error: ldap_err2string
srv1 dovecot: auth: Error: ldap(john): ldap_search(base=DC=DOMAIN,DC=LOCAL filter=(&(&(objectClass=Person)(sAMAccountName=john)))) failed: Operations error
srv1 dovecot: auth: Error: ldap_msgfree
srv1 dovecot: auth: Error: ldap_result ld 0x7fef48794580 msgid -1
srv1 dovecot: auth: Error: wait4msg ld 0x7fef48794580 msgid -1 (timeout 0 usec)
srv1 dovecot: auth: Error: wait4msg continue ld 0x7fef48794580 msgid -1 all 0
srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Connections:
srv1 dovecot: auth: Error: * host: 192.168.188.156 port: 389 (default)
srv1 dovecot: auth: Error: refcnt: 2 status: Connected
srv1 dovecot: auth: Error: last used: Fri 2013
srv1 dovecot: auth: Error:
srv1 dovecot: auth: Error:
srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Outstanding Requests:
srv1 dovecot: auth: Error: * msgid 37, origid 37, status InProgress
srv1 dovecot: auth: Error: outstanding referrals 0, parent count 0
srv1 dovecot: auth: Error: ld 0x7fef48794580 request count 1 (abandoned 0)
srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Response Queue:
srv1 dovecot: auth: Error: Empty
srv1 dovecot: auth: Error: ld 0x7fef48794580 response count 0
srv1 dovecot: auth: Error: ldap_chkResponseList ld 0x7fef48794580 msgid -1 all 0
srv1 dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fef48794580 NULL
srv1 dovecot: auth: Error: ldap_int_select
srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid -1 all 0
srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid 37 message type search-entry
srv1 dovecot: auth: Error: ldap_first_attribute
srv1 dovecot: auth: Error: ldap_get_values
srv1 dovecot: auth: Error: ldap_next_attribute
srv1 dovecot: auth: Debug: auth(john): username changed john -> john
srv1 dovecot: auth: Debug: ldap(john): result: sAMAccountName=john
srv1 dovecot: auth: Error: ldap_get_dn
srv1 dovecot: auth: Error: ldap_msgfree
srv1 dovecot: auth: Error: ldap_result ld 0x7fef48794580 msgid -1
srv1 dovecot: auth: Error: wait4msg ld 0x7fef48794580 msgid -1 (timeout 0 usec)
srv1 dovecot: auth: Error: wait4msg continue ld 0x7fef48794580 msgid -1 all 0
srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Connections:
srv1 dovecot: auth: Error: * host: 192.168.188.156 port: 389 (default)
srv1 dovecot: auth: Error: refcnt: 2 status: Connected
srv1 dovecot: auth: Error: last used: Fri 2013
srv1 dovecot: auth: Error:
srv1 dovecot: auth: Error:
srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Outstanding Requests:
srv1 dovecot: auth: Error: * msgid 37, origid 37, status InProgress
srv1 dovecot: auth: Error: outstanding referrals 0, parent count 0
srv1 dovecot: auth: Error: ld 0x7fef48794580 request count 1 (abandoned 0)
srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Response Queue:
srv1 dovecot: auth: Error: Empty
srv1 dovecot: auth: Error: ld 0x7fef48794580 response count 0
srv1 dovecot: auth: Error: ldap_chkResponseList ld 0x7fef48794580 msgid -1 all 0
srv1 dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fef48794580 NULL
srv1 dovecot: auth: Error: ldap_int_select
srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid -1 all 0
srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid 37 message type search-reference
srv1 dovecot: auth: Error: ldap_chase_v3referrals
srv1 dovecot: auth: Error: ldap_url_parse_ext(ldap://DOMAIN.local/CN=Configuration,DC=DOMAIN,DC=local)
srv1 dovecot: auth: Error: re_encode_request: new msgid 39, new dn
dovecot -n: # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.2 auth_debug = yes auth_verbose = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } protocols = " imap lmtp sieve" service auth { unix_listener /var/spool/postfix/private/auth { group = vmail mode = 0660 user = postfix } unix_listener auth-master { group = vmail mode = 0600 user = vmail } } ssl = no userdb { driver = passwd }