I left auth_bind on, but commented out the dn and dnpass fields. I would think those would be the credentials with which to bind to search for the user, then bind with the supplied credentials when the user's been found since the user could be anywhere in the ldap structure. In any event, I've enabled anonymous lookups (for the time being) so it's not necessary.
It was also suggested that the LDAP path is backwards, but again this is pretty much the same path I used in configuring Postfix. Oh, and unfortunately, dumping Outlook isn't something we can do. :(
I'm all out of ideas... I'm sniffing the packets and it's just like it gets a query result but never attempts to bind.
- Burton
On 5/18/06, Andrew Bates <abates@omeganetserv.com> wrote:
Here's the meat of the dovecot-ldap.conf file I'm using: hosts = 192.168.x.x dn = cn=Administrator,cn=Users,DC=domain,DC=local dnpass = xxxxx auth_bind = yes ldap_version = 3 base = DC=domain,DC=local scope = subtree user_attrs = sAMAccountName,mail,,,, user_filter = (&(objectClass=organizationalPerson)(sAMAccountName=%u)) pass_filter = (&(objectClass=organizationalPerson)(sAMAccountName=%u)) user_global_uid = 44 user_global_gid = 44
You might want to turn off auth_bind. auth_bind will bind to the active directory/ldap server with the user's credentials, not the dn. Not sure if that's what is causing your problems or not.