System basics Centos 7.3 Dovecot 2.2.32 (dfbe293d4)
I am working on a replacement mail server for work and one of the features I wanted was ldap authentication
After much fiddling I got it to work.
But I encountered a issue where two different methods of testing a mail account resulted in the mail_location being different
I set mail_location = maildir:/var/spool/maildir/%d/%n/Maildir in dovecot.conf
when I test the authentication and to see if the folders are created correctly on first use I have two results depending on how I test.
First test was from openssl
openssl s_client -connect mail2:993
I have no problem connecting, I issue the following commands
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. a login testuser@userful.com ******** a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE] Logged in a list "" *
- LIST (\HasNoChildren) "." INBOX a OK List completed (0.001 + 0.000 secs).
- BYE Disconnected for inactivity. closed
But when I look in the mail server at /var/spool/maildir the testuser is not created inside of userful.com but at the same level as userful.com contrary to the %d in mail_location settings.
Now second method
doveadm -D mailbox list -u 'testuser@userful.com'
This correctly creates the user under the domain as specified.
for logs I have from journalctl
for openssl
Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: client in: AUTH 2 PLAIN service=imap secured session=VgBmvMNcQoTAqHsn lip=192.168. 123.236 rip=192.168.123.39 lport=993 rport=33858 resp=AHRlc3R1c2VyQHVzZXJmdWwuY29tADk5dGVzdHVzZXI5OQ== (previous base64 data may contain sensitive data) Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap(testuser@userful.com,192.168.123.39,<VgBmvMNcQoTAqHsn>): bind search: base=ou=People,dc=userful,dc=ca filter=(&(objectClass=posixAccount)(uid=testuser)) Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap(testuser@userful.com,192.168.123.39,<VgBmvMNcQoTAqHsn>): result: uid=testuser; uid unused Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap(testuser@userful.com,192.168.123.39,<VgBmvMNcQoTAqHsn>): username changed testuser@userful.com -> testuser Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap(testuser,192.168.123.39,<VgBmvMNcQoTAqHsn>): result: uid=testuser Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: client passdb out: OK 2 user=testuser original_user=testuser@userful.com Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: master in: REQUEST 2784755713 10725 2 d4a357fe811a1da8bd725b82fc1da2ab session_pid=11051 request_auth_token Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap(testuser,192.168.123.39,<VgBmvMNcQoTAqHsn>): user search: base=ou=People,dc=userful,dc=ca scope=subtree filter=(&(objectClass=posixAccount)(uid=testuser)) fields=homeDirectory,uidNumber,gidNumber Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap(testuser,192.168.123.39,<VgBmvMNcQoTAqHsn>): result: homeDirectory=/nfs/home/test-user uidNumber=6000 gidNumber=1000; homeDirectory,uidNumber,gidNumber unused Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: ldap(testuser,192.168.123.39,<VgBmvMNcQoTAqHsn>): result: homeDirectory=/nfs/home/test-user uidNumber=6000 gidNumber=1000 Oct 30 07:37:12 mail2 dovecot[10722]: auth: Debug: master userdb out: USER 2784755713 testuser home=/nfs/home/test-user uid=6000 gid=1000 auth_token=29e6ac32c85cf1b69eeabbe8e4f8e4810e9a3468 auth_user=testuser@userful.com Oct 30 07:37:12 mail2 dovecot[10722]: imap-login: Login: user=<testuser>, method=PLAIN, rip=192.168.123.39, lip=192.168.123.236, mpid=11051, TLS, session=<VgBmvMNcQoTAqHsn>
for doveadm
Oct 30 07:39:12 mail2 dovecot[10722]: auth: Debug: master in: USER 1 testuser@userful.com service=doveadm Oct 30 07:39:12 mail2 dovecot[10722]: auth: Debug: ldap(testuser@userful.com): user search: base=ou=People,dc=userful,dc=ca scope=subtree filter=(&(objectClass=posixAccount)(uid=testuser)) fields=homeDirectory,uidNumber,gidNumber Oct 30 07:39:12 mail2 dovecot[10722]: auth: Debug: ldap(testuser@userful.com): result: homeDirectory=/nfs/home/test-user uidNumber=6000 gidNumber=1000; homeDirectory,uidNumber,gidNumber unused Oct 30 07:39:12 mail2 dovecot[10722]: auth: Debug: ldap(testuser@userful.com): result: homeDirectory=/nfs/home/test-user uidNumber=6000 gidNumber=1000 Oct 30 07:39:12 mail2 dovecot[10722]: auth: Debug: userdb out: USER 1 testuser@userful.com home=/nfs/home/test-user uid=6000 gid=1000
Any ideas and any settings files that I need to post.
-- William Merkens IT Support Analyst Userful Corporation +1 403.289.2177 ext.289 +1 866 USERFUL (1-866-873-7385) Suite 300, 736 8th Ave. SW Calgary AB T2P 1H4
Managed Desktops Done Right. http://www.userful.com