Hi List!
Been struggling with AD LDAP auth, ldapsearch shows everything fine, but when I try to telnet, the log shows unknown attributes.
Dovecot 2.0.19
dovecot -n:
# 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.5.0-23-generic x86_64 Ubuntu 12.04.5 LTS ext4 auth_debug = yes auth_mechanisms = plain login auth_username_format = %n auth_verbose = yes disable_plaintext_auth = no listen = * mail_location = maildir:/var/mail/%u%d/Maildir namespace inbox { inbox = yes location = prefix = } passdb { args = /etc/dovecot/dovecot-ldap-passdb.conf driver = ldap } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_global_dir = /var/lib/dovecot/sieve/ } protocols = " imap lmtp pop3" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } user = vmail } ssl = no ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { args = /etc/dovecot/dovecot-ldap-userdb.conf driver = ldap } protocol lmtp { mail_plugins = " sieve" postmaster_address = postmaster@domain.hu }
Contents of passdb.conf:
hosts = 1.2.3.4 auth_bind = yes auth_bind_userdn = DOMAIN\%u ldap_version = 3 base = dc=domain,dc=in scope = subtree deref = never pass_filter = (&(objectClass=person)(sAMAccountName=%u)(mail=*))
Contents of userdb.conf:
hosts = 1.2.3.4 dn = DOMAIN\user dnpass = xxx ldap_version = 3 base = dc=domain,dc=in user_attrs = =uid=108,=gid=115,=home=/var/mail/%Lu,=mail=maildir:/var/mail/%Lu/Maildir/ user_filter = (&(objectClass=person)(sAMAccountName=%u)(mail=*))
# Attributes and filter to get a list of all users iterate_attrs = sAMAccountName=user iterate_filter = (objectClass=person)
And the log after a test login:
Apr 15 18:10:52 ubuntutest2 dovecot: auth: Debug: ldap(user,127.0.0.1): user search: base=dc=domain,dc=in scope=subtree filter=(&(objectClass=person)(sAMAccountName=user)(mail=*)) fields=
Apr 15 18:10:52 ubuntutest2 dovecot: auth: Debug: ldap(user,127.0.0.1): result: objectClass(?unknown?)= cn(?unknown?)= instanceType(?unknown?)= whenCreated(?unknown?)= uSNCreated(?unknown?)= name(?unknown?)= objectGUID(?unknown?)= badPwdCount(?unknown?)= codePage(?unknown?)= countryCode(?unknown?)= badPasswordTime(?unknown?)= lastLogoff(?unknown?)= lastLogon(?unknown?)= primaryGroupID(?unknown?)= objectSid(?unknown?)= accountExpires(?unknown?)= logonCount(?unknown?)= sAMAccountName(?unknown?)= sAMAccountType(?unknown?)= userPrincipalName(?unknown?)= objectCategory(?unknown?)= givenName(?unknown?)= initials(?unknown?)= sn(?unknown?)= displayName(?unknown?)= description(?unknown?)= physicalDeliveryOfficeName(?unknown?)= userAccountControl(?unknown?)= msDS-SupportedEncryptionTypes(?unknown?)= pwdLastSet(?unknown?)= homeDrive(?unknown?)= homeDirectory(?unknown?)= memberOf(?unknown?)= mail(?unknown?)= whenChanged(?unknown?)= uSNChanged(?unknown?)= distinguishedName(?unknown?)=
Any idea?
Thanks for advance!
Victorpictor