On Sun, 2010-11-14 at 21:31 +0900, marie ot wrote:
I am using dovecot-2.0.6 with NetBSD amd64. .. hosts = xxx.xxx.xxx.xxx:389 dn = cn=Mail Administrator, cn=Users, dc=example, dc=com dnpass = *********
dn is set, so Dovecot does a bind before doing anything else.
Both dovecot and postfix the first "bindRequest" was quite the same demand and the results.
Next, dovecot demanded query of "userPrincipalName" and "unixUserPassword". It seems to be ok for the result. # This fails if it doesn't add to "Account Operators" group.
Looks right.
However, "name" and "simple" were issued by the blank (anonymously?)
What do you mean by "name" and "simple"?
as for the following next demand (bindRequest).
Since you have auth_bind=no, there should be only a single bind request at the beginning of LDAP connection, nothing afterwards.
In addition, query of "userPrincipalName" and "unixUserPassword" is issued to "cn=Configuration, dc=example, dc=com" afterwards.
Where's that Configuration coming from? It's not in your config file, so I don't see why Dovecot would go querying it. Unless perhaps it's OpenLDAP library that goes doing this stuff internally.
errorMessage: 000004DC: LdapErr: DSID-0C0906DC, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db0
I don't see how this could happen, except if the previous LDAP reply contains some kind of a reference elsewhere and OpenLDAP automatically goes connecting there.