On Tue, 06 Mar 2007 16:55:25 +0200 Timo Sirainen tss@iki.fi wrote:
On Thu, 2007-03-01 at 22:02 +0100, Alexej Davidov wrote:
Hola!
Dovecot should serve virtual mail users. So I've set user_global_uid and user_global_gid in dovecot_ldap.conf to vmail/vmail. Also I've commented auth the user_attrs field. Still Dovecot tries to switch to the uid that is defined in the LDAP entry.
It took me some time to figure out, that the only way to prevent this is to set user_attrs = foo=uid,bar=gid or something like this, so Dovecot doesn't have a chance to find the uid/gid. Still it will perform some LDAP lookups.
In my oppinion, Dovecot shouldn't try to get the uid/gid from LDAP if the user_attrs field is undefined.
Commenting out user_attrs is the same as setting it to the default value. Setting "user_attrs =" should have worked. However if you don't want userdb LDAP lookup at all, use userdb static instead.
I want to use ldap for authorization. The entries just happen to contain a uid field, which should not be used for file access, though.
Setting "user_attrs =" did not work. Dovecot still looked up the uid from ldap. I always got: Mar 1 21:31:54 myhost dovecot: imap-login: Login: user=foo@bar.net, method=PLAIN, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, TLS Mar 1 21:31:54 myhost dovecot: IMAP(foo@bar.net): stat(/var/vmail/foo/cur) failed: Permission denied
I tried again with "user_attrs =" and strange enough the error is now different: Mar 6 19:11:52 myhost dovecot: imap-login: Internal login failure: user=foo@bar.net, method=PLAIN, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, TLS Mar 6 19:11:52 myhost dovecot: child 9966 (auth) killed with signal 11
After setting user_attrs back to "foo=uid,bar=gid" everything works again.
A.