Re: [Dovecot] LDAP authentication

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

On Fri, 19 Apr 2013, val john wrote:

uris = ldap://ldap.example.com:389 dn = cn=admin,dc=example,dc=com dnpass = abc tls = no ldap_version = 3 base = ou=users,dc=example,dc=com scope = subtree user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

# Entry 1: uid=userone,ou=users,dc=example,dc=com dn: uid=userone,ou=users,dc=example,dc=com cn: Firtname Lastname displayname: Firtname Lastname givenname: Firstname mail: userone@example.com objectclass: inetOrgPerson objectclass: top sn: Lastname uid: userone userpassword: {SHA}0P/ssspVCIZx8+tVsss=

No uidNumber nor gidNumber nor homeDirectory here.

but authentication fails with the follwing error , Please Advice

Apr 19 08:18:50 localhost dovecot: auth(default): ldap(userone,127.0.0.1): result: uid(user)=userone userPassword(password)=<hidden> Apr 19 08:18:50 localhost dovecot: auth(default): client out: OK#0111#011user=userone

LDAP authentification succeeds.

Apr 19 08:18:50 localhost dovecot: auth(default): ldap(userone,127.0.0.1): user search: base=ou=users,dc=example,dc=com scope=subtree filter=(uid=userone) fields=homeDirectory,uidNumber,gidNumber

Now requesting the LDAP attributes you've specified, ...

Apr 19 08:18:51 localhost dovecot: auth(default): ldap(userone,127.0.0.1): no fields returned by the server

..., but none there.

Apr 19 08:18:51 localhost dovecot: auth(default): master out: USER#0111#011userone Apr 19 08:18:51 localhost dovecot: dovecot: User userone is missing UID (see mail_uid setting)

Dovecot does not know, which uid to use. Either assign global mail_uid and mail_gid or add mailUid and mailGid attributes to your LDAP items.

Next problem will be the missing homeDirectory ... .

Apr 19 08:18:51 localhost dovecot: imap-login: Internal login failure (auth failed, 1 attempts): user=<userone>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured

Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBUXFYdV3r2wJMiz2NAQJmrwf/U5six5ut3Z+QwfFvm+mSgyXz44nhWnsB EozjS2ULT4MtOUWZacDLooQf6FYh+7gOUwpCOqeBHfOcQvW5p5gTflJU4S+WdDgL Vuq9IeUcbcaHOOTrEuuenOMuI0nZLB1pv9Rz7KjeRfgAr9H/v4GmirYj9+cuHrWs jSWjwN+lOj1FmOp7U1F3UAZoibQOTi9JdgUm7MgEOB6v5QobG+oxpiA7Xkl/MXAY Ip3BOo7qWsuwXVuSnI/9bH7jDk4yK0jitHulsYY5+yl2ePvF86hOLxv60oliyVkI qkIRd1W8aWLnz9lPTdiL2N5eKOXWpHi0gZYyrVe8vYxVYxrdpgSMmQ== =t29J -----END PGP SIGNATURE-----