Hi,
I'm trying to setup a new mail server where postfix 2.3-20060405 would use Dovecot's SASL and users located in LDAP.
It's with dovecot-1.0-beta5.
On the postfix side, I followed the SASL_README and have the following in main.cf:
smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes
On the dovecot side I have the following related to auth:
auth_verbose = yes auth_debug = yes auth_debug_passwords = yes
auth default { mechanisms = plain digest-md5 cram-md5 # LDAP database passdb ldap { # Path for LDAP configuration file, see /etc/dovecot/dovecot-ldap.conf for # example args = /etc/dovecot/dovecot-ldap.conf }
# LDAP database userdb ldap { # Path for LDAP configuration file, see /etc/dovecot/dovecot-ldap.conf for # example args = /etc/dovecot/dovecot-ldap.conf }
userdb prefetch { } user = root
## ## dovecot-lda & postfix SASL specific settings ## socket listen { master { path = /var/run/dovecot-auth-master mode = 0666 } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } }
pop or imap authentification with LDAP works fine:
Apr 11 17:43:08 localhost dovecot: auth(default): client in: AUTH^I1^IPLAIN^Iservice=IMAP^Isecured^Ilip=127.0.0.1^Irip=127.0.0.1^Iresp=AGJyaWNlAHRvdG8= Apr 11 17:43:08 localhost dovecot: auth(default): ldap(raymond,127.0.0.1): base=ou=people, dc=daysofwonder, dc=com scope=subtree filter=(&(objectClass=CourierMailAccount)(uid=raymond)) fields=uid,userPassword,homeDirectory,uidNumber,gidNumber,mailbox Apr 11 17:43:08 localhost dovecot: auth(default): ldap(raymond,127.0.0.1): uid(user)=raymond userPassword(password)={PLAIN}toto homeDirectory(userdb_home)=/home/raymond uidNumber(userdb_uid)=1000 gidNumber(userdb_gid)=1000 mailbox(userdb_mail)=/home/raymond/Maildir Apr 11 17:43:08 localhost dovecot: auth(default): client out: OK^I1^Iuser=raymond^I Apr 11 17:43:08 localhost dovecot: auth(default): master in: REQUEST^I1^I15439^I1 Apr 11 17:43:08 localhost dovecot: auth(default): ldap(raymond,127.0.0.1): base=ou=people, dc=daysofwonder, dc=com scope=subtree filter=(&(objectClass=CourierMailAccount)(uid=raymond)) fields=homeDirectory,uidNumber,gidNumber,uid,mailbox Apr 11 17:43:08 localhost dovecot: auth(default): master out: USER^I1^Iraymond^Isystem_user=raymond^Ihome=/home/raymond^Iuid=1000^Igid=1000^Imail=/home/raymond/Maildir Apr 11 17:43:08 localhost dovecot: imap-login: Login: user=<raymond>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
postfix SASL doesn't work, but more important don't print any debug messages, nor try to contact the LDAP server at all:
Apr 11 18:00:59 localhost postfix/smtpd[15637]: connect from localhost.localdomain[127.0.0.1] Apr 11 18:01:13 localhost dovecot: auth(default): client in: AUTH^I3^Iplain^Iservice=smtp^Iresp=YnJpY2UAYnJpY2UAdG90bw== Apr 11 18:01:14 localhost dovecot: auth(default): client out: FAIL^I3^Iuser=raymond Apr 11 18:01:14 localhost postfix/smtpd[15637]: warning: localhost.localdomain[127.0.0.1]: SASL plain authentication failed:
I tried several variations of the config, like without userdb prefetch, moving postfix socket config block in another auth block... Nothing worked.
Since the samples are mentioning only pam as userdb and passdb source, maybe it can't work with LDAP ?
Any idea on how to solve this issue ?
Thanks, Regards,
Brice Figureau