Greetings to all
I need a masteruser/proxy account for some applications to be implemented and i am having some problems. Normal users are proxyied through ldap queries to the remote machine and this is working like it sopose to, but i can't make the master user to work. Below are both the dovecot.conf and dovecot-ldap.conf and verbose logs on the proxy machine.
If i log directly on the remote machine that should be proxied everything is working normal ...
### dovecot.conf
protocols = pop3 imap managesieve
mail_uid = 10021 mail_gid = 10021 mail_privileged_group = vmail mail_access_groups = vmail
log_path = info_log_path = log_timestamp = "%b %d %H:%M:%S " login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c login_log_format = %$: %s mail_log_prefix = "%Us(%u): "
disable_plaintext_auth = no login_process_per_connection=yes auth_default_realm = example.com login_processes_count = 8 login_max_processes_count = 128 login_max_connections = 256 verbose_proctitle = yes max_mail_processes = 512
mail_debug = yes auth_verbose = yes auth_debug = yes auth_debug_passwords = yes
auth_master_user_separator = * login_chroot = yes
ssl = no protocol imap { imap_client_workarounds = delay-newmail outlook-idle netscape-eoh tb-extra-mailbox-sep listen = xx.xx.xx.xx:143 imap_max_line_length = 65536 imap_logout_format = bytes=%i/%o mail_max_userip_connections = 10 }
protocol pop3 { pop3_uidl_format = %08Xu%08Xv pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_enable_last = yes pop3_uidl_format = %08Xu%08Xv listen = xx.xx.xx.xx:110 mail_max_userip_connections = 10 }
protocol managesieve { listen = xx.xx.xx.xx:2000 login_executable = /usr/local/dovecot/libexec/dovecot/managesieve-login mail_executable = /usr/local/dovecot/libexec/dovecot/managesieve managesieve_max_line_length = 65536 managesieve_implementation_string = dovecot managesieve_logout_format = bytes ( in=%i : out=%o ) }
auth default { mechanisms = plain login user = vmail
passdb passwd-file { args = /etc/dovecot/passwd.masterusers master = yes pass = yes }
passdb ldap { args = /etc/dovecot/dovecot-ldap.conf }
userdb ldap { args = /etc/dovecot/dovecot-ldap.conf }
socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = vmail group = vmail } client { path = /var/spool/postfix/dovecot-auth mode = 0660 user = postfix group = postfix } } }
### dovecot-ldap.conf
hosts = ldap.example.com ldap_version = 3 auth_bind = yes dn = cn=vmail,dc=example,dc=com dnpass = secret_pass base = ou=Users,domainName=%d,o=domains,dc=example,dc=com scope = subtree deref = never user_filter = (&(mail=%u)(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=%Ls)) user_attrs = storageBaseDirectory=home,mailHost=host,=proxy=yes,=nologin=yes,=nodelay=yes pass_filter = (&(mail=%u)(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=%Ls)) pass_attrs = userPassword=password,mailHost=host,=proxy=yes,=nologin=yes,=nodelay=yes default_pass_scheme = CRYPT
### /var/log/mail/dovecot.info
Nov 30 14:26:59 dougie dovecot: auth(default): new auth connection: pid=5873 Nov 30 14:27:28 dougie dovecot: auth(default): client in: AUTH 1 PLAIN service=pop3 lip=xx.xx.xx.xx rip=192.168.22.222 lport=110 rport=36639 resp=AHRtaWhhbGljZWtAeG5ldC5sYW4qbWlncmF0aW9uQHhuZXQuaHIAbTFncjR0MTBu Nov 30 14:27:28 dougie dovecot: auth(default): passwd-file(migration@example.com,192.168.22.222,master): lookup: user=master_user@example.com file=/etc/dovecot/passwd.masterusers Nov 30 14:27:28 dougie dovecot: auth(default): passdb(master_user@example.com,192.168.22.222,master): Master user logging in as some_user@example.com Nov 30 14:27:28 dougie dovecot: auth(default): ldap(some_user@example.com,192.168.22.222): bind search: base=ou=Users,domainName=example.com,o=domains,dc=example,dc=com filter=(&(mail=some_user@example.com)(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=pop3)) Nov 30 14:27:28 dougie dovecot: auth(default): ldap(some_user@example.com,192.168.22.222): result: mailHost(host)=xx.xx.xx.xx Nov 30 14:27:28 dougie dovecot: auth(default): ldap(some_user@example.com,192.168.22.222): invalid credentials (given password: master_password) Nov 30 14:27:28 dougie dovecot: auth(default): client out: FAIL 1 user=some_user@example.com authz nodelay host=xx.xx.xx.xx proxynologin pass=master_password master=master_user@example.com Nov 30 14:27:28 dougie dovecot: pop3-login: Ignoring unknown passdb extra field: authz
-- View this message in context: http://old.nabble.com/Dovecot-1.2.x-masteruser-proxy-problem-tp26574804p2657... Sent from the Dovecot mailing list archive at Nabble.com.