[Dovecot] Problem with LDAP and Dovecot
I am trying to set up Dovecot so that it uses LDAP, but I keep getting
this error message in /var/log/syslog:
Dec 12 03:38:17 mydomain dovecot-auth: LDAP: ldap_search() failed (filter user_filter = (mail=user@mydomain.tld)): Bad search filter
Relevant configuration files: /etc/dovecot-ldap.conf: hosts = localhost dn = cn=dovecot,ou=sysAccounts,dc=mydomain,dc=tld dnpass = password ldap_version = 3 base = ou=mailAccounts,dc=mydomain,dc=tld deref = never scope = subtree user_attrs = mail,,,,, user_filter = (mail=%u) pass_attrs = mail,userPassword pass_filter = user_filter = (mail=%u) default_pass_scheme = CRYPT user_global_uid = 5000 user_global_gid = 5000
/etc/dovecot.conf: protocols = imap imaps pop3s imap_listen = 127.0.0.1 imaps_listen = * pop3s_listen = * ssl_cert_file = /etc/ssl/mydomain.tld/Cert.pem ssl_key_file = /etc/ssl/mydomain.tld/PrivateKey.pem disable_plaintext_auth = yes login = imap login_user = dovecot login = pop3 verbose_proctitle = yes first_valid_uid = 5000 last_valid_uid = 5000 first_valid_gid = 5000 last_valid_gid = 5000 mail_extra_groups = mail valid_chroot_dirs = /var/mail/virtualmail default_mail_env = maildir:/var/mail/virtualmail/%n/Maildir auth = default auth_mechanisms = plain auth_userdb = ldap /etc/dovecot-ldap.conf auth_passdb = ldap /etc/dovecot-ldap.conf auth_user = dovecot auth_verbose = yes auth_debug = no
In /etc/ldap/slapd.conf: access to attribute=userPassword by dn="cn=admin,dc=mydomain,dc=tld" write by dn="cn=dovecot,ou=sysAccounts,dc=mydomain,dc=tld" read by anonymous auth by self write by * none
Output of 'slapcat | grep dovecot': dn: cn=dovecot,ou=sysAccounts,dc=mydomain,dc=tld cn: dovecot sn: dovecot
I've even tried changing the dn to admin, but I still get the same error.
What am I doing wrong? :Peter
On Sun, 2004-12-12 at 14:56, Peter Clark wrote:
I am trying to set up Dovecot so that it uses LDAP, but I keep getting
this error message in /var/log/syslog:
Dec 12 03:38:17 mydomain dovecot-auth: LDAP: ldap_search() failed (filter user_filter = (mail=user@mydomain.tld)): Bad search filter
Relevant configuration files: /etc/dovecot-ldap.conf: hosts = localhost dn = cn=dovecot,ou=sysAccounts,dc=mydomain,dc=tld dnpass = password ldap_version = 3 base = ou=mailAccounts,dc=mydomain,dc=tld deref = never scope = subtree user_attrs = mail,,,,, user_filter = (mail=%u) pass_attrs = mail,userPassword pass_filter = user_filter = (mail=%u)
I don't think your pass_filter is correct. Mine (for example) is:
pass_filter = (&(objectClass=posixAccount)(mail=%u))
-- Karl Latiss <karl@designit.com.au> designIT
On Sunday 12 December 2004 14:18, Karl Latiss wrote:
I don't think your pass_filter is correct. Mine (for example) is:
pass_filter = (&(objectClass=posixAccount)(mail=%u))
As far as I understand, this shouldn't make a difference, since it only
adds a boolean AND to the search string. All the same I tried it, and got the same result as before. :Peter
I think you are wrong with the "pass_filter" parameter in your dovecot-ldap.conf Try to change the line "pass_filter = user_filter = (mail=%u)" with "pass_filter = (mail=%u)" Best regards.
Ing. PAOLO BASENGHI :::: Systems & Networking Engineer p.basenghi@netribe.it ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ NETRIBE srl :: Collaborative E-Business 42100 :: Reggio Emilia :: Italy :: Via della Costituzione, 27/4 ph. +39 0522 232378 :: fax +39 0522 232386 :: http://www.netribe.it ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Peter Clark ha scritto:
I am trying to set up Dovecot so that it uses LDAP, but I keep getting this error message in /var/log/syslog:
Dec 12 03:38:17 mydomain dovecot-auth: LDAP: ldap_search() failed (filter user_filter = (mail=user@mydomain.tld)): Bad search filter
Relevant configuration files: /etc/dovecot-ldap.conf: hosts = localhost dn = cn=dovecot,ou=sysAccounts,dc=mydomain,dc=tld dnpass = password ldap_version = 3 base = ou=mailAccounts,dc=mydomain,dc=tld deref = never scope = subtree user_attrs = mail,,,,, user_filter = (mail=%u) pass_attrs = mail,userPassword pass_filter = user_filter = (mail=%u) default_pass_scheme = CRYPT user_global_uid = 5000 user_global_gid = 5000
/etc/dovecot.conf: protocols = imap imaps pop3s imap_listen = 127.0.0.1 imaps_listen = * pop3s_listen = * ssl_cert_file = /etc/ssl/mydomain.tld/Cert.pem ssl_key_file = /etc/ssl/mydomain.tld/PrivateKey.pem disable_plaintext_auth = yes login = imap login_user = dovecot login = pop3 verbose_proctitle = yes first_valid_uid = 5000 last_valid_uid = 5000 first_valid_gid = 5000 last_valid_gid = 5000 mail_extra_groups = mail valid_chroot_dirs = /var/mail/virtualmail default_mail_env = maildir:/var/mail/virtualmail/%n/Maildir auth = default auth_mechanisms = plain auth_userdb = ldap /etc/dovecot-ldap.conf auth_passdb = ldap /etc/dovecot-ldap.conf auth_user = dovecot auth_verbose = yes auth_debug = no
In /etc/ldap/slapd.conf: access to attribute=userPassword by dn="cn=admin,dc=mydomain,dc=tld" write by dn="cn=dovecot,ou=sysAccounts,dc=mydomain,dc=tld" read by anonymous auth by self write by * none
Output of 'slapcat | grep dovecot': dn: cn=dovecot,ou=sysAccounts,dc=mydomain,dc=tld cn: dovecot sn: dovecot
I've even tried changing the dn to admin, but I still get the same error. What am I doing wrong? :Peter
participants (3)
-
Karl Latiss
-
Paolo Basenghi
-
Peter Clark