[Dovecot] Password and special caracter
Problem : I have a problem with special character in the password. Character like ! * é are deleted
My configuration :
- a smtp server with Postfix 2.6 and Dovcot 1.1.11.
- a windows 2003 server with active directory for accounts and boxes
I use SMTP / SASL on my postfix 2.6 to authenticate my remote laptop users (allow legitimate users to relay mail).
To do that, I use SASL Dovecot fonctionnality and ldap request to verify login/password who are declared on a server in Windows 2003 (Active Directory).
It works fine with simple password but not with complex password. I have a problem with special character in the password. Character like ! * é are deleted before comparaison.
Any idea ?
Regards
Sounds more like SASL than Dovecot.
I had my Dovecot authenticate against DB in UTF8 encoding, and it can
handle Chinese character for password.
Can your smtp authentication allows special character?
Best, Joseph
On 1-Oct-09, at 10:40 AM, Gilles Albusac wrote:
Problem : I have a problem with special character in the password.
Character like ! * é are deletedMy configuration :
- a smtp server with Postfix 2.6 and Dovcot 1.1.11.
- a windows 2003 server with active directory for accounts and boxes
I use SMTP / SASL on my postfix 2.6 to authenticate my remote
laptop users (allow legitimate users to relay mail).To do that, I use SASL Dovecot fonctionnality and ldap request to
verify login/password who are declared on a server in Windows 2003
(Active Directory).It works fine with simple password but not with complex password. I
have a problem with special character in the password. Character
like ! * é are deleted before comparaison.Any idea ?
Regards
Doubtful it's an smtp issue, as all authenication over smtp uses base64 I'll see if I can cause the issue in my setup though.
Quoting Joseph Yee <jyee@ca.afilias.info>:
Sounds more like SASL than Dovecot.
I had my Dovecot authenticate against DB in UTF8 encoding, and it
can handle Chinese character for password.Can your smtp authentication allows special character?
Best, Joseph
On 1-Oct-09, at 10:40 AM, Gilles Albusac wrote:
Problem : I have a problem with special character in the password.
Character like ! * é are deletedMy configuration :
- a smtp server with Postfix 2.6 and Dovcot 1.1.11.
- a windows 2003 server with active directory for accounts and boxes
I use SMTP / SASL on my postfix 2.6 to authenticate my remote
laptop users (allow legitimate users to relay mail).To do that, I use SASL Dovecot fonctionnality and ldap request to
verify login/password who are declared on a server in Windows 2003
(Active Directory).It works fine with simple password but not with complex password. I
have a problem with special character in the password. Character
like ! * é are deleted before comparaison.Any idea ?
Regards
On Thu, 2009-10-01 at 16:40 +0200, Gilles Albusac wrote:
It works fine with simple password but not with complex password. I have a problem with special character in the password. Character like ! * é are deleted before comparaison.
My guess is that it's related to LDAP. Are you using auth_bind=yes?
Seems to all be working for me.
I tested using the password: test!@#$%^&*é
My first test was using postfix -> dovecot -> mysql
This was to verify if sending email via postfix would make it to
dovecot and though dovecot without getting messed up. Test passed.
My next test was to setup dovecot to authenicate against win2003
active directory.
This was just to test that from dovecot -> ad would work without
issues. This test also passed.
My LDAP config for dovecot: hosts = ip_of_ad_server auth_bind = yes auth_bind_userdn = DOMAIN\%u ldap_version = 3 base = dc=domain, dc=com
Quoting Timo Sirainen <tss@iki.fi>:
On Thu, 2009-10-01 at 16:40 +0200, Gilles Albusac wrote:
It works fine with simple password but not with complex password. I
have a problem with special character in the password. Character
like ! * é are deleted before comparaison.My guess is that it's related to LDAP. Are you using auth_bind=yes?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 1 Oct 2009, Patrick Domack wrote:
I tested using the password: test!@#$%^&*é
This password works for me in Dovecot v1.2.0 with OpenLDAP backend and auth_bind=yes.
Can you sniff the connection to the AD, if the password is sent to the LDAP server and if it is encoded in UTF-8?
Bye,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBSsWwPXWSIuGy1ktrAQKBdQgAjS7oCZYSAmwvzZ++SEebGeivs1LiJIHB N8bjZuu3JB2l/+ZSjXKGxcaP3Jakkupi/NhG5a1Rwpzb0r2zxKViZeUjU9iy3PxE PZLE18hlUmIQ7YO3cTtg25ReMOvNLWzTtooXI7h3cvkJZ46vY200iUgLQ6Zh514i LnbObwJYHUIkGlHOufxqF6PRYJ8/ZDF/q5jxuqiRL4IzvKaqG3PqWCNTG7cm8nRm v1aqCUxZsJ7Q0R4/q/EAe6pYYHKN/liS/nnrrOXHK5CoeDs+2ijkY7PdlzqYQ15Y tb7sJb4THqESnQ9/2zJTUO+JvRabfWYho7GbxShNWLjp7tSNm08Zsw== =PxqG -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 1 Oct 2009, Patrick Domack wrote:
I tested using the password: test!@#$%^&*é
Can you use ldapsearch from the mail server successfully, e.g.:
ldapsearch -x -D DOMAIN\\user -W objectclass=\* dn
??
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBSsWwq3WSIuGy1ktrAQJMKwf/eTomEun/f5kD/HMBZLNCNzRzzOmziFW6 Y7ut11Tf5mkNWqK+D6q0kwW7YaIJp4xvr6vJPrumxVPF9Czbsgpcp8FRyx0h7afJ GC9IECrTAfrCRwNIAXX7+usnCLQszWMwFpRWDHJg0JXmce+gmNCT3oD9IyBhM+xT n3JV62r3YfR066B/AiQTYOX5fBhVUI2OR2cKr2CGJBv8D/5AMHH0mFe7M/9KIu2l o6l1Qjf8FT9rZLnOQv2+VDyLt8RyngJtUlfNt1tGN7f6i6i9Opx0cFG8uYUJzbFu 2Yo1xNQXjr1M9Omi9cDbAfuWB9RtGDALjf/ngUCo4vp66Cl6q3sLRg== =WD3i -----END PGP SIGNATURE-----
participants (5)
-
Gilles Albusac
-
Joseph Yee
-
Patrick Domack
-
Steffen Kaiser
-
Timo Sirainen