[Dovecot] dovecot: auth(default): ldap(...): Authenticated user not found
Hi, I'm trying to set up dovecot together with postfix and experience some problems. Here's in details what I have and what I want to get. I have a ldap server on localhost, a working setup of dovecot to serve sasl, imap using ldap, a working setup of Postfix for (s)smtp (I can authenticate which uses dovecot's sasl). What i wan't to get is a completely working email server for ldap users with their email forwardings (so far they have only 1 forwarding). The porblem I stuck on is the following: when sending mail through (s)smtp, after passing authentication, I get my email dropped. And I see this in logs: http://ciorne.softwareliber.ro/index.php/view/raw/aaf3eb42 ***Authenticated user not found!!!*** My dovecot conf is this: http://ciorne.softwareliber.ro/index.php/view/raw/f8696531 And my dovecot-ldap is this: http://ciorne.softwareliber.ro/index.php/view/raw/698dc851 (I'm using prefetch) Can somebody point me where's my problem. *Any* advices are welcomed!!! Thank you in advance. P.S.: Environment is a vanilla installation of Ubuntu 8.04.02 with latest updates. -- () Campania Panglicii în ASCII /\ http://stas.nerd.ro/ascii/
On Sun, 29 Mar 2009, Stas SUSHKOV wrote:
I'm trying to set up dovecot together with postfix and experience some problems.
Here's in details what I have and what I want to get. I have a ldap server on localhost, a working setup of dovecot to serve sasl, imap using ldap, a working setup of Postfix for (s)smtp (I can authenticate which uses dovecot's sasl).
What i wan't to get is a completely working email server for ldap users with their email forwardings (so far they have only 1 forwarding).
The porblem I stuck on is the following: when sending mail through (s)smtp, after passing authentication, I get my email dropped. And I see this in logs: http://ciorne.softwareliber.ro/index.php/view/raw/aaf3eb42
***Authenticated user not found!!!***
In your log, notice the 'user' in a successful IMAP login:
dovecot: imap-login: Login: user=<c00l2sv>, method=PLAIN, rip=193.226.6.226, lip=193.226.5.152, TLS
Later, when you pipe the mail to dovecot for delivery:
dovecot: auth(default): ldap(c00l2sv@student.utcluj.ro): Authenticated user not found
You need to modify the arguments in your call to deliver in Postfix's master.cf. The master socket should be looking for 'c00l2sv' instead of 'c00l2sv@student.utcluj.ro'. See: http://www.postfix.org/pipe.8.html (under "argv=command") http://wiki.dovecot.org/LDA (under "Parameters") -- Sahil Tandon <sahil@tandon.net>
On Sun, 2009-03-29 at 11:39 -0400, Sahil Tandon wrote:
On Sun, 29 Mar 2009, Stas SUSHKOV wrote:
***Authenticated user not found!!!***
In your log, notice the 'user' in a successful IMAP login:
dovecot: imap-login: Login: user=<c00l2sv>, method=PLAIN, rip=193.226.6.226, lip=193.226.5.152, TLS
Later, when you pipe the mail to dovecot for delivery:
dovecot: auth(default): ldap(c00l2sv@student.utcluj.ro): Authenticated user not found
You need to modify the arguments in your call to deliver in Postfix's master.cf. The master socket should be looking for 'c00l2sv' instead of 'c00l2sv@student.utcluj.ro'. See: http://www.postfix.org/pipe.8.html (under "argv=command") http://wiki.dovecot.org/LDA (under "Parameters")
I got it now. That makes sense. So I followed the wiki: http://wiki.dovecot.org/LDA#Without_a_lookup and simply cut the "-d {recipient}" from the pipe. --- # delivery through dovecot dovecot unix - n n - - pipe flags=DRhu user=mail:mail argv=/usr/lib/dovecot/deliver -f ${sender} --- Now It accepts emails and it says that those are delivered, but I can't see those in my Maildir. Here's the log: http://ciorne.softwareliber.ro/index.php/view/raw/c9da1833 May I ask now, do I have to connect my ldap users through NSS (libnss-ldap) in order to make dovecot believe those are local users?
-- () Campania Panglicii în ASCII /\ http://stas.nerd.ro/ascii/
On Sun, 29 Mar 2009, Stas SUSHKOV wrote:
On Sun, 2009-03-29 at 11:39 -0400, Sahil Tandon wrote:
On Sun, 29 Mar 2009, Stas SUSHKOV wrote:
***Authenticated user not found!!!***
In your log, notice the 'user' in a successful IMAP login:
dovecot: imap-login: Login: user=<c00l2sv>, method=PLAIN, rip=193.226.6.226, lip=193.226.5.152, TLS
Later, when you pipe the mail to dovecot for delivery:
dovecot: auth(default): ldap(c00l2sv@student.utcluj.ro): Authenticated user not found
You need to modify the arguments in your call to deliver in Postfix's master.cf. The master socket should be looking for 'c00l2sv' instead of 'c00l2sv@student.utcluj.ro'. See: http://www.postfix.org/pipe.8.html (under "argv=command") http://wiki.dovecot.org/LDA (under "Parameters")
I got it now. That makes sense. So I followed the wiki: http://wiki.dovecot.org/LDA#Without_a_lookup
and simply cut the "-d {recipient}" from the pipe.
In your setup, I do not see where the user's home directory is looked up before the mail is passed off to deliver, so you probably should not do this.
--- # delivery through dovecot dovecot unix - n n - - pipe flags=DRhu user=mail:mail argv=/usr/lib/dovecot/deliver -f ${sender} ---
Instead, try appending -d ${user} to the above set of arguments. -- Sahil Tandon <sahil@tandon.net>
On Sun, 2009-03-29 at 14:20 -0400, Sahil Tandon wrote:
On Sun, 29 Mar 2009, Stas SUSHKOV wrote:
I got it now. That makes sense. So I followed the wiki: http://wiki.dovecot.org/LDA#Without_a_lookup
and simply cut the "-d {recipient}" from the pipe.
In your setup, I do not see where the user's home directory is looked up before the mail is passed off to deliver, so you probably should not do this.
# delivery through dovecot dovecot unix - n n - - pipe flags=DRhu user=mail:mail argv=/usr/lib/dovecot/deliver -f ${sender}
Instead, try appending -d ${user} to the above set of arguments.
I tried several arguments like ${user}, ${sasl_user} and etc, but all I could get it:
Mar 29 21:25:54 student postfix/pipe[4285]: 82D52F53A0: to=<c00l2sv@student.utcluj.ro>, relay=dovecot, delay=0.18, delays=0.09/0/0/0.09, dsn=4.3.0, status=deferred (temporary failure)
I believe I have to set up libnss-ldap (https://help.ubuntu.com/community/LDAPClientAuthentication) in order to get the users on the server. I can't find any other solutions :(
-- () Campania Panglicii în ASCII /\ http://stas.nerd.ro/ascii/
On Sun, 2009-03-29 at 14:20 -0400, Sahil Tandon wrote:
On Sun, 29 Mar 2009, Stas SUSHKOV wrote:
Instead, try appending -d ${user} to the above set of arguments.
Solved. I started to log the dovecot lda protocol (after adding ${user}), and found this:
deliver(c00l2sv): 2009-03-29 21:58:17 Fatal: setgid(2000) failed with euid=8, gid=8, egid=8: Operation not permitted
That was the key to solution. The next step was to read this: http://wiki.dovecot.org/LDA#Multiple_UIDs
:)
Thank you Sahil for assistance. I'll add a wiki page describing this setup, cause I didn't find anything like this yet.
Cheers.
-- () Campania Panglicii în ASCII /\ http://stas.nerd.ro/ascii/
participants (2)
-
Sahil Tandon
-
Stas SUSHKOV