I'm trying to setup a system with ldap+postfix+dovecot. Everyone who gets an email is stored in LDAP, some of these users also have a local unix account, regardless I want all users to be dealt with as virtual users.

All the mail is stored by postfix in /var/spool/mail in Maildir format with permissions 600 vmail:vmail. Everything works fine when dovecot tries to read the mail of a completely virtual user, the problem is when dovecot tries to read mail for a user who has an account on the machine, dovecot finds the user's local account, then it tries to read the mail as that user. Even if first_valid_{u,g}id is low enough to allow login the user still doesn't have sufficient permissions to read the mail.

I can't figure out why this is happening and was hoping someone could help me out.

thanks, Aaron

/etc/dovecot-ldap.conf:

hosts = server.example.com base = dc=example,dc=com dn = cn=Directory Manager dnpass = password uris = ldap://127.0.0.1 user_attrs = mail user_filter = uid=%u user_global_uid = 5001 user_global_gid = 5001 pass_filter = uid=%u

/etc/dovecot.conf:

mail_location = maildir:/var/spool/mail/%u/ protocols = imap pop3 mail_log_prefix = "%Us(%u):%i:%h " first_valid_uid = 5001 first_valid_gid = 5001 protocol imap { } protocol pop3 { } protocol lda { postmaster_address = postmaster@example.com } auth_verbose = yes auth_debug = yes auth default { mechanisms = plain passdb pam { } userdb passwd { } userdb ldap { args = /etc/dovecot-ldap.conf } passdb ldap { args = /etc/dovecot-ldap.conf } user = root } dict { } plugin { }