[Dovecot] How to know if dovecot director is running OK?
I'm using director on dovecot 2.0
At present, I know that two instances are connected, If I stop of one system, then I can watch how to the connections are closed on port 5000. I defined 5000 as director port.
I have one user (user1) connected to kvm1 (192.168.13.100) and kvm2 (192.168.13.101) servers vía telnet
telnet kvm1 143 and then login
telnet kvm2 143 and then login
If try to execute doveadm director status I can watch the two server like that:
[root@kvm1 ~]# doveadm director status mail server ip vhosts users 192.168.13.100 100 0 192.168.13.101 100 0
If I try to find if a server has been asigned to user, but I don't know if it is running correctly
[root@kvm1 ~]# doveadm director status user1 Current: not assigned Hashed: 192.168.13.101 Initial config: 192.168.13.101
[root@kvm2 ~]# doveadm director status user1 Current: not assigned Hashed: 192.168.13.101 Initial config: 192.168.13.101
Is there any way to test if it really running?
On Fri, 2010-11-26 at 14:53 +0100, Antonio Perez-Aranda wrote:
If try to execute doveadm director status I can watch the two server like that:
[root@kvm1 ~]# doveadm director status mail server ip vhosts users 192.168.13.100 100 0 192.168.13.101 100 0
It doesn't look like it's working, since there are zero users. You could set auth_debug=yes and see what it logs when logging in. There should be only something like:
Nov 26 16:06:55 auth: Debug: client out: OK 1 user=tss proxy pass=<hidden> Nov 26 16:07:11 imap-login: Info: proxy(tss): started proxying to 127.0.0.2:143: user=<tss>, method=PLAIN, rip=::1, lip=::1, secured
I already set auth_debug and mail_debug to yes but I can't watch proxy at logs.
¿Is it needed some special data from LDAP?
I import at dovecot.conf the file /etc/dovecot/conf.d/director.conf to get director configuration
At now, I have the follow config (director.conf) in my two kvm's machine (192.168.13.100 192.168.13.101) :
director_servers = 192.168.13.100 192.168.13.101 director_mail_servers = 192.168.13.100-192.168.13.101 director_user_expire = 15 min service director { unix_listener login/director { mode = 0666 } fifo_listener login/proxy-notify { mode = 0666 } unix_listener director-userdb { mode = 0600 } inet_listener { port = 5000 } } service imap-login { executable = imap-login director } service pop3-login { executable = pop3-login director } protocol lmtp { #auth_socket_path = director-userdb }
I don't need lmtp because we use distributed exim
2010/11/26 Timo Sirainen tss@iki.fi:
On Fri, 2010-11-26 at 14:53 +0100, Antonio Perez-Aranda wrote:
If try to execute doveadm director status I can watch the two server like that:
[root@kvm1 ~]# doveadm director status mail server ip vhosts users 192.168.13.100 100 0 192.168.13.101 100 0
It doesn't look like it's working, since there are zero users. You could set auth_debug=yes and see what it logs when logging in. There should be only something like:
Nov 26 16:06:55 auth: Debug: client out: OK 1 user=tss proxy pass=<hidden> Nov 26 16:07:11 imap-login: Info: proxy(tss): started proxying to 127.0.0.2:143: user=<tss>, method=PLAIN, rip=::1, lip=::1, secured
I just find the follow link
http://wiki2.dovecot.org/Director
I will test it with Passdb Configuration.
2010/11/29 Antonio Perez-Aranda aperezaranda@yaco.es:
I already set auth_debug and mail_debug to yes but I can't watch proxy at logs.
¿Is it needed some special data from LDAP?
I import at dovecot.conf the file /etc/dovecot/conf.d/director.conf to get director configuration
At now, I have the follow config (director.conf) in my two kvm's machine (192.168.13.100 192.168.13.101) :
director_servers = 192.168.13.100 192.168.13.101 director_mail_servers = 192.168.13.100-192.168.13.101 director_user_expire = 15 min service director { unix_listener login/director { mode = 0666 } fifo_listener login/proxy-notify { mode = 0666 } unix_listener director-userdb { mode = 0600 } inet_listener { port = 5000 } } service imap-login { executable = imap-login director } service pop3-login { executable = pop3-login director } protocol lmtp { #auth_socket_path = director-userdb }
I don't need lmtp because we use distributed exim
2010/11/26 Timo Sirainen tss@iki.fi:
On Fri, 2010-11-26 at 14:53 +0100, Antonio Perez-Aranda wrote:
If try to execute doveadm director status I can watch the two server like that:
[root@kvm1 ~]# doveadm director status mail server ip vhosts users 192.168.13.100 100 0 192.168.13.101 100 0
It doesn't look like it's working, since there are zero users. You could set auth_debug=yes and see what it logs when logging in. There should be only something like:
Nov 26 16:06:55 auth: Debug: client out: OK 1 user=tss proxy pass=<hidden> Nov 26 16:07:11 imap-login: Info: proxy(tss): started proxying to 127.0.0.2:143: user=<tss>, method=PLAIN, rip=::1, lip=::1, secured
I can do a simple proxy for one to one instance with static, But I can't get a running proxy with passdb ldap
I have this line to try to get run proxy with ldap
pass_attrs = uid=user,=y=proxy,=1430=port=,=y=nopassword
I can't use IMAP standard ports on IMAP machines, but port=1430 is already running with static passdb with proxy from machine one to machine two, with hardwrite in setting of machine one, "host" with machine two ip.
2010/11/29 Antonio Perez-Aranda aperezaranda@yaco.es:
I just find the follow link
http://wiki2.dovecot.org/Director
I will test it with Passdb Configuration.
2010/11/29 Antonio Perez-Aranda aperezaranda@yaco.es:
I already set auth_debug and mail_debug to yes but I can't watch proxy at logs.
¿Is it needed some special data from LDAP?
I import at dovecot.conf the file /etc/dovecot/conf.d/director.conf to get director configuration
At now, I have the follow config (director.conf) in my two kvm's machine (192.168.13.100 192.168.13.101) :
director_servers = 192.168.13.100 192.168.13.101 director_mail_servers = 192.168.13.100-192.168.13.101 director_user_expire = 15 min service director { unix_listener login/director { mode = 0666 } fifo_listener login/proxy-notify { mode = 0666 } unix_listener director-userdb { mode = 0600 } inet_listener { port = 5000 } } service imap-login { executable = imap-login director } service pop3-login { executable = pop3-login director } protocol lmtp { #auth_socket_path = director-userdb }
I don't need lmtp because we use distributed exim
2010/11/26 Timo Sirainen tss@iki.fi:
On Fri, 2010-11-26 at 14:53 +0100, Antonio Perez-Aranda wrote:
If try to execute doveadm director status I can watch the two server like that:
[root@kvm1 ~]# doveadm director status mail server ip vhosts users 192.168.13.100 100 0 192.168.13.101 100 0
It doesn't look like it's working, since there are zero users. You could set auth_debug=yes and see what it logs when logging in. There should be only something like:
Nov 26 16:06:55 auth: Debug: client out: OK 1 user=tss proxy pass=<hidden> Nov 26 16:07:11 imap-login: Info: proxy(tss): started proxying to 127.0.0.2:143: user=<tss>, method=PLAIN, rip=::1, lip=::1, secured
Well, I get a valid proxy config on passdb-ldap return pass_attrs like that (in the opossite way to http://wiki2.dovecot.org/PasswordDatabase/ExtraFields#LDAP )
pass_attrs = uid=user,=proxy=y,=nopassword=y,=port=1143,=host=192.168.13.100
But, if I remove the "host", and leave director to fill it, director never acts.
2010/11/29 Antonio Perez-Aranda aperezaranda@yaco.es:
I can do a simple proxy for one to one instance with static, But I can't get a running proxy with passdb ldap
I have this line to try to get run proxy with ldap
pass_attrs = uid=user,=y=proxy,=1430=port=,=y=nopassword
I can't use IMAP standard ports on IMAP machines, but port=1430 is already running with static passdb with proxy from machine one to machine two, with hardwrite in setting of machine one, "host" with machine two ip.
2010/11/29 Antonio Perez-Aranda aperezaranda@yaco.es:
I just find the follow link
http://wiki2.dovecot.org/Director
I will test it with Passdb Configuration.
2010/11/29 Antonio Perez-Aranda aperezaranda@yaco.es:
I already set auth_debug and mail_debug to yes but I can't watch proxy at logs.
¿Is it needed some special data from LDAP?
I import at dovecot.conf the file /etc/dovecot/conf.d/director.conf to get director configuration
At now, I have the follow config (director.conf) in my two kvm's machine (192.168.13.100 192.168.13.101) :
director_servers = 192.168.13.100 192.168.13.101 director_mail_servers = 192.168.13.100-192.168.13.101 director_user_expire = 15 min service director { unix_listener login/director { mode = 0666 } fifo_listener login/proxy-notify { mode = 0666 } unix_listener director-userdb { mode = 0600 } inet_listener { port = 5000 } } service imap-login { executable = imap-login director } service pop3-login { executable = pop3-login director } protocol lmtp { #auth_socket_path = director-userdb }
I don't need lmtp because we use distributed exim
2010/11/26 Timo Sirainen tss@iki.fi:
On Fri, 2010-11-26 at 14:53 +0100, Antonio Perez-Aranda wrote:
If try to execute doveadm director status I can watch the two server like that:
[root@kvm1 ~]# doveadm director status mail server ip vhosts users 192.168.13.100 100 0 192.168.13.101 100 0
It doesn't look like it's working, since there are zero users. You could set auth_debug=yes and see what it logs when logging in. There should be only something like:
Nov 26 16:06:55 auth: Debug: client out: OK 1 user=tss proxy pass=<hidden> Nov 26 16:07:11 imap-login: Info: proxy(tss): started proxying to 127.0.0.2:143: user=<tss>, method=PLAIN, rip=::1, lip=::1, secured
I just discover the fail
If I put non standard port, then dovecot take on pair host/port will be got from passdb, But in this case, the IMAP port is 1430 and POP3 is different from standard to. Because in the same machine can be running a old Courier instance with standard ports.
At now, I got a dovecot director to balancing on Courier instances.
¿How can I change the standards ports in director?
2010/11/29 Antonio Perez-Aranda aperezaranda@yaco.es:
Well, I get a valid proxy config on passdb-ldap return pass_attrs like that (in the opossite way to http://wiki2.dovecot.org/PasswordDatabase/ExtraFields#LDAP )
pass_attrs = uid=user,=proxy=y,=nopassword=y,=port=1143,=host=192.168.13.100
But, if I remove the "host", and leave director to fill it, director never acts.
2010/11/29 Antonio Perez-Aranda aperezaranda@yaco.es:
I can do a simple proxy for one to one instance with static, But I can't get a running proxy with passdb ldap
I have this line to try to get run proxy with ldap
pass_attrs = uid=user,=y=proxy,=1430=port=,=y=nopassword
I can't use IMAP standard ports on IMAP machines, but port=1430 is already running with static passdb with proxy from machine one to machine two, with hardwrite in setting of machine one, "host" with machine two ip.
2010/11/29 Antonio Perez-Aranda aperezaranda@yaco.es:
I just find the follow link
http://wiki2.dovecot.org/Director
I will test it with Passdb Configuration.
2010/11/29 Antonio Perez-Aranda aperezaranda@yaco.es:
I already set auth_debug and mail_debug to yes but I can't watch proxy at logs.
¿Is it needed some special data from LDAP?
I import at dovecot.conf the file /etc/dovecot/conf.d/director.conf to get director configuration
At now, I have the follow config (director.conf) in my two kvm's machine (192.168.13.100 192.168.13.101) :
director_servers = 192.168.13.100 192.168.13.101 director_mail_servers = 192.168.13.100-192.168.13.101 director_user_expire = 15 min service director { unix_listener login/director { mode = 0666 } fifo_listener login/proxy-notify { mode = 0666 } unix_listener director-userdb { mode = 0600 } inet_listener { port = 5000 } } service imap-login { executable = imap-login director } service pop3-login { executable = pop3-login director } protocol lmtp { #auth_socket_path = director-userdb }
I don't need lmtp because we use distributed exim
2010/11/26 Timo Sirainen tss@iki.fi:
On Fri, 2010-11-26 at 14:53 +0100, Antonio Perez-Aranda wrote:
If try to execute doveadm director status I can watch the two server like that:
[root@kvm1 ~]# doveadm director status mail server ip vhosts users 192.168.13.100 100 0 192.168.13.101 100 0
It doesn't look like it's working, since there are zero users. You could set auth_debug=yes and see what it logs when logging in. There should be only something like:
Nov 26 16:06:55 auth: Debug: client out: OK 1 user=tss proxy pass=<hidden> Nov 26 16:07:11 imap-login: Info: proxy(tss): started proxying to 127.0.0.2:143: user=<tss>, method=PLAIN, rip=::1, lip=::1, secured
On 29.11.2010, at 11.48, Antonio Perez-Aranda wrote:
If I put non standard port, then dovecot take on pair host/port will be got from passdb, But in this case, the IMAP port is 1430 and POP3 is different from standard to. Because in the same machine can be running a old Courier instance with standard ports.
At now, I got a dovecot director to balancing on Courier instances.
¿How can I change the standards ports in director?
There is no simple way to do this currently. What passdb do you use? With SQL you should be able to do something that based on %s returns the wanted port number. I don't remember the syntax, but something like:
password_query = select case '%s' when 'imap' 1430 when 'pop3' 1100 else null esac as port
But now, I can use non standard port on simple proxy dovecot config with userdb/passdb on LDAP.
I think that the problem is with dovecot director, that if there are port/host on pass_attrs , then, it doesn't append host="assigned host" and then, dovecot proxy says that can't find loop to proxy.
If i don't tell port on pass_attrs, then the director are running on standard ports. with simple proxy without director with host/port on ldap it's running ok.
2010/11/30 Timo Sirainen tss@iki.fi:
On 29.11.2010, at 11.48, Antonio Perez-Aranda wrote:
If I put non standard port, then dovecot take on pair host/port will be got from passdb, But in this case, the IMAP port is 1430 and POP3 is different from standard to. Because in the same machine can be running a old Courier instance with standard ports.
At now, I got a dovecot director to balancing on Courier instances.
¿How can I change the standards ports in director?
There is no simple way to do this currently. What passdb do you use? With SQL you should be able to do something that based on %s returns the wanted port number. I don't remember the syntax, but something like:
password_query = select case '%s' when 'imap' 1430 when 'pop3' 1100 else null esac as port
On 30.11.2010, at 8.02, Antonio Perez-Aranda wrote:
But now, I can use non standard port on simple proxy dovecot config with userdb/passdb on LDAP.
I think that the problem is with dovecot director, that if there are port/host on pass_attrs , then, it doesn't append host="assigned host" and then, dovecot proxy says that can't find loop to proxy.
If there is port, it should assign the host. You can have passdb return port without host.
participants (2)
-
Antonio Perez-Aranda
-
Timo Sirainen