Re: [Dovecot] Configuring Dovecot for use with Active Directory
Here's my updated dovecot-ldap.conf file. I made some slight changes after starting dovecot and receiving errors.
hosts = 192.168.0.240:389 #uris = dn = cn=<BINDUSER>,ou=IT,ou=Central Office,dc=<DOMAIN>,dc=local dnpass = <PASSWORD> #sasl_bind = no #sasl_mech = #sasl_realm = #sasl_authz_id = auth_bind = yes #auth_bind_userdn = ldap_version = 3 base = dc=<DOMAIN>, dc=local deref = never scope = subtree user_filter = (&(objectClass=user)(sAMAccountName=%n)) #pass_attrs = uid=user #pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid pass_filter = (&(objectClass=user)(sAMAccountName=%n)) #default_pass_scheme = CRYPT user_global_uid = 101 user_global_gid = 101
Now that I've cleaned up most of the problems, the next issue I'm having is actually authenticating the users from dovecot through ldap in active directory. When it attempts to authenticate, dovecot hangs and then timesout. The only thing I can think of is ldap needs to send the password to Active Directory in a format it can understand. Has anyone run into this?
Thanks,
uxphreak
----- Original Message ---- From: Phil Anslemo uxphreak@yahoo.com To: dovecot@dovecot.org Sent: Thursday, January 11, 2007 4:19:46 PM Subject: Configuring Dovecot for use with Active Directory
Hello,
My server is configured as follows:
FreeBSD 6.1 OpenLDAP 2.3.27 Cyrus SASL 2.1.21 Dovecot 1.0.rc15
I have PostFix configured to use SASL for SMTP AUTH, which in turn leverages OpenLDAP to verify users in Active Directory. I do not have, nor want to in the future, local users in FreeBSD, so I've configured PostFix for Virtual Mailboxes.
Everything is working and I'm getting ready to configure Dovecot, but need clarification. I want to make sure my dovecot-ldap.conf is properly configured and need another set of eyes to look at it (of course dovecot.conf should also be correct, but one thing at a time). Here's my dovecot-ldap.conf file:
hosts = 192.168.0.240 #uris = dn = cn=<BINDUSER>,ou=IT,ou=Central Office,dc=<DOMAIN>,dc=local dnpass = <>PASSWORD #sasl_bind = no #sasl_mech = #sasl_realm = #sasl_authz_id = auth_bind = yes #auth_bind_userdn = ldap_version = 3 base = dc=<DOMAIN>, dc=local deref = never scope = subtree #user_filter = (&(objectClass=posixAccount)(uid=%u)) #pass_attrs = uid=user,userPassword=password #pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid #pass_filter = (&(objectClass=posixAccount)(uid=%u)) #default_pass_scheme = CRYPT user_global_uid = 101 user_global_gid = 101
Your help is appreciated.
Thanks,
uxphreak
Do you Yahoo!? Everyone is raving about the all-new Yahoo! Mail beta. http://new.mail.yahoo.com
Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Phil Anslemo wrote:
Now that I've cleaned up most of the problems, the next issue I'm having is actually authenticating the users from dovecot through ldap in active directory. When it attempts to authenticate, dovecot hangs and then timesout. The only thing I can think of is ldap needs to send the password to Active Directory in a format it can understand. Has anyone run into this?
http://gentoo-wiki.com/HOWTO_Authenticate_from_Active_Directory_using_OpenLD...
participants (2)
-
Marcel de Reuver
-
Phil Anslemo