[Dovecot] LDAP with Active Directory
Hello, I have successfully used dovecot 1.0 Beta 9 to do SASL authentication for postfix using the unix passwd/shadow files.
I need to authenticate with a windows 2003 server using active directory. My system does not support PAM (I'm using slackware) so I cannot take that route. I do not need to use dovecot for POP or IMAP at the present time and so I would like to avoid modifying my active directory schema.
Dovecot seems to be communicating with the active directory server, however it is sending an authentication failure to postfix: postfix/smtpd[24540]: warning: unknown[XXX.XXX.XXX.X]: SASL LOGIN authentication failed: UxxvcmxxQ6
I don't see any messages in the log from dovecot.
Here is my dovecot-ldap.conf:
hosts = 192.168.1.2:389 dn = "cn=dovecot,cn=Users,dc=DOM,dc=local" dnpass = "password" auth_bind = yes ldap_version = 3 base = cn=Users,dc=DOM,dc=local deref = never scope = subtree default_pass_scheme = CRYPT user_global_uid = 900 user_global_gid = 900
Can someone point out what I am missing? I can't find documentation on this type of setup.
Thanks in advance.
B Hatoum
On Thu, Jun 15, 2006 at 02:30:09PM -0400, B Hatoum wrote:
Hello, I have successfully used dovecot 1.0 Beta 9 to do SASL authentication for postfix using the unix passwd/shadow files.
I need to authenticate with a windows 2003 server using active directory. My system does not support PAM (I'm using slackware) so I cannot take that route. I do not need to use dovecot for POP or IMAP at the present time and so I would like to avoid modifying my active directory schema.
some of the systems I inherited also run Slackware, but it's easy to get PAM support:
http://www.kernel.org/pub/linux/libs/pam/pre/library/in fact, for these particular systems, PAM was a requirement to support the authentication methods we use. just download and install the Linux-PAM source.
just curious, if you don't need to use Dovecot for POP or IMAP, what are you actually using it for? :)
in another setup, Dovecot is authenticating from AD, not via LDAP, but Samba's winbindd. winbindd provides a PAM module which can be used by the system for Dovecot auth (and other services).
grant.
On Thu, 2006-06-15 at 14:30 -0400, B Hatoum wrote:
Hello, I have successfully used dovecot 1.0 Beta 9 to do SASL authentication for postfix using the unix passwd/shadow files.
I need to authenticate with a windows 2003 server using active directory. My system does not support PAM (I'm using slackware) so I cannot take that route. I do not need to use dovecot for POP or IMAP at the present time and so I would like to avoid modifying my active directory schema.
Dovecot seems to be communicating with the active directory server, however it is sending an authentication failure to postfix: postfix/smtpd[24540]: warning: unknown[XXX.XXX.XXX.X]: SASL LOGIN authentication failed: UxxvcmxxQ6
What is the client that tries to authenticate to it here?
I don't see any messages in the log from dovecot.
Set auth_debug=yes and check again. I'm not sure why Postfix would give that weird looking error message..
Hi.
This looks like the same problem I've sent in a patch for earlier,
the client that is talking to postfix could be sending the username
at the same time as the AUTH LOGIN command.
Cheers Anders
On Jun 16, 2006, at 13:08, Timo Sirainen wrote:
On Thu, 2006-06-15 at 14:30 -0400, B Hatoum wrote:
Hello, I have successfully used dovecot 1.0 Beta 9 to do SASL authentication for postfix using the unix passwd/shadow files.
I need to authenticate with a windows 2003 server using active directory. My system does not support PAM (I'm using slackware) so I cannot take that route. I do not need to use dovecot for POP or IMAP at the present time and so I would like to avoid modifying my active directory schema.
Dovecot seems to be communicating with the active directory server, however it is sending an authentication failure to postfix: postfix/smtpd[24540]: warning: unknown[XXX.XXX.XXX.X]: SASL LOGIN authentication failed: UxxvcmxxQ6
What is the client that tries to authenticate to it here?
I don't see any messages in the log from dovecot.
Set auth_debug=yes and check again. I'm not sure why Postfix would
give that weird looking error message..
participants (4)
-
Anders Karlsson
-
B Hatoum
-
grant beattie
-
Timo Sirainen