[Dovecot] Help with LDAP authentication - user / user+domain
Hello Folks,
I've my dovecot working well and authenticating in my ldap servers.
But I'd like configure my users to authenticate in two ways. One is just submitting the username and the other one is providing user@domain.com .
I'm moving from a cyrus-imap solution to dovecot and I've implemented it with VD domains. But nowadays I still have one domain at my servers. So to no cause to much impact to users, I'd like to provide this two ways of authentication.
Here follows my dovecot-ldap.conf:
hosts = localhost
dn = uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
dnpass = XXXXXX
auth_bind = no
ldap_version = 3
base = dc=domain,dc=com
deref = never
scope = subtree
user_attrs = mail,homeDirectory,,,,quota=quota=maildir:storage
user_filter = (&(objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=F ALSE))
pass_attrs = mail,userPassword
pass_filter = (&(objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=F ALSE))
default_pass_scheme = SSHA
user_global_uid = 100
user_global_gid = 101
My logs:
Apr 30 13:47:58 server dovecot: auth(default_with_listener): client in: AUTH 1 PLAIN service=POP3 lip=xxx.xxx.xx.xx rip=xxx.xx.xxx.xxx resp=AGpveWNlLm1hcmlhbm8AbWFrdHVi
Apr 30 13:47:58 server dovecot: auth(default_with_listener): ldap(user.test,xxx.xx.xxx.xxx): pass search: base=dc=domain,dc=com scope=subtree filter=(&(objectClass=VirtualMailAccount)(mail=user.test)(accountActive= TRUE)(delete=FALSE)) fields=mail,userPassword
Apr 30 13:47:58 server dovecot: auth(default_with_listener): ldap(user.test,xxx.xx.xxx.xxx): unknown user
Apr 30 13:47:59 server dovecot: auth(default_with_listener): client out: FAIL 1 user=user.test
Apr 30 13:48:05 server dovecot: pop3-login: Aborted login:
user=
If I provide user.test@domain.com works fine.
Any guesses or ideas?
PS: I've suppressed some information, like IPs, server names e IPs
Best Regards,
Venilton C. Junior HP Certified Professional Sercompe Computadores Ltda. Office: +55 47 3431-9700 Fax: +55 47 3431-9747 Mobile: +55 47 9653-5872 www.sercompe.com.br http://www.sercompe.com.br/
Friday 04 of May 2007 15:34:51 Venilton Junior napisał(a):
Hello Folks,
I've my dovecot working well and authenticating in my ldap servers.
But I'd like configure my users to authenticate in two ways. One is just submitting the username and the other one is providing user@domain.com .
I'm moving from a cyrus-imap solution to dovecot and I've implemented it with VD domains. But nowadays I still have one domain at my servers. So to no cause to much impact to users, I'd like to provide this two ways of authentication.
Here follows my dovecot-ldap.conf:
hosts = localhost
dn = uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
dnpass = XXXXXX
auth_bind = no
ldap_version = 3
base = dc=domain,dc=com
deref = never
scope = subtree
user_attrs = mail,homeDirectory,,,,quota=quota=maildir:storage
user_filter = (&(objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=F ALSE))
pass_attrs = mail,userPassword
pass_filter = (&(objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=F ALSE))
default_pass_scheme = SSHA
user_global_uid = 100
user_global_gid = 101
My logs:
Apr 30 13:47:58 server dovecot: auth(default_with_listener): client in: AUTH 1 PLAIN service=POP3 lip=xxx.xxx.xx.xx rip=xxx.xx.xxx.xxx resp=AGpveWNlLm1hcmlhbm8AbWFrdHVi
Apr 30 13:47:58 server dovecot: auth(default_with_listener): ldap(user.test,xxx.xx.xxx.xxx): pass search: base=dc=domain,dc=com scope=subtree filter=(&(objectClass=VirtualMailAccount)(mail=user.test)(accountActive= TRUE)(delete=FALSE)) fields=mail,userPassword
Apr 30 13:47:58 server dovecot: auth(default_with_listener): ldap(user.test,xxx.xx.xxx.xxx): unknown user
Apr 30 13:47:59 server dovecot: auth(default_with_listener): client out: FAIL 1 user=user.test
Apr 30 13:48:05 server dovecot: pop3-login: Aborted login: user=
, method=PLAIN, rip=xxx.xx.xxx.xxx, lip=xxx.xxx.xx.xx If I provide user.test@domain.com works fine.
Try with auth_default_realm = domain.com in dovecot.conf
-- Łukasz Mierzwa
Tnx, it's working fine! :)
This option in my dovecot.conf worked for me!!
Regards,
Venilton C. Junior HP Certified Professional Sercompe Computadores Ltda. Office: +55 47 3431-9700 Fax: +55 47 3431-9747 Mobile: +55 47 9653-5872 www.sercompe.com.br
-----Original Message----- From: dovecot-bounces@dovecot.org [mailto:dovecot-bounces@dovecot.org] On Behalf Of Lukasz Mierzwa Sent: sexta-feira, 4 de maio de 2007 10:47 To: dovecot@dovecot.org; Venilton Junior Subject: Re: [Dovecot] Help with LDAP authentication - user / user+domain
Friday 04 of May 2007 15:34:51 Venilton Junior napisał(a):
Hello Folks,
I've my dovecot working well and authenticating in my ldap servers.
But I'd like configure my users to authenticate in two ways. One is just submitting the username and the other one is providing user@domain.com .
I'm moving from a cyrus-imap solution to dovecot and I've implemented it with VD domains. But nowadays I still have one domain at my servers. So to no cause to much impact to users, I'd like to provide this two ways of authentication.
Here follows my dovecot-ldap.conf:
hosts = localhost
dn = uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
dnpass = XXXXXX
auth_bind = no
ldap_version = 3
base = dc=domain,dc=com
deref = never
scope = subtree
user_attrs = mail,homeDirectory,,,,quota=quota=maildir:storage
user_filter = (&(objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=F ALSE))
pass_attrs = mail,userPassword
pass_filter = (&(objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=F ALSE))
default_pass_scheme = SSHA
user_global_uid = 100
user_global_gid = 101
My logs:
Apr 30 13:47:58 server dovecot: auth(default_with_listener): client in: AUTH 1 PLAIN service=POP3 lip=xxx.xxx.xx.xx rip=xxx.xx.xxx.xxx resp=AGpveWNlLm1hcmlhbm8AbWFrdHVi
Apr 30 13:47:58 server dovecot: auth(default_with_listener): ldap(user.test,xxx.xx.xxx.xxx): pass search: base=dc=domain,dc=com scope=subtree filter=(&(objectClass=VirtualMailAccount)(mail=user.test)(accountActive= TRUE)(delete=FALSE)) fields=mail,userPassword
Apr 30 13:47:58 server dovecot: auth(default_with_listener): ldap(user.test,xxx.xx.xxx.xxx): unknown user
Apr 30 13:47:59 server dovecot: auth(default_with_listener): client out: FAIL 1 user=user.test
Apr 30 13:48:05 server dovecot: pop3-login: Aborted login: user=
, method=PLAIN, rip=xxx.xx.xxx.xxx, lip=xxx.xxx.xx.xx If I provide user.test@domain.com works fine.
Try with auth_default_realm = domain.com in dovecot.conf
-- Łukasz Mierzwa
participants (2)
-
Venilton Junior
-
Łukasz Mierzwa