Anil wrote:

LDAP will return whatever the LDAP schema is defined as (for the case), which is "uid".

I took out the pass_attrs, but didn't appear to be working.

I then added: pass_attrs = uid

then, it was able to find the domain!

http://wiki.dovecot.org/AuthDatabase/LDAP is a bit confusing in the documentation of pass_attrs.

IMO, pass_attrs_map is a better name, since its used for mapping attributes from LDAP attributes to Dovecot names.

But, if "pass_attrs = uid" is working, what exactly is getting mapped to what?

I _think_ i was having a similar problem to you. I was trying to login with user@domain and in the ldap directory i have the ou=people with uid=user. When i had

pass_attrs = uid

in the logs i saw

Jan 4 16:17:45 slayer dovecot: auth(default): master out: USER^I2^Iiain^Igid=XXX^Ihome=/home/iain^Iuid=XXXX Jan 4 16:17:45 slayer dovecot: imap-login: Login: user=<iain>, method=PLAIN, rip=X.X.X.X, lip=X.X.X.X, TLS Jan 4 16:17:45 slayer dovecot: IMAP(iain): Ambiguous mail location setting, don't know what to do with it: /opt/mail//iain/ (try prefixing it with mbox: or maildir:)

I changed this to be

pass_attrs = uid=user@domain

And now i see

Jan 4 17:11:11 slayer dovecot: auth(default): master out: USER^I1^Iiain@shihad.org^Igid=XXX^Ihome=/home/iain^Iuid=XXXX Jan 4 17:11:11 slayer dovecot: imap-login: Login: user=<iain@shihad.org>, method=PLAIN, rip=X.X.X.X, lip=X.X.X.X, TLS Jan 4 17:11:11 slayer dovecot: IMAP(iain@shihad.org): Ambiguous mail location setting, don't know what to do with it: /opt/mail/shihad.org/iain/ (try prefixing it with mbox: or maildir:)

Please note that the "ambiguous mail location setting" is because i was daft enough to have

mail_location: /opt/mail/%d/%n/

And changing this to

mail_location: maildir:/opt/mail/%d/%n/

sorted the problem :) Also IP's etc change to protect the guilty ;)

So basically my ldap settings are now

#user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid user_filter = (&(objectClass=posixAccount)(uid=%n)) pass_attrs = uid=user@domain,userPassword=password pass_filter = (&(objectClass=posixAccount)(uid=%n))

and this seems to return the information i want

So perhaps you could try

pass_attrs = uid=user@domain

Cheers

Iain

On Jan 4, 2008 4:04 PM, Timo Sirainen <tss@iki.fi> wrote:

...

On Fri, 2008-01-04 at 08:12 -0800, Anil wrote:

...

pass_attrs = uid=user pass_filter = uid=%n

uid=user makes Dovecot change the full username to uid's value, which means it drops the domain. You could probably just leave pass_attrs empty. I don't remember if LDAP lookups are case-insensitive though. If they are, use %Ln and %Ld in your home and mail_location to avoid getting "user" and "User" and "uSer" directories.