[Dovecot] Postfix dovecot SASL and LDAP not working...

Brice Figureau brice+dovecot at daysofwonder.com
Tue Apr 11 19:06:59 EEST 2006


Hi,

I'm trying to setup a new mail server where postfix 2.3-20060405 would
use Dovecot's SASL and users located in LDAP.

It's with dovecot-1.0-beta5.

On the postfix side, I followed the SASL_README and have the following
in main.cf:

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes

On the dovecot side I have the following related to auth:

auth_verbose = yes
auth_debug = yes
auth_debug_passwords = yes

auth default {
 mechanisms = plain digest-md5 cram-md5
  # LDAP database
  passdb ldap {
    # Path for LDAP configuration file,
see /etc/dovecot/dovecot-ldap.conf for 
    # example
    args = /etc/dovecot/dovecot-ldap.conf
  }

  # LDAP database
  userdb ldap {
    # Path for LDAP configuration file,
see /etc/dovecot/dovecot-ldap.conf for 
    # example
   args = /etc/dovecot/dovecot-ldap.conf
  }

  userdb prefetch {
  }
  user = root

  ##
  ## dovecot-lda & postfix SASL specific settings
  ##
  socket listen {
     master {
       path = /var/run/dovecot-auth-master
       mode = 0666
     }
    client {
      path = /var/spool/postfix/private/auth
      mode = 0660
      user = postfix
      group = postfix
    }
   }


pop or imap authentification with LDAP works fine:

Apr 11 17:43:08 localhost dovecot: auth(default): client in: AUTH^I1^IPLAIN^Iservice=IMAP^Isecured^Ilip=127.0.0.1^Irip=127.0.0.1^Iresp=AGJyaWNlAHRvdG8=
Apr 11 17:43:08 localhost dovecot: auth(default): ldap(raymond,127.0.0.1): base=ou=people, dc=daysofwonder, dc=com scope=subtree filter=(&(objectClass=CourierMailAccount)(uid=raymond)) fields=uid,userPassword,homeDirectory,uidNumber,gidNumber,mailbox
Apr 11 17:43:08 localhost dovecot: auth(default): ldap(raymond,127.0.0.1): uid(user)=raymond userPassword(password)={PLAIN}toto homeDirectory(userdb_home)=/home/raymond uidNumber(userdb_uid)=1000 gidNumber(userdb_gid)=1000 mailbox(userdb_mail)=/home/raymond/Maildir
Apr 11 17:43:08 localhost dovecot: auth(default): client out: OK^I1^Iuser=raymond^I
Apr 11 17:43:08 localhost dovecot: auth(default): master in: REQUEST^I1^I15439^I1
Apr 11 17:43:08 localhost dovecot: auth(default): ldap(raymond,127.0.0.1): base=ou=people, dc=daysofwonder, dc=com scope=subtree filter=(&(objectClass=CourierMailAccount)(uid=raymond)) fields=homeDirectory,uidNumber,gidNumber,uid,mailbox
Apr 11 17:43:08 localhost dovecot: auth(default): master out: USER^I1^Iraymond^Isystem_user=raymond^Ihome=/home/raymond^Iuid=1000^Igid=1000^Imail=/home/raymond/Maildir
Apr 11 17:43:08 localhost dovecot: imap-login: Login: user=<raymond>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured

postfix SASL doesn't work, but more important don't print any debug
messages, nor try to contact the LDAP server at all:

Apr 11 18:00:59 localhost postfix/smtpd[15637]: connect from localhost.localdomain[127.0.0.1]
Apr 11 18:01:13 localhost dovecot: auth(default): client in: AUTH^I3^Iplain^Iservice=smtp^Iresp=YnJpY2UAYnJpY2UAdG90bw==
Apr 11 18:01:14 localhost dovecot: auth(default): client out: FAIL^I3^Iuser=raymond
Apr 11 18:01:14 localhost postfix/smtpd[15637]: warning: localhost.localdomain[127.0.0.1]: SASL plain authentication failed: 

I tried several variations of the config, like without userdb prefetch,
moving postfix socket config block in another auth block... Nothing
worked.

Since the samples are mentioning only pam as userdb and passdb source,
maybe it can't work with LDAP ?

Any idea on how to solve this issue ?

Thanks,
Regards,
--
Brice Figureau



More information about the dovecot mailing list