[Dovecot] suspected bug in dovecot-ldap setup?
tss at iki.fi
Sat Nov 4 12:31:33 UTC 2006
On Fri, 2006-11-03 at 10:15 +0000, Pedro Venda wrote:
> On Thursday 02 November 2006 18:42, Timo Sirainen wrote:
> > On Fri, 2006-10-27 at 12:45 +0100, Pedro Venda wrote:
> > > I intended to have authenticated binds but there was a problem with the
> > > user_filter directive being ignored:
> > > user_filter =
> > > (&(objectClass=JammMailAccount)(mail=%n@%d)(accountActive=TRUE)
> > > (delete=FALSE))
> > ..
> > > ldap(dave at info.test,::ffff:192.168.0.69): bind search:
> > > base=o=hosting,dc=example,dc=com scope=subtree filter=
> > > **(&(objectClass=posixAccount(uid=dave at info.test))**
> > > dovecot: Oct 26 16:20:58 Info: auth(default):
> > > ldap(dave at info.test,::ffff:192.168.0.69): unknown user
> > > dovecot: Oct 26 16:20:59 Info: auth(default): client out: FAIL 1
> > > user=dave at info.test
> > > dovecot: Oct 26 16:20:59 Info: imap-login: Disconnected:
> > > user=<dave at info.test>, method=PLAIN, rip=::ffff:192.168.0.69,
> > > lip=::ffff:192.168.0.5, TLS
> > >
> > > (nevermind the data, it's test only)
> > >
> > > As you can see from the info file, the search filter used was being
> > > (&(objectClass=posixAccount(uid=dave at info.test)) and not
> > > (&(objectClass=JammMailAccount)(mail=dave at info.test)(accountActive=TRUE)
> > > (delete=FALSE)).
> > user_filter is used by userdb only, after the password authentication
> > was successful. So I guess you wanted to modify pass_filter instead?
> You see, I'm using auth_bind = yes, so pass_filter isn't relevant. Dovecot
> doesn't need to find the password, given that authentication relies on
> successfull binding.
If you use auth_bind=yes, but not auth_bind_userdn, then the dn is
looked up using pass_filter, not user_filter. user_filter is used only
after a successful authentication to look up the user_attrs.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20061104/a6ea2cf1/attachment.pgp
More information about the dovecot