[Dovecot] LDAP authentication stops working...

J. David Rye of Roadtech d.rye at roadtech.co.uk
Wed Jan 10 19:07:14 UTC 2007


On Wednesday 10 January 2007 15:07, J.M. Maurer wrote:
> On Tue, 2007-01-09 at 09:54 +0000, Gavin Henry wrote:
> > <quote who="Adrian Close">
> >
> > > Hi all,
> > >
> > > I'm running dovecot-1.0.rc17 on OpenBSD 3.9, using userdb and passdb
> > > methods of "ldap" (SSL on 636/tcp) in addition to "passwd".
> > >
> > > Occasionally (generally after a few hours of operation, but not
> > > always), LDAP-based logins stop working (e.g. hang/timeout after POP3
> > > PASS command).  Accounts with local passwords (as opposed to accounts
> > > with a password field of "x") still work fine at this point.
> >
> > We also get this. Twice a day we have to restart dovecot, using userdb
> > and passdb via LDAP, with userdb_prefetch.
>
> Just to add: we moved from rc<something before 5> to rc15 recently, and
> we now also see a lot of hangs with ldap_authbind.
>
> The result handler for the initial ldap_search to find the dn to bind to
> is never called. I assume Timo fscked something up recently in my
> auth_bind code ;-P
>
> Anyway, restarting ldap every hour or so with cron does the job :-|
>
> I'd debug this if I had the time, but I won't have before next week.
>
> Cheers,
>    Marc
>
>
> *RT IMSS Scanned*
I get this problem as well, with dovecot running on a server running Fedora5
I first noticed this problem after a yum update that moved the server upto 
the rpm dovecot-1.0.0.beta8.3.fc5.i386
The server original ran OK after it was originaly upgraded to Fedora5, which 
shiped with the rpm dovecot-1.0.0.beta2.7.i386

The LDAP server is openldap-2.0.27-8 running redhat 9.0

The minimum to fix the problem seems to be kill the dovecot auth processes.

-- 
J. David Rye
http://www.roadrunner.uk.com
http://www.roadtech.co.uk
mailto://d.rye@roadtech.co.uk
 


************************************************************************
This e-mail is confidential and may be legally privileged. It is intended
solely for the use of the individual(s) to whom it is addressed. Any
content in this message is not necessarily a view or statement from Road
Tech Computer Systems Limited but is that of the individual sender. If
you are not the intended recipient, be advised that you have received
this e-mail in error and that any use, dissemination, forwarding,
printing, or copying of this e-mail is strictly prohibited. We use 
reasonable endeavours to virus scan all e-mails leaving the company but
no warranty is given that this e-mail and any attachments are virus free.
You should undertake your own virus checking. The right to monitor e-mail 
communications through our networks is reserved by us
*************************************************************************


More information about the dovecot mailing list