[Dovecot] Configuring Dovecot for use with Active Directory

Phil Anslemo uxphreak at yahoo.com
Fri Jan 12 23:04:37 UTC 2007


Here's my updated dovecot-ldap.conf file.  I made some slight changes after starting dovecot and receiving errors.

hosts = 192.168.0.240:389
#uris = 
dn = cn=<BINDUSER>,ou=IT,ou=Central Office,dc=<DOMAIN>,dc=local
dnpass = <PASSWORD>
#sasl_bind = no
#sasl_mech =
#sasl_realm =
#sasl_authz_id =
auth_bind = yes
#auth_bind_userdn =
ldap_version = 3
base = dc=<DOMAIN>, dc=local
deref = never
scope = subtree
user_filter = (&(objectClass=user)(sAMAccountName=%n))
#pass_attrs = uid=user
#pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid
pass_filter = (&(objectClass=user)(sAMAccountName=%n))
#default_pass_scheme = CRYPT
user_global_uid = 101
user_global_gid = 101

Now that I've cleaned up most of the problems, the next issue I'm having is actually authenticating the users from dovecot through ldap in active directory.  When it attempts to authenticate, dovecot hangs and then timesout.  The only thing I can think of is ldap needs to send the password to Active Directory in a format it can understand.  Has anyone run into this?

Thanks,

uxphreak

----- Original Message ----
From: Phil Anslemo <uxphreak at yahoo.com>
To: dovecot at dovecot.org
Sent: Thursday, January 11, 2007 4:19:46 PM
Subject: Configuring Dovecot for use with Active Directory


Hello,

My server is configured as follows:

FreeBSD 6.1
OpenLDAP 2.3.27
Cyrus SASL 2.1.21
Dovecot 1.0.rc15

I have PostFix configured to use SASL for SMTP AUTH, which in turn leverages OpenLDAP to verify users in Active Directory.  I do not have, nor want to in the future, local users in FreeBSD, so I've configured PostFix for Virtual Mailboxes.

Everything is working and I'm getting ready to configure Dovecot, but need clarification.  I want to make sure my dovecot-ldap.conf is properly configured and need another set of eyes to look at it (of course dovecot.conf should also be correct, but one thing at a time).  Here's my dovecot-ldap.conf file:

hosts = 192.168.0.240
#uris = 
dn = cn=<BINDUSER>,ou=IT,ou=Central Office,dc=<DOMAIN>,dc=local
dnpass = <>PASSWORD
#sasl_bind = no
#sasl_mech =
#sasl_realm =
#sasl_authz_id =
auth_bind = yes
#auth_bind_userdn =
ldap_version = 3
base = dc=<DOMAIN>, dc=local
deref = never
scope = subtree
#user_filter = (&(objectClass=posixAccount)(uid=%u))
#pass_attrs = uid=user,userPassword=password
#pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid
#pass_filter = (&(objectClass=posixAccount)(uid=%u))
#default_pass_scheme = CRYPT
user_global_uid = 101
user_global_gid = 101

Your help is appreciated.

Thanks,

uxphreak



____________________________________________________________________________________
Do you Yahoo!?
Everyone is raving about the all-new Yahoo! Mail beta.
http://new.mail.yahoo.com

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


More information about the dovecot mailing list