[Dovecot] Fwd: LDAP subtree search on AD

Bruno Puga brpuga at gmail.com
Wed Jun 13 21:46:03 EEST 2007


With postfix using virtual_mailbox_maps through the same ldap backend, I can
make subtree searchs in the Active Directory without problems.

Any ideas?

I really need this information and appreciate any help or new ideas!

Thanks
Bruno.



---------- Forwarded message ----------
From: Bruno Puga <brpuga at gmail.com>
Date: Jun 12, 2007 6:04 PM
Subject: LDAP subtree search on AD
To: dovecot at dovecot.org

Hello people!

I'm new to the list and to dovecot too. In advance I'd like to thank
everybody who could help me, and I'll be very glad if a could help somebody
here.
I'm working in a project to integrate dovecot and active directory
authentication for 2 weeks without total success. I've tried so many ways to
solve my problem, but no one gave me the right answer. I'll appreciate if
someone could help me. First off all let me show some needed data.

Distro: Debian Etch

dovecot --version
1.0.0

dovecot -n
# /etc/dovecot/dovecot.conf
base_dir: /var/run/dovecot/
log_path: /var/log/dovecot-imapd.log
log_timestamp: %Y-%m-%d %H:%M:%S
protocols: imap
disable_plaintext_auth: no
login_dir: /var/run/dovecot//login
login_executable: /usr/lib/dovecot/imap-login
mail_debug: yes
imap_client_workarounds: outlook-idle delay-newmail
auth default:
  verbose: yes
  debug: yes
  debug_passwords: yes
  passdb:
    driver: pam
    args: dovecot
  userdb:
    driver: ldap
    args: /etc/dovecot/dovecot-ldap.conf
  socket:
    type: listen
    client:
    master:
      path: /var/run/dovecot/auth-master
      mode: 384
      user: vmail
      group: vmail


/etc/dovecot/dovecot-ldap.conf

hosts = 192.168.0.11
dn = cn=dovecot,cn=Users,dc=tecnicopias01,dc=com,dc=br
dnpass = password
ldap_version = 3
auth_bind = yes
base = DC=tecnicopias01,DC=com,DC=br
deref = never
scope = subtree
user_attrs = info=mail
user_filter = (&(objectClass=organizationalPerson)(sAMAccountName=%u))
user_global_uid = 5000
user_global_gid = 5000

I can authenticate using pam+krb5 with success, but when I try to make a
userdb search to get maillocation for the authenticated user, I get in
trouble. The ldap_search doesn't make subtree search, making only onelevel
search. So, if I point the base directive (/etc/dovecot/dovecot- ldap.conf)
to where the user that is authenticating in that moment is, I can perfect
login and get the maillocation.

My question is: Why dovecot doesn't make ldap subtree search? Or, am I
missing anything?

Thanks
Bruno.


More information about the dovecot mailing list