[Dovecot] Help with LDAP authentication - user / user+domain

Venilton Junior venilton.junior at sercompe.com.br
Fri May 4 16:34:51 EEST 2007 

Hello Folks,

 

I've my dovecot working well and authenticating in my ldap servers.

 

But I'd like configure my users to authenticate in two ways. One is just
submitting the username and the other one is providing user at domain.com .

 

I'm moving from a cyrus-imap solution to dovecot and I've implemented it
with VD domains. But nowadays I still have one domain at my servers. So
to no cause to much impact to users, I'd like to provide this two ways
of authentication.

 

Here follows my dovecot-ldap.conf:

 

hosts = localhost

dn = uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot

dnpass = XXXXXX

auth_bind = no

ldap_version = 3

base = dc=domain,dc=com

deref = never

scope = subtree

user_attrs = mail,homeDirectory,,,,quota=quota=maildir:storage

user_filter =
(&(objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=F
ALSE))

pass_attrs = mail,userPassword

pass_filter =
(&(objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=F
ALSE))

default_pass_scheme = SSHA

user_global_uid = 100

user_global_gid = 101

 

 

My logs:

 

Apr 30 13:47:58 server dovecot: auth(default_with_listener): client in:
AUTH     1       PLAIN   service=POP3    lip=xxx.xxx.xx.xx
rip=xxx.xx.xxx.xxx      resp=AGpveWNlLm1hcmlhbm8AbWFrdHVi

Apr 30 13:47:58 server dovecot: auth(default_with_listener):
ldap(user.test,xxx.xx.xxx.xxx): pass search: base=dc=domain,dc=com
scope=subtree
filter=(&(objectClass=VirtualMailAccount)(mail=user.test)(accountActive=
TRUE)(delete=FALSE)) fields=mail,userPassword

Apr 30 13:47:58 server dovecot: auth(default_with_listener):
ldap(user.test,xxx.xx.xxx.xxx): unknown user

Apr 30 13:47:59 server dovecot: auth(default_with_listener): client out:
FAIL    1       user=user.test

Apr 30 13:48:05 server dovecot: pop3-login: Aborted login:
user=<user.test>, method=PLAIN, rip=xxx.xx.xxx.xxx, lip=xxx.xxx.xx.xx

 

If I provide user.test at domain.com works fine.

 

Any guesses or ideas?

 

PS: I've suppressed some information, like IPs, server names e IPs

 

Best Regards,

Venilton C. Junior
HP Certified Professional
Sercompe Computadores Ltda.
Office:   +55 47 3431-9700
Fax:       +55 47 3431-9747
Mobile: +55 47 9653-5872
www.sercompe.com.br <http://www.sercompe.com.br/>

More information about the dovecot mailing list