[Dovecot] Username changed by dovecot..?
Romer Ventura
rventura at h-st.com
Fri Dec 5 20:30:51 EET 2008
Hello,
I have postfix+dovecot authenticating via LDAP to Active directory and
everything is working fine except that some user names get changed by
dovecot.
# cat dovecot/dovecot-ldap.conf
hosts = 192.168.50.30 192.168.50.31
base = ou=HST-Users,dc=h-st,dc=com
ldap_version = 3
auth_bind = yes
dn = cn=<account>,cn=Users,dc=h-st,dc=com
dnpass = <password>
user_attrs =
sAMAccountName=mail=maildir:/home/vmail/%Ud/%Ln,=gid=1000,=uid=1001
user_filter = (&(objectClass=person)(mail=%u))
pass_filter = (&(objectClass=person)(mail=%u))
I am using the value of ³mail² field from active directory as user name. So
here are test users:
test1: mail=test1 at h-st.com
test3: mail=test3 at housigma20.h-st.com
test5: mail=test5 at yomama.com
USER TEST1:
# telnet localhost pop3
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK Dovecot ready.
user test1 at h-st.com
+OK
pass houston
+OK Logged in.
Logs show:
dovecot: auth(default): client in: AUTH 1 PLAIN service=pop3
secured lip=127.0.0.1 rip=127.0.0.1 lport=110 rport=43073
resp=<hidden>
dovecot: auth(default): ldap(test1 at h-st.com,127.0.0.1): bind search:
base=ou=HST-Users,dc=h-st,dc=com
filter=(&(objectClass=person)(mail=test1 at h-st.com))
dovecot: auth(default): ldap(test1 at h-st.com,127.0.0.1): no fields returned
by the server
dovecot: auth(default): client out: OK 1 user=test1 at h-st.com
dovecot: auth(default): master in: REQUEST 7 3526 1
dovecot: auth(default): ldap(test1 at h-st.com,127.0.0.1): user search:
base=ou=HST-Users,dc=h-st,dc=com scope=subtree
filter=(&(objectClass=person)(mail=test1 at h-st.com)) fields=sAMAccountName
dovecot: auth(default): ldap(test1 at h-st.com,127.0.0.1): result:
sAMAccountName(mail=maildir:/home/vmail/%Ud/%Ln)=maildir:/home/vmail/H-ST.CO
M/test1
dovecot: auth(default): master out: USER 7 test1 at h-st.com
mail=maildir:/home/vmail/H-ST.COM/test1 gid=1000 uid=1001
dovecot: pop3-login: Login: user=<test1 at h-st.com>, method=PLAIN,
rip=127.0.0.1, lip=127.0.0.1, secured
The directory was created and everything is fine.
USER TEST3:
# telnet localhost pop3
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK Dovecot ready.
user test3 at housigma20.h-st.com
+OK
pass houston
-ERR [IN-USE] Internal login failure. Refer to server log for more
information.
Connection closed by foreign host.
Logs show:
dovecot: auth(default): client in: AUTH 1 PLAIN service=pop3
secured lip=127.0.0.1 rip=127.0.0.1 lport=110 rport=34057
resp=<hidden>
dovecot: auth(default): ldap(test3 at housigma20.h-st.com,127.0.0.1): bind
search: base=ou=HST-Users,dc=h-st,dc=com
filter=(&(objectClass=person)(mail=test3 at housigma20.h-st.com))
dovecot: auth(default): auth(test3 at housigma20.h-st.com,127.0.0.1): username
changed test3 at housigma20.h-st.com -> test3
dovecot: auth(default): ldap(test3,127.0.0.1): result: uid(user)=test3
dovecot: auth(default): client out: OK 1 user=test3
dovecot: auth(default): master in: REQUEST 8 3859 1
dovecot: auth(default): ldap(test3,127.0.0.1): user search:
base=ou=HST-Users,dc=h-st,dc=com scope=subtree
filter=(&(objectClass=person)(mail=test3)) fields=sAMAccountName
dovecot: auth(default): ldap(test3,127.0.0.1): Unknown user
dovecot: auth(default): userdb(test3,127.0.0.1): user not found from userdb
ldap
dovecot: auth(default): master out: NOTFOUND 8
dovecot: pop3-login: Internal login failure (auth failed, 1 attempts):
user=<test3>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
It obvously fails because the username was changed to only %u. Why does it
get changed...?
Any ideas...?
Thanks..
# dovecot -n
# 1.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.16.60-0.21-xenpae i686 SUSE Linux Enterprise Server 10
(i586)
protocols: imap imaps pop3 pop3s
login_dir: /var/run/dovecot/login
login_executable(default): /usr/lib/dovecot/imap-login
login_executable(imap): /usr/lib/dovecot/imap-login
login_executable(pop3): /usr/lib/dovecot/pop3-login
mail_uid: vmail
mail_gid: vmail
mail_location: maildir:~/Maildir/
mail_executable(default): /usr/lib/dovecot/imap
mail_executable(imap): /usr/lib/dovecot/imap
mail_executable(pop3): /usr/lib/dovecot/pop3
mail_plugins(default): acl
mail_plugins(imap): acl
mail_plugins(pop3):
mail_plugin_dir(default): /usr/lib/dovecot/modules/imap
mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap
mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3
imap_client_workarounds(default): delay-newmail outlook-idle netscape-eoh
imap_client_workarounds(imap): delay-newmail outlook-idle netscape-eoh
imap_client_workarounds(pop3):
pop3_client_workarounds(default):
pop3_client_workarounds(imap):
pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh
auth default:
mechanisms: plain login
verbose: yes
debug: yes
passdb:
driver: ldap
args: /etc/dovecot/dovecot-ldap.conf
userdb:
driver: ldap
args: /etc/dovecot/dovecot-ldap.conf
socket:
type: listen
client:
path: /var/spool/postfix/private/auth
mode: 432
user: postfix
group: postfix
master:
path: /var/run/dovecot/auth-master
mode: 432
user: vmail
group: vmail
More information about the dovecot
mailing list