[Dovecot] Active Directory LDAP authentication fails after a time

noahisaac noah at miller.cc
Fri Apr 17 20:40:33 EEST 2009


Hi - 

I've got Dovecot version 1.0.7 running on a CentOS 5.2 machine.  It's
serving pop, imap and imaps and authenticating against an Active Directory
machine.  This all works fine at first, but after about two weeks or so,
dovecot's authentication against AD starts to fail.  All of dovecot's
authentication attempts time out.  I also have postfix on the same machine
authenticating against the same AD, and it does not seem to experience this
issue.  If I restart dovecot, the authentication starts working again.  

I've gone over /var/log/maillog, but I don't see anything particularly
useful.  The only thing I really see is:
dovecot: IMAP(noah): Disconnected for inactivity

Here's some of the relevant portions of my configs:

dovecot.conf
auth default {
  mechanisms = plain
  passdb ldap {
    args = /etc/dovecot-ldap.conf
  }
  passdb passwd-file {
    args = /etc/dovecot/passdb
    master = yes
  }
  userdb static {
    args = uid=vmail gid=vmail home=/home/vmail/%u
  }
  user = root
}

dovecot-ldap.conf
hosts = admachine.domain.com
base = dc=domain,dc=com
ldap_version = 3
auth_bind = yes
auth_bind_userdn = DOMAIN\%u


Does anybody have any ideas about why this is happening, or maybe just an
idea about how to better troubleshoot it?  If you need any more info, I'll
be happy to provide it.  Can I tell dovecot to be a little more verbose with
it's log entries (I've already got auth_debug set to yes, but I'm not
getting very much info)?


Thanks!
Noah
-- 
View this message in context: http://www.nabble.com/Active-Directory-LDAP-authentication-fails-after-a-time-tp23102450p23102450.html
Sent from the Dovecot mailing list archive at Nabble.com.



More information about the dovecot mailing list