[Dovecot] LDAP (AD) auth problem

Timo Sirainen tss at iki.fi
Fri May 29 18:29:13 EEST 2009


No, it doesn't use password lookups. It still would do auth binding,  
but the userdb lookup would be done when bound to the specified dn.

On May 29, 2009, at 9:56 AM, Misha Volodko wrote:

> If I use dn and dnpass it'd use password lookups mechanism for this
> access to password field on LDAP should be granted to some particular
> user. Unfortunately, it's impossible. Thats why I want to use
> auth_bind way.
>
>
>
> On Thu, May 28, 2009 at 11:57 PM, Timo Sirainen <tss at iki.fi> wrote:
>> On Mon, 2009-05-25 at 17:07 +0200, Misha Volodko wrote:
>>> Using tcpdump i found a cause of it, seems dovecot binds to AD  
>>> server,
>>> then drop connection and trying to do search without bind.
>>> During sniff I see response to my ldap search - LdapErr:
>>> DSID-0C090627, comment: In order to perform this operation a
>>> successful bind must be completed on the connection
>>
>> Dovecot drops the user bind when it does the userdb lookup. If AD
>> doesn't support anonymous lookups, you can specify some user with  
>> dn and
>> dnpass settings and Dovecot will use it for the userdb lookups.
>>
>>
>
>
>
> -- 
> Gooood Night
>



More information about the dovecot mailing list