[Dovecot] Passwords not returned without auth_bind ?

Mohit Chawla mohit.chawla.binary at gmail.com
Fri Dec 3 13:42:50 EET 2010


Hi,

Maybe I am missing something simple, but I can't get users authenticated
using password lookups, as opposed to auth_bind. This is how the log looks
like when using password lookup:

dovecot: auth(default): new auth connection: pid=2449
dovecot: auth(default): client in:
AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=43458#011resp=<hidden>
dovecot: auth(default): ldap(foo,127.0.0.1): pass search:
base=uid=foo,ou=people,dc=djb,dc=hell,dc=qua scope=base
filter=(accountStatus=noaccess) fields=(none)
slapd[1834]: conn=1083 op=1 SRCH
base="uid=foo,ou=people,dc=djb,dc=hell,dc=qua" scope=0 deref=0
filter="(accountStatus=noaccess)"
slapd[1834]: conn=1083 op=1 SRCH attr=(none)
slapd[1834]: conn=1083 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=
dovecot: auth(default): ldap(foo,127.0.0.1): unknown user
dovecot: auth(default): ldap(foo,127.0.0.1): pass search:
base=ou=people,dc=djb,dc=hell,dc=qua scope=subtree
filter=(accountStatus=active)
fields=uid,userPassword,homeDirectory,uidNumber,gidNumber,mailQuotaSize
slapd[1834]: conn=1084 op=1 SRCH base="ou=people,dc=djb,dc=hell,dc=qua"
scope=2 deref=0 filter="(accountStatus=active)"
slapd[1834]: conn=1084 op=1 SRCH attr=uid userPassword homeDirectory
uidNumber gidNumber mailQuotaSize
dovecot: auth(default): ldap(foo,127.0.0.1): result: uid(user)=foo
uidNumber(userdb_uid)=1008 gidNumber(userdb_gid)=1008
homeDirectory(userdb_home)=/home/foo
mailQuotaSize(userdb_quota_rule=*:bytes=%$)=*:bytes=10000000
dovecot: auth(default): ldap(foo,127.0.0.1): No password returned (and no
nopassword)
slapd[1834]: conn=1084 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
dovecot: auth(default): client out: FAIL#0111#011user=foo



*dovecot-ldap.pass*
uris = ldap://10.5.3.101
dn = uid=dove,ou=people,dc=djb,dc=hell,dc=qua
dnpass = debian
auth_bind = no
ldap_version = 3
base = ou=people,dc=djb,dc=hell,dc=qua
scope = subtree
pass_filter = (accountStatus=active)
pass_attrs = uid=user,userPassword=password,\
homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,mailQuotaSize=userdb_quota_rule=*:bytes=%$

*dovecot-ldap.deny*
uris = ldap://10.5.3.101
ldap_version = 3
base = uid=%u,ou=people,dc=djb,dc=hell,dc=qua
scope = base
auth_bind = no
pass_filter = (accountStatus=noaccess)
pass_attrs = (none)

*dovecot.conf*
# 1.2.15: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-3-686 i686 Debian squeeze/sid
log_timestamp: %Y-%m-%d %H:%M:%S
protocols: imap managesieve
listen(default): *
listen(imap): *
listen(managesieve): *:2000
ssl: no
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable(default): /usr/lib/dovecot/imap-login
login_executable(imap): /usr/lib/dovecot/imap-login
login_executable(managesieve): /usr/lib/dovecot/managesieve-login
mail_privileged_group: mail
mail_location: maildir:~/Maildir
mbox_write_locks: fcntl dotlock
mail_executable(default): /usr/lib/dovecot/imap
mail_executable(imap): /usr/lib/dovecot/imap
mail_executable(managesieve): /usr/lib/dovecot/managesieve
mail_plugins(default): quota
mail_plugins(imap): quota
mail_plugins(managesieve):
mail_plugin_dir(default): /usr/lib/dovecot/modules/imap
mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap
mail_plugin_dir(managesieve): /usr/lib/dovecot/modules/managesieve
managesieve_logout_format(default): bytes=%i/%o
managesieve_logout_format(imap): bytes=%i/%o
managesieve_logout_format(managesieve): bytes=%i%o
lda:
  postmaster_address: bar at djb.hell.qua
  mail_plugins: quota sieve
  deliver_log_format: msgid=%m: %$
  sendmail_path: /usr/lib/sendmail
  log_path: /var/log/ldaone
  info_log_path: /var/log/ldatwo
  debug: yes
auth default:
  debug: yes
  passdb:
    driver: ldap
    args: /etc/dovecot/dovecot-ldap.deny
    deny: yes
  passdb:
    driver: ldap
    args: /etc/dovecot/dovecot-ldap.pass
  userdb:
    driver: prefetch
  userdb:
    driver: ldap
    args: /etc/dovecot/dovecot-ldap.user
  socket:
    type: listen
    master:
      path: /var/run/dovecot/auth-master
      mode: 438
plugin:
  quota: maildir
  sieve: ~/.dovecot.sieve
  sieve_dir: ~/sieve


More information about the dovecot mailing list