[Dovecot] LDAP auth_bind fails
Pol Bettinger
dovecot at arvoreen.net
Tue Mar 6 13:29:13 EET 2012
Hello,
I wanted to configure dovecot for using auth_bind but didn't succeed to
me it seems like it does always an anonymous bind.
Dovecot version 2.1.1 (I started with 2.1.0 and hoped 2.1.1 would fix it)
I tried to play around with the base, pass_attrs,pass_filter to no avail
but didn't succeed.
Looking at a wireshark trace i only saw 7 packets and it seemed to me
dovecot did only an anonymous bind.
any help would appreciated
Sincerely
Pol Bettinger
output of mail.log:
Mar 6 12:16:34 Dell dovecot: auth: Debug: client in:
AUTH#0112#011CRAM-MD5#011service=imap#011secured#011lip=192.168.16.27#011rip=192.168.16.20#011lport=993#011rport=51838
Mar 6 12:16:34 Dell dovecot: auth: Debug: client out:
CONT#0112#011PDQ1NjgyMjE3NjYyMDk3NjkuMTMzMTAzMjU5NEBEZWxsPg==
Mar 6 12:16:34 Dell dovecot: auth: Debug: client in: CONT<hidden>
Mar 6 12:16:34 Dell dovecot: auth: Debug:
password(arvi at arvoreen.net,192.168.16.20): passdb doesn't support
credential lookups
Mar 6 12:16:36 Dell dovecot: auth: Debug: client out:
FAIL#0112#011user=arvi at arvoreen.net
output of dovecot -n:
# 2.1.1: /etc/dovecot/dovecot.conf
# OS: Linux 3.0.0-15-generic i686 Ubuntu 11.10 ext4
auth_debug = yes
auth_default_realm = arvoreen.net
auth_mechanisms = plain digest-md5 cram-md5
auth_verbose = yes
base_dir = /var/run/dovecot/
mail_location = maildir:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
namespace inbox {
inbox = yes
location =
mailbox Archive {
auto = create
special_use = \Archive
}
mailbox Drafts {
auto = create
special_use = \Drafts
}
mailbox Junk {
auto = create
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
auto = create
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-ldap_pass.conf.ext
driver = ldap
}
plugin {
sieve = /var/sieve/%d/%1n/%n
sieve_dir = /var/sieve/%d/%1n/%n
}
protocols = imap lmtp sieve
service managesieve-login {
inet_listener sieve {
port = 4190
}
}
ssl_cert = </etc/ssl/certs/webmail.arvoreen.pem
ssl_key = </etc/ssl/private/webmail.arvoreen.key
userdb {
args = /etc/dovecot/dovecot-ldap_user.conf.ext
driver = ldap
}
protocol lmtp {
mail_plugins = " sieve"
}
output of cat /etc/dovecot/dovecot-ldap_pass.conf.ext:
hosts = 127.0.0.1:389
auth_bind = yes
auth_bind_userdn = uid=%n,ou=Users,dc=arvoreen,dc=net
base = ou=Users,dc=arvoreen, dc=net
ldap_version = 3
olcAccess infomation:
olcSuffix: dc=arvoreen,dc=net
olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by
anonymou
s auth by dn="cn=admin,dc=arvoreen,dc=net" write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by self write by dn="cn=admin,dc=arvoreen,dc=net"
write by
* read
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ldap_auth_bind.pcap
Type: application/octet-stream
Size: 642 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120306/37308cb3/attachment-0002.obj>
More information about the dovecot
mailing list