[Dovecot] Authentication with AD and quick mbox question

Kaya Saman kayasaman at gmail.com
Wed May 16 11:32:40 EEST 2012 

On Tue, May 15, 2012 at 12:31 PM, Kaya Saman <kayasaman at gmail.com> wrote:
> Hi,
>
> I'm attempting to implement Dovecot 2.1.3 built on a FreeBSD 8.2 64
> bit system from ports.
>
> I had the servicve up and running on a local vbox demo which did a
> very simple Maildir format sytem which was situated in ~/Maildir.
>
>
> I would now like to expand the system and tie it to a Windows domain.
> What is the best way to go about doing this?
>
> Can Dovecot be directly tied in or do I need to tie the server in to the domain?
>
>
>
[...]

I managed to find this on the wiki:

http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm

and followed it - though I don't think it's for Dovecot2 even though
it's on the portion of the Wiki for Dovecot v2..... lot's of
references to Dovecot v1 are mentioned and additionally some of the
syntax is not the same as Dovecot v2.

The Kerberos portion is up and running and tested! I'm using Kerberos
Heimdal instead of Kerberos5

This is what I've managed to hack together currently:

dovecot.conf:

# v1.1:
auth_ntlm_use_winbind = yes
# v1.2+:
auth_use_winbind = yes

auth_winbind_helper_path = /usr/bin/ntlm_auth
protocols = imap imaps

#protocols = imap

# It's nice to have separate log files for Dovecot. You could do this
# by changing syslog configuration also, but this is easier.
log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-info.log

# Disable SSL for now.
ssl = no
disable_plaintext_auth = no

# We're using Maildir format
#mail_location = maildir:~/Maildir
mail_location = mbox:/mail:INBOX=/mail/%u

# If you're using POP3, you'll need this:
#pop3_uidl_format = %g

# Authentication configuration:
auth_verbose = yes
auth_username_format = %Lu
#auth_mechanisms = plain
auth_mechanisms = plain ntlm login
#passdb {
#  driver = passwd-file
#  args = /usr/local/etc/dovecot/passwd
#}
#userdb {
#  driver = static
#  args = uid=root gid=root home=/root/
#  driver = static
#  args = uid=500 gid=500 home=/ZPOOL_1/%u
#}

userdb static {
   args= uid=501 gid=501 home=/mail/%1Ln/%Ln
   mail=maildir:/mail/%d/%1Ln/%Ln:INBOX=/mail/%d/%1Ln/%Ln
   allow_all_users=yes
}


If I try to start the dovecot service I get this error:

/usr/local/etc/rc.d/dovecot restart
doveconf: Fatal: Error in configuration file
/usr/local/etc/dovecot/dovecot.conf line 2: Unknown setting:
auth_ntlm_use_winbind
dovecot not running? (check /master.pid).
doveconf: Fatal: Error in configuration file
/usr/local/etc/dovecot/dovecot.conf line 2: Unknown setting:
auth_ntlm_use_winbind
usage: install [-bCcpSsv] [-B suffix] [-f flags] [-g group] [-m mode]
               [-o owner] file1 file2
       install [-bCcpSsv] [-B suffix] [-f flags] [-g group] [-m mode]
               [-o owner] file1 ... fileN directory
       install -d [-v] [-g group] [-m mode] [-o owner] directory ...
/usr/local/etc/rc.d/dovecot: WARNING: failed precmd routine for dovecot


Why doesn't Dovecot know about the auth_ntlm_use_winbind string?

Even from this link: http://wiki2.dovecot.org/Authentication/Mechanisms/Winbind

it shows that the string should work for version 2.....


Can anybody help?


Regards,


Kaya

More information about the dovecot mailing list