[Dovecot] LDAP authentication

val john valjohn1647 at gmail.com
Fri Apr 19 15:42:29 EEST 2013


Hi guys im new to dovecot , and im trying to authenticate dovecot to LDAP


this my configuration

dovecot --version

1.2.15

dovecot -n

# 1.2.15: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.5
log_timestamp: %Y-%m-%d %H:%M:%S
protocols: imap pop3
login_dir: /var/run/dovecot/login
login_executable(default): /usr/lib/dovecot/imap-login
login_executable(imap): /usr/lib/dovecot/imap-login
login_executable(pop3): /usr/lib/dovecot/pop3-login
mail_privileged_group: mail
mail_location: mbox:~/mail:INBOX=/var/mail/%u
mbox_write_locks: fcntl dotlock
mail_executable(default): /usr/lib/dovecot/imap
mail_executable(imap): /usr/lib/dovecot/imap
mail_executable(pop3): /usr/lib/dovecot/pop3
mail_plugin_dir(default): /usr/lib/dovecot/modules/imap
mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap
mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3
auth default:
  verbose: yes
  debug: yes
  passdb:
    driver: pam
  passdb:
    driver: ldap
    args: /etc/dovecot/dovecot-ldap.conf
  userdb:
    driver: passwd
  userdb:
    driver: ldap
    args: /etc/dovecot/dovecot-ldap.conf


*Out put of  dovecot-ldap.conf* file


uris = ldap://ldap.example.com:389
dn = cn=admin,dc=example,dc=com
dnpass = abc
tls = no
ldap_version = 3
base = ou=users,dc=example,dc=com
scope = subtree
user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid
user_filter = (&(objectClass=inetOrgPerson)(uid=%u))
pass_attrs = uid=user,userPassword=password
pass_filter = (&(objectClass=inetOrgPerson)(uid=%u))

*
*
*Out put of LDAP , *

# Entry 1: uid=userone,ou=users,dc=example,dc=com
dn: uid=userone,ou=users,dc=example,dc=com
cn: Firtname Lastname
displayname: Firtname Lastname
givenname: Firstname
mail: userone at example.com
objectclass: inetOrgPerson
objectclass: top
sn: Lastname
uid: userone
userpassword: {SHA}0P/ssspVCIZx8+tVsss=


but authentication fails with the follwing error  ,  Please Advice

Apr 19 08:18:48 localhost dovecot: auth(default): client in:
AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=38734#011resp=<hidden>
Apr 19 08:18:48 localhost dovecot: auth-worker(default):
pam(userone,127.0.0.1): lookup service=dovecot
Apr 19 08:18:48 localhost dovecot: auth-worker(default):
pam(userone,127.0.0.1): #1/1 style=1 msg=Password:
Apr 19 08:18:49 localhost dovecot: auth(default): new auth connection: pid=7517
Apr 19 08:18:50 localhost dovecot: auth-worker(default):
pam(userone,127.0.0.1): pam_authenticate() failed: Authentication
failure (password mismatch?)
Apr 19 08:18:50 localhost dovecot: auth(default):
ldap(userone,127.0.0.1): pass search: base=ou=users,dc=example,dc=com
scope=subtree filter=(uid=userone) fields=uid,userPassword
Apr 19 08:18:50 localhost dovecot: auth(default):
ldap(userone,127.0.0.1): result: uid(user)=userone
userPassword(password)=<hidden>
Apr 19 08:18:50 localhost dovecot: auth(default): client out:
OK#0111#011user=userone
Apr 19 08:18:50 localhost dovecot: auth(default): master in:
REQUEST#0111#0117514#0111
Apr 19 08:18:50 localhost dovecot: auth(default):
passwd(userone,127.0.0.1): lookup
Apr 19 08:18:50 localhost dovecot: auth(default):
passwd(userone,127.0.0.1): unknown user
Apr 19 08:18:50 localhost dovecot: auth(default):
ldap(userone,127.0.0.1): user search: base=ou=users,dc=example,dc=com
scope=subtree filter=(uid=userone)
fields=homeDirectory,uidNumber,gidNumber
Apr 19 08:18:51 localhost dovecot: auth(default):
ldap(userone,127.0.0.1): no fields returned by the server
Apr 19 08:18:51 localhost dovecot: auth(default): master out:
USER#0111#011userone
Apr 19 08:18:51 localhost dovecot: dovecot: User userone is missing
UID (see mail_uid setting)
Apr 19 08:18:51 localhost dovecot: imap-login: Internal login failure
(auth failed, 1 attempts): user=<userone>, method=PLAIN,
rip=127.0.0.1, lip=127.0.0.1, secured


More information about the dovecot mailing list