[Dovecot] Fw: Cannot Authenticate via LDAP

Alex Crow acrow at integrafin.co.uk
Tue Jun 4 20:34:45 EEST 2013


That can't be the full output of doveconf -n can it?

You need to define (examples from my configs using qmail schema; your 
values will probably be different if you are using AD or openLDAP with a 
different mail schema)

user_attrs = homeDirectory=home,mailMessageStore=mail
user_filter = (&(objectClass=qmailUser)(mail=%u))
pass_attrs = 
pass_filter = (&(objectClass=qmailUser)(mail=%u))

Also look at the auth_bind parameter. Mine is "yes" because I'm using 
userdb prefetch as you can see from the pass_attrs param.

And you probably need to set up virtual users as well!



On 04/06/13 17:44, Christian Wiese wrote:
> Hello Christian,
> I tried what you suggested by adding "REFERALS off"
> to /etc/ldap/ldap.conf and restarting slapd and dovecot, but the error
> persists.
> On Tue, Jun 4, 2013 at 7:56 AM, Christian Wiese <
> christian.wiese at securepoint.de> wrote:
>> Hi Ron,
>> I didn't had the time to check all logs but the error log.
>> First thing you should check if there are LDAP REFFERALS enabled in
>> the systems ldap.conf.
>> I had a similar looking issue and it took me a good amount of time to
>> figure out that I had to disable LDAP REFFERALS globally.
>> This happened when using an AD as LDAP backend, but also applies to
>> Samba4 as you can see in the following mailing list thread:
>> http://dovecot.markmail.org/message/mjurv4fp4w65u2ib?q=Dovecot+LDA+LDAP+lookups+on+samba4+server+ends+very+often+in+timeouts
>> The settings within the systems ldap.conf might influence dovecot,
>> because libldap (openldap) functions might read the global ldap.conf
>> settings.
>> Hope that helps.
>> Cheers,
>> Chris
>> Am Tue, 4 Jun 2013 05:50:16 -0400
>> schrieb Ron Scott-Adams <ron at tohuw.net>:
>>> a login tohuw [myPassword] returns "NO [AUTHENTICATIONFAILED]
>>> Authentication failed." I believe I'm missing a configuration
>>> detail, but what?
>>> info.log: http://pastebin.ca/2388873
>>> debug.log: http://pastebin.ca/2388872
>>> error.log: http://pastebin.ca/2388871
>>> dovecot -n: http://pastebin.ca/2388870
>>> dovecot-ldap.conf.ext summary: http://pastebin.ca/2388867

More information about the dovecot mailing list