[Dovecot] userdb with LDAP

Tobi tobster at brain-force.ch
Fri Sep 6 20:55:43 EEST 2013 

As expected it was human error :-)
I never checked the form of the uid in LDAP. I just asumed it has to be 
user at domain.tld but it was only user
So dovecot was perfectly right in not finding any matching record. After 
changing the form of the uid generation for LDAP to user at domain.tld I 
found that my user_attrs and pass_attrs were simply wrong. So changed to

pass_attrs = =password=,=proxy=y,=nopassword=y,mailhost=host

and commented user_attrs (seems not needed for proxy only)

tobi

Am 06.09.2013 13:43, schrieb Tobi:
> Hi list
>
> I currently having troubles to "connect" dovecot (for proxy) to an
> existing LDAP.
> If I got the dovecot wiki right only userdb is needed for a proxy setup
> where the proxy does not authenticate but just forward to the backend
> for authentication.
>
> So I setup the following in dovecot-ldap.conf.ext
>
> user_attrs = =password,=y=nopasswd,=y=proxy,mailHost=host
> user_filter = (&(objectClass=posixAccount)(uid=%u))
>
> There is a field mailHost in LDAP which defines the correct backend for
> the user
>
> and defined userdb in auth-ldap.conf.ext
>
> userdb {
>    driver = ldap
>    args = /etc/dovecot/dovecot-ldap.conf.ext
> }
>
> the same config again in auth-system.conf.ext
>
> The problem is that dovecot always reports back that the user is
> unknown. I turned on ldap debug and got the following
>
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Debug: ldap(tobi.szyndler at datapark.li,213.196.149.1,<88FSBrXlSQDVxJUB>): pass search: base=dc=datapark,dc=li scope=subtree filter=(&(objectClass=posixAccount)(uid=tobi.szyndler at datapark.li)) fields=mailHost
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_search
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_filter: "(&(objectClass=posixAccount)(uid=tobi.szyndler at datapark.li))"
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_filter: AND
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_filter_list "(objectClass=posixAccount)(uid=tobi.szyndler at datapark.li)"
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_filter: "(objectClass=posixAccount)"
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_filter: simple
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_simple_filter: "objectClass=posixAccount"
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_filter: "(uid=tobi.szyndler at datapark.li)"
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_filter: simple
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_simple_filter: "uid=tobi.szyndler at datapark.li"
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_build_search_req ATTRS: mailHost
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_send_initial_request
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_send_server_request
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_result ld 0x7fbc43fb4110 msgid -1
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: wait4msg ld 0x7fbc43fb4110 msgid -1 (timeout 0 usec)
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: wait4msg continue ld 0x7fbc43fb4110 msgid -1 all 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ** ld 0x7fbc43fb4110 Connections:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: * host: 213.196.149.116  port: 389  (default)
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:   refcnt: 2  status: Connected
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:   last used: Fri Sep  6 13:06:10 2013
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ** ld 0x7fbc43fb4110 Outstanding Requests:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:  * msgid 4,  origid 4, status InProgress
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:    outstanding referrals 0, parent count 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:   ld 0x7fbc43fb4110 request count 1 (abandoned 0)
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ** ld 0x7fbc43fb4110 Response Queue:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:    Empty
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:   ld 0x7fbc43fb4110 response count 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_chkResponseList ld 0x7fbc43fb4110 msgid -1 all 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fbc43fb4110 NULL
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_int_select
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: read1msg: ld 0x7fbc43fb4110 msgid -1 all 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: read1msg: ld 0x7fbc43fb4110 msgid 4 message type search-result
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: read1msg: ld 0x7fbc43fb4110 0 new referrals
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: read1msg:  mark request completed, ld 0x7fbc43fb4110 msgid 4
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: request done: ld 0x7fbc43fb4110 msgid 4
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: res_errno: 0, res_error: <>, res_matched: <>
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_free_request (origid 4, msgid 4)
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_parse_result
> Sep  6 13:06:10 kolab-frontend dovecot: auth: ldap(tobi.szyndler at datapark.li,213.196.149.1,<88FSBrXlSQDVxJUB>): unknown user
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Debug: ldap(tobi.szyndler at datapark.li,213.196.149.1,<88FSBrXlSQDVxJUB>): pass search: base=dc=datapark,dc=li scope=subtree filter=(&(objectClass=posixAccount)(uid=tobi.szyndler at datapark.li)) fields=mailHost
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_search
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_filter: "(&(objectClass=posixAccount)(uid=tobi.szyndler at datapark.li))"
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_filter: AND
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_filter_list "(objectClass=posixAccount)(uid=tobi.szyndler at datapark.li)"
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_filter: "(objectClass=posixAccount)"
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_filter: simple
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_simple_filter: "objectClass=posixAccount"
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_filter: "(uid=tobi.szyndler at datapark.li)"
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_filter: simple
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: put_simple_filter: "uid=tobi.szyndler at datapark.li"
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_build_search_req ATTRS: mailHost
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_send_initial_request
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_send_server_request
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_msgfree
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_result ld 0x7fbc43fb4110 msgid -1
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: wait4msg ld 0x7fbc43fb4110 msgid -1 (timeout 0 usec)
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: wait4msg continue ld 0x7fbc43fb4110 msgid -1 all 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ** ld 0x7fbc43fb4110 Connections:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: * host: 213.196.149.116  port: 389  (default)
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:   refcnt: 2  status: Connected
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:   last used: Fri Sep  6 13:06:10 2013
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ** ld 0x7fbc43fb4110 Outstanding Requests:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:  * msgid 5,  origid 5, status InProgress
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:    outstanding referrals 0, parent count 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:   ld 0x7fbc43fb4110 request count 1 (abandoned 0)
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ** ld 0x7fbc43fb4110 Response Queue:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:    Empty
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:   ld 0x7fbc43fb4110 response count 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_chkResponseList ld 0x7fbc43fb4110 msgid -1 all 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fbc43fb4110 NULL
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_int_select
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_result ld 0x7fbc43fb4110 msgid -1
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: wait4msg ld 0x7fbc43fb4110 msgid -1 (timeout 0 usec)
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: wait4msg continue ld 0x7fbc43fb4110 msgid -1 all 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ** ld 0x7fbc43fb4110 Connections:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: * host: 213.196.149.116  port: 389  (default)
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:   refcnt: 2  status: Connected
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:   last used: Fri Sep  6 13:06:10 2013
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ** ld 0x7fbc43fb4110 Outstanding Requests:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:  * msgid 5,  origid 5, status InProgress
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:    outstanding referrals 0, parent count 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:   ld 0x7fbc43fb4110 request count 1 (abandoned 0)
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ** ld 0x7fbc43fb4110 Response Queue:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:    Empty
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:   ld 0x7fbc43fb4110 response count 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_chkResponseList ld 0x7fbc43fb4110 msgid -1 all 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fbc43fb4110 NULL
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_int_select
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: read1msg: ld 0x7fbc43fb4110 msgid -1 all 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: read1msg: ld 0x7fbc43fb4110 msgid 5 message type search-result
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: read1msg: ld 0x7fbc43fb4110 0 new referrals
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: read1msg:  mark request completed, ld 0x7fbc43fb4110 msgid 5
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: request done: ld 0x7fbc43fb4110 msgid 5
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: res_errno: 0, res_error: <>, res_matched: <>
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_free_request (origid 5, msgid 5)
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_parse_result
> Sep  6 13:06:10 kolab-frontend dovecot: auth: ldap(tobi.szyndler at datapark.li,213.196.149.1,<88FSBrXlSQDVxJUB>): unknown user
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_msgfree
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_result ld 0x7fbc43fb4110 msgid -1
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: wait4msg ld 0x7fbc43fb4110 msgid -1 (timeout 0 usec)
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: wait4msg continue ld 0x7fbc43fb4110 msgid -1 all 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ** ld 0x7fbc43fb4110 Connections:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: * host: 213.196.149.116  port: 389  (default)
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:   refcnt: 1  status: Connected
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:   last used: Fri Sep  6 13:06:10 2013
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ** ld 0x7fbc43fb4110 Outstanding Requests:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:    Empty
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:   ld 0x7fbc43fb4110 request count 0 (abandoned 0)
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ** ld 0x7fbc43fb4110 Response Queue:
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:    Empty
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error:   ld 0x7fbc43fb4110 response count 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_chkResponseList ld 0x7fbc43fb4110 msgid -1 all 0
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fbc43fb4110 NULL
> Sep  6 13:06:10 kolab-frontend dovecot: auth: Error: ldap_int_select
>
> I'm pretty sure that the error is 30cm in front of the screen :-) but I
> really don't see the problem
>
> Any help is highly appreciated
> Thanks
>
> tobi
>
>

More information about the dovecot mailing list