"Temporary authentication failure" ? Cant connect with ldap user

David Scheele david.scheele2 at googlemail.com
Tue Feb 24 09:23:14 UTC 2015


The ldap-utils were already installed.
I did the ldapsearch you gave me, but after inputting my admin password it
gives me
*ldap_bind: Invalid credentials (49)*
I logged into the ldap server with my admin credentials (which worked fine)
and changed my password to '12345', Trying that, still *Invalid credentials*
.

1.) I tried that already. The error switches to syntax error then.
2.) Not really. An upper case letter and a number + various lowercase
letters. Not very exotic.

Is the pass_filter neccessary? I just wanted to make the installation as
basic as possible, to not get any unwanted errors.

Best,
David

2015-02-24 10:02 GMT+01:00 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de>:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Tue, 24 Feb 2015, David Scheele wrote:
>
>> 2015-02-24 8:05 GMT+01:00 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de>:
>>
>>> On Mon, 23 Feb 2015, David Scheele wrote:
>>>
>>>  So, I set up the Server, installed and configured postfix, ldap and
>>>
>>>> dovecot
>>>> (in that order) and now simply try to log into the mail account with a
>>>> used
>>>> from the LDAP over telnet.
>>>>
>>>> The test looks like this:
>>>>
>>>> *|> telnet localhost 143*
>>>> *| a bunch of stuff ending with:*
>>>> *| OK [**] Dovecot ready.*
>>>> *|> a login username userpassword*
>>>> *| a NO [UNAVAILABLE] Temporary authentication failure. [host and date
>>>> here]*
>>>>
>>>> In the logs it says
>>>>
>>>> *|[date] mailserver dovecot: auth: Error: LDAP: binding failed (dn
>>>> cn=admin): Invalid credentials*
>>>>
>>>> But I KNOW the admin password I entered into the dovecot-lda.conf.ext is
>>>> correct as I use it to log into the LDAP directory over jxplorer
>>>>
>>>> I also know the password for the user i try to log in with is correct
>>>> as i
>>>> set it myself over and over just to be sure there are no typos.
>>>> I'm at a loss, I've been at this end for a few days now and can't find
>>>> good
>>>> tutorials online because its either always an old dovecot, postfix, ldap
>>>> or
>>>> debian version and somewhere in the middle it just stops because some
>>>> file
>>>> is completely missing. I get the impression I'm just not able-brained
>>>> for
>>>> linux useage.
>>>>
>>>> Anyway, here are a few more informations about the system:
>>>>
>>>> *Dovecot version 2.1.7*
>>>>
>>>> Output of grep -v '^ *\(#.*\)\?$' dovecot-ldap.conf.ext:
>>>> *hosts = localhost*
>>>> *dn = cn=admin*
>>>> *dnpass = [password]*
>>>>
>>>
> install the ldap-utils package - that one containing ldapsearch - and
> execute:
>
> ldapsearch -W -D cn=admin -b 'dc=[domainname],dc=de' \
> '(&(objectClass=posixAccount)(uid=<<uid>>))'
>
> then enter your password.
>
> 1) I suppose, cn=admin is missing a domain name, e.g.
> dc=[domainname],dc=de .
>
> 2) does your dnpass contain "funny" characters?
>
>  *sasl_bind = no*
>>>> *tls = no*
>>>> *auth_bind = yes*
>>>> *ldap_version = 3*
>>>> *base = dc=[domainname],dc=de*
>>>> *user_attrs = uidNumber=uid,gidNumber=gid*
>>>> *user_filter = (&(objectClass=posixAccount)(uid=%u))*
>>>> *pass_attrs = uid=user,userPassword=password*
>>>>
>>>
> BTW: You do not habe no pass_filter or I deleted it last time.
>
>
>
>>>> Output of dovecot -n:
>>>>
>>>> *disable_plaintest_auth = no*
>>>> *mail_location = mbox:~/mail:INBOX=/var/mail/%u*
>>>> *[namespace config here]*
>>>>
>>>> *passdb {*
>>>> *args = /etc/dovecot/dovecot-ldap.conf.ext*
>>>>
>>>>                         ^^^^^^^^^^^^^^^^^^^^
>>>
>>> filename mismatch
>>>
>>>  *driver = ldap*
>>>
>>>> *}*
>>>> *plugin {*
>>>> *sieve = ~/.dovecot.sieve*
>>>> *sieve_dir = ~/sieve*
>>>> *}*
>>>>
>>>> *protocols = " imap pop3"*
>>>> *ssl_cert = </etc/dovecot/dovecot.pem*
>>>> *ssl_key = </etc/dovecot/private/dovecot.pem*
>>>> *userdb {*
>>>> *args = /etc/dovecot/dovecot-ldap.conf.ext*
>>>> *driver =ldap*
>>>> *}*
>>>> *protocol pop3 {*
>>>> *pop3_client_workarounds = outlook-no-nuls oe-ns-eoh*
>>>> *pop3_uidl_format = %08Xu%08Xv*
>>>> *}*
>>>>
>>>> Any help would be greatly apprechiated.... I'm going crazy over here.
>>>>
>>>> Thanks in advance,
>>>> David
>>>>
>>>>
>>>>  - -- Steffen Kaiser
>>> -----BEGIN PGP SIGNATURE-----
>>> Version: GnuPG v1
>>>
>>> iQEVAwUBVOwixXz1H7kL/d9rAQJxAgf/dNt0dBGANbIGvm6B0Oeuna/+uY5/7MR8
>>> 9EpFwss94eu4PyFgAfOm2Al+IOT98LP1N9OHs3Za2r/2W7LKaesgjCa3vBfH9IjZ
>>> okUj7fsQXsTAM+UqtF+ne3f5Vp6Ng36Irabr5HLptlbIu3lq8ALMm/E/72TabVLl
>>> Lln7bB/YFftnrTlI2HheRLnAwSOMHu4rNE7G9zLqiPEipD5XsqgDBPpAM6PwPmbi
>>> k/irSUgq8h4b66LCzo6Ekv6lvKzWxQpzJo0MC99HT0syAP/qpyLbPARhQvDXCH7J
>>> wvf/T19EAt+OC4zzfIPgL2YxRP5ZN5efr82NLYdiMVfAcBaDHaFWTA==
>>> =8upy
>>> -----END PGP SIGNATURE-----
>>>
>>>
>>
> - -- Steffen Kaiser
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQEVAwUBVOw+O3z1H7kL/d9rAQIaZAf+MTnOlpm92TbjdWLCNp3THyjUHMaHDmHt
> /EuAXa7P0r16tuBHXNuWAohSzG80ZF6ALxg1EhtFkFdH/VtrnyqZ0L6imahcXbhe
> QnwMA1R4PK1+K7ckUisg8Pkv+3hXPrMyjvOyqMUwOTmlwG6PjHNaX7LxthDQNTu4
> 0PjXVZ0IBGlBPTyra/9l81K5j/vw0qfvVF4ycWAFV7An/dqM3nYBnqkBTziqozNs
> wdhYWFQqApE/pGOe6TbFGeDEiE9PXVTue4G/H9VGe8GKu/ctlp0mtaRN7x84h5dO
> bqshRfVouSIOhK5jynJMH/T142URGKYGGaS7evCVfwNsRkOcdWJm+g==
> =W7kX
> -----END PGP SIGNATURE-----
>


More information about the dovecot mailing list