Dovecot & LDAP Take #2: Authentication failed and logging

David Scheele david.scheele2 at googlemail.com
Fri Feb 27 14:46:37 UTC 2015 

Hi there,

after banging my head against a wall for a bit I got more indepth with
dovecot and am now much more knowledgeable about the system than before.

But I still have two problems:

1.) For some reason my dovecot doesnt log correctly. I put debug_log to -1
and expected to see logs flooding in in my syslog. When I try to log in via
telnet over imap and the login succeeds it loggs correctly. But when it
fails there is no log entry. Any clue what might cause this?

And now the big fish:

2.) Still hanging to log a user in over telnet via imap. I'm pretty sure i
have misconfigured something. first of all:

2a.) Is the *passdb* and *userdb* ind the dovecot.conf still needed in the
newest version? It appears to me that all authing runs over the
*10-auth.conf*, *auth-ldap.conf.ext* and *dovecot-ldap.conf.ext *and the
passdb and userdb settings might just be remnants of the past? or am i
wrong here?

2b.) This is my config:

































*# 2.1.7: /etc/dovecot/dovecot.conf# OS: Linux 3.2.0-4-amd64 x86_64 Debian
7.8 ext4auth_mechanisms = plain logindefault_login_user =
vmaildisable_plaintext_auth = nofirst_valid_gid = 2222first_valid_uid =
2222listen = *mail_access_groups = vmailmail_debug = yesmail_location =
maildir:/var/vmail/%d/%npassdb {  args = scheme=SHA1 /etc/dovecot/passwd
driver = passwd-file}protocols = imapservice auth {  unix_listener
/var/spool/postfix/private/auth {    group = postfix    mode = 0660    user
= postfix  }  user = root}service imap-login {  process_min_avail = 1  user
= vmail}ssl = nouserdb {  args = uid=2222 gid=2222 home=/var/vmail/%d/%n
allow_all_users=yes  driver = static}*




*hosts = [
<http://mailserver.realsecure.de/>hostname].[domainname].dedebug_level =
-1auth_bind = yesauth_bind_userdn = cn=%u,ou=People,dc=**[domainname]*







*,dc=debase = ou=People,dc=[domainname],dc=deuser_attrs =
uidNumber=uiduser_filter = (&(objectClass=inetOrgPerson)(uid=%u))pass_attrs
= uid=user,userPassword=passwordpass_filter =
(&(objectClass=inetOrgPerson)(uid=%u))iterate_attrs =
uid=useriterate_filter = (objectClass=inetOrgPerson)*

The user I try to log in with is:

*cn=Klara Fall,ou=People,dc=[domainname],dc=de*
*objectclasses: inetOrgPerson, organizationalPerson, person,
simpleSecurityObject,top*
*sn=Fall*
*userPassword is set*
*mail: klara.fall@[domainname].de*
*uid: klarafall*

I want to try with auth bind because I think i understood whats going on
with that.

When i try to a login klarafall [password] it gives me
a NO [AUTHENTICATIONFAILED] Authentication failed.

Any clues? This would be much easier with logging... but see 1.) :)
I feel I'm not far from the finish line.

Best,
David

More information about the dovecot mailing list