Problem with LDAP... again...

Luca Bertoncello lucabert at
Tue Jun 23 09:29:29 UTC 2015

Hi list!

I'm always trying to configure Dovecot to ask our LDAP-Server (AD) in  
order to authenticate the users.
I really don'know what can I do wrong...

I configured my Dovecot so:

hosts =
dn = CN=mailproxy,CN=Users,DC=company,DC=local
dnpass = SECRET
sasl_bind = no
tls = no
debug_level = -1
auth_bind = yes
ldap_version = 3
base = dc=company,dc=local
deref = never
scope = subtree
user_filter = (&(sAMAccountName=%n)(objectClass=user))
pass_attrs = userPassword=password
pass_filter = (&(samAccountName=%n)(objectClass=user))
default_pass_scheme = CRYPT

If I try to login in, with my login and password, I see with ngrep  
that Dovecot ask the AD for my data AND GET THEM, then I see:

T -> [AP]"DC=DomainDnsZones,DC=company,DC=local................4....samAccountName..bertoncello....objectClass..user0.
T -> [AP]
   0........e................000004DC: LdapErr: DSID-0C0906E8,  
comment: In order to perform this operation a successful bind must be  
completed on the connection., data 0, v1db1.

This is what I see in Dovecot's log:

Dipl. Inf. Luca Bertoncello
Hartigstraße 12
01127 Dresden
Tel:    +49 351 4977290
Mobile: +49 177 3218409
Fax:    +49 351 4977291
E-Mail: lucabert at

More information about the dovecot mailing list