My dovecot works fine against Active Directory 2003, but not against AD2008

Mark Foley mfoley at ohprs.org
Sat Sep 12 06:31:14 UTC 2015 

Fran - thanks for your reply. I'm cc'ing you directly on this as well as posting
to the list as I'm not sure how often you check the list and I'm down to hanging
by my last fingernail on this project.

I have some preliminary questions interspersed below.

Thanks, --Mark

-----Original Message-----
> Subject: Re: My dovecot works fine against Active Directory 2003, but not
> 	against AD2008
> To: dovecot at dovecot.org
> From: Fran <cumc-4361-2 at chguadalquivir.es>
> Date: Thu, 10 Sep 2015 13:26:21 +0200
>
> Hi Mark,
>
> when I say AD 2003/8 I mean Active Directory 2003/8.

Hmmm, I've not heard of "Active Directory 2003" or 2008.  The year numbers
indicated to me you might be talking about Windows Small Business Server 2003 or
2008.  Is your AD Server Windows? Linux? Something else? I'm using Samba4 AD/DC
on Linux. 

>
> My configuration is attached.

Thank you very much for that. If I make some headway, I'll likely have more
questions on specifics.

>
> I based my installation (dovecot+postfix) in the guides of this site:
> http://www.linuxmail.info
>
> The LDAP part is this:
> http://www.linuxmail.info/postfix-dovecot-ldap-centos-5/

If you were able to make sense out of these sites' tiny screen-shots and one-line
descriptions my hat's off to you. "Your a better man that I am Gunga-Din!" If
there was more detailed narrative somewhere I couldn't find it. Also, I don't
have jXplorer on my system, so probably I couldn't get too far anyway.

BIG QUESTIONS:

1. Are you using MS Outlook IMAP clients in your environment? If so, how are you
making them connect with LDAP? By checking the SPA checkbox?

2.  The mail_gid/mail_uid as vmail confuses me.  I see that setting a lot,
including in your config.  http://wiki2.dovecot.org/VirtualUsers says, "You can
create, for example, one vmail user which owns all the mails, or you can assign
a separate UID for each user." I have assigned a separte UID for each based on
the UID returned by `wbinfo -u <username>`.  Does assigning separate UIDs mess
up my ability to adapt your configuration?

little questions:

3. I'm not planning on using quotas. Can I safely omit your mail_plugins = " quota"
setting and all your plugin { quota_...} settings? I want to be as simple as
possible to start.

4. Likewise, dovecot seems to be able to find users' mailboxes just fine. Can I
omit the namespace inbox {} setting?

These may seem like amaturish questions, but little details have foiled me a lot
on this Dovecot project. 

If I feel confident with the answers you provide here, I'll move on to trying
some things.

Thanks a lot for your help!!!

--Mark

>
> You can also use PAM to connect to AD
> (http://www.linuxmail.info/active-directory-dovecot-pam-authentication/)
> but that way doesn't allow to retrieve custom fields from the AD (ex. a
> field to set quota per user), so I'm using the standard LDAP method.
>
> Regards
>
> El 10/09/2015 a las 4:51, Mark Foley escribió:
> > Fran and/or Matthias,
> >
> > Could you publish your doveconf -n? I can't get dovecot to authenticate with my
> > AD. Maybe you have a solution I could try.
> >
> > What mail client(s) are you using? I assume by "AD 2003/8" You mean SBS2003/8
> > and are therefore using Outlook?
> >
> > --Mark
> >
> > -----Original Message-----
[deleted]

More information about the dovecot mailing list