Dovecot 2 LDAP "unknown user"

Steffen Kaiser skdovecot at smail.inf.fh-brs.de
Fri Nov 4 07:18:10 UTC 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 3 Nov 2016, Peter Fraser wrote:

> The command doveadm user -u username successfully returns the username and
> any information it can for the user in AD. As a matter of fact, I entered
> some home directory information in AD and this command returned the User's
> Home Directory as well. Is it a problem though that the telnet test won't
> work?

Hmm, I don't understand the question,

telnet xyz 143
1 login username password

must work in order to login via IMAP.

But you didn't answered the other question, see below

> On Thu, Nov 3, 2016 at 2:36 AM, Steffen Kaiser <
> skdovecot at smail.inf.fh-brs.de> wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> On Wed, 2 Nov 2016, Peter Fraser wrote:
>>
>> #Custom Settings
>>> hosts = 192.168.153.143
>>> dn = user at domain.com
>>> dnpass = password
>>> auth_bind = yes
>>> auth_bind_userdn = %u at domain.com
>>> ldap_version = 3
>>> base = dc=rpservices,dc=com
>>> #user_filter = (&(objectclass=person)(mail=%u))
>>> user_filter = (&(objectclass=person)(uid=%u))
>>> pass_filter = (&(objectclass=person)(uid=%u))
>>> user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002
>>>
>>
>> you wrote:
>>
>>> root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username
>>>>
>>>>> extra fields:
>>>>>  user=username
>>>>>
>>>>
>> is successful. Is user=username
>>                        ^^^^^^^   that same as the username in doveadm?


Here. You've posted mangled information only, so if the extra fields 
return another username, other tests are different.

>> What about:
>>
>>  doveadm user -u username
>>
>> ?
>>
>>
>> When I tried to log in again using telnet 127.0.0.1 110, the error shows up
>>> in maillog. I first tried logging in with just the username, then I tried
>>> using username at domain.com. Using doveadm still works though.
>>>
>>
>>
>>> BSD-11 dovecot: auth: ldap(peter,127.0.0.1,<B9qF8FNAT3x/AAAB>): unknown
>>> user
>>> Nov  2 11:29:23 BSD-11 dovecot: auth: Error:
>>> ldap(user,127.0.0.1,<B9qF8FNAT3x/AAAB>): user not found from userdb

what about here, is peter, appearing in the first line, the unmangled 
"user" here?

>>> Nov  2 11:29:23 BSD-11 dovecot: pop3: Error: Authenticated user not found
>>> from userdb, auth lookup id=226492417 (client-pid=874 client-id=1)
>>> Nov  2 11:29:23 BSD-11 dovecot: pop3-login: Internal login failure
>>> (pid=874
>>> id=1) (internal failure, 1 successful auths): user=<peter>, method=PLAIN
>>> Nov  2 11:30:42 BSD-11 dovecot: auth: ldap(user at domain.com): invalid
>>> credentials
>>> Nov  2 14:08:17 BSD-11 dovecot: auth:
>>> ldap(user,127.0.0.1,<4uLkKVZAvY9/AAAB>): invalid credentials
>>> Nov  2 14:09:38 BSD-11 dovecot: auth:
>>> ldap(user at domain.com,127.0.0.1,<4uLkKVZAvY9/AAAB>):
>>> invalid credentials
>>> Nov  2 14:11:00 BSD-11 dovecot: pop3-login: Disconnected: Inactivity (auth
>>> failed, 2 attempts in 163 secs): user=<user at domain.com>
>>>
>>> On Wed, Nov 2, 2016 at 4:39 AM, Steffen Kaiser <
>>> skdovecot at smail.inf.fh-brs.de> wrote:
>>>
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>> Hash: SHA1
>>>>
>>>> On Tue, 1 Nov 2016, Peter Fraser wrote:
>>>>
>>>> root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username
>>>>
>>>>> Password:
>>>>> passdb: user auth succeeded
>>>>> extra fields:
>>>>>  user=username
>>>>> root at BSD-11:/usr/local/etc/dovecot #
>>>>>
>>>>> But when I run telnet 127.0.0.1 110 and try to log in it says unknown
>>>>> user.
>>>>> Error below in maillog.
>>>>> BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb,
>>>>> auth
>>>>> lookup id=2262958081 (client-pid=2273 client-id=1)
>>>>> Nov  1 15:15:41 BSD-11 dovecot: pop3-login: Internal login failure
>>>>> (pid=2273 id=1) (internal failure, 1 successful auths): user=
>>>>>
>>>>>
>>>> passdb {
>>>>
>>>>>  args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext
>>>>>  driver = ldap
>>>>> }
>>>>>
>>>>>
>>>> userdb {
>>>>
>>>>>  args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext
>>>>>  driver = ldap
>>>>> }
>>>>>
>>>>>
>>>> #Contents of dovecot-ldap.conf.ext
>>>>
>>>>> hosts = 192.168.153.143
>>>>> dn = user at domain.com
>>>>> dnpass = password
>>>>> auth_bind = yes
>>>>> auth_bind_userdn = domain\%u
>>>>> ldap_version = 3
>>>>> base = dc=domain,dc=com
>>>>> pass_filter = (&(objectclass=person)(uid=%u))
>>>>> user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002
>>>>>
>>>>>
>>>> duplicate pass_filter to user_filter.
>>>>
>>>> - -- Steffen Kaiser
>>>> -----BEGIN PGP SIGNATURE-----
>>>> Version: GnuPG v1
>>>>
>>>> iQEVAwUBWBm0Onz1H7kL/d9rAQJWhQf+PRD5yd29UyL1drjlTOWD/s4qUffg8OBh
>>>> inb8L3eCKDuSad8s9INUJSa6WxGEVdatL4PKjTcbL5IsPIob87W5jOduWFMtPlt0
>>>> FXxWtfc1bAjRyNLzkGe1mUT1z0EDVO22UkQSd9J3bZQ9wR+FzgeGqdcyzl+WSyzB
>>>> Eaiea23ieCjhZRAZF/pl1gDjkap+tPQ8gZLdt4p1QQrY5Jllifu5jYEyjqPkwUXf
>>>> YMfEiCJSInyMQ8CCuL1Aj8iM/7qLLi8pyC9KSA6NntK4mpHAaInYln6SZY+ZGJCY
>>>> KV60nGuwwv3qQFeKchhhr+GpGDQYXJ5eBq+Ji+cKgvbypFa13NNS8A==
>>>> =l02F
>>>> -----END PGP SIGNATURE-----
>>>>
>>>>
>>>
>> - -- Steffen Kaiser
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1
>>
>> iQEVAwUBWBrpDnz1H7kL/d9rAQKwzggAnJz4LR0SXVWSFdSDrKYs40IEN/ko/4el
>> D7/4q4lVBo9dntf+NeGS1JxttebiN7ng4F5pm841Z0l7acj6z8HzMCr11Voqbuy7
>> 4WJirG2DnwmzxZRi1M86QGqXWU00jhFplSvZfWhX8uQasmp1FqV3hhUMmcTFfXTX
>> DqtFali5ymUPV87XU2hZEtpe3jkBdjWmmHW8gVfSXVXBcRBa96+12FEOwONLVVcQ
>> VGZRb6XxWexRcwAo4NY+NfqcM3OEGC4AZgfqBsWnZOUhijnw+ffbu4YL8aZBIGlB
>> P78R0N0DtpRAToRJYvr00OMk27dkHU+0Ock/cFUr6H1cYXHBsfvO2A==
>> =lz82
>> -----END PGP SIGNATURE-----
>>
>

- -- 
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEVAwUBWBw2Mnz1H7kL/d9rAQKpQwf/YQnMaR+j3qyQBxrMi239bgmWksieVkCb
seScL3JN7pWE4PYQ9qduQW2vEmzHKplCpkmNd0Q8xLee4KR8J4aaZy45Mhbjbk4a
RMSGAS1+Z11WZM/ipCiKqyaCo12zSK0/8Q+ozZ7KUR1hajDjTEZ5hoR3icUrWV8Q
BQXzdGhs7DLfjDWxtnmvW2LVR640h3n855TDmDMpeFpj8BNuVh5vu4JJWxSysaYN
FYj0RGuIFvUb134f1YACEF97zXGdV09hSqJw8qcVNQgtvO85/gBZwlPJfF3WNHvw
CV3KcZVxk8E2wKoz6b7j6cT5nohJD1bvVgT+autGGcsgVMWWoo3WWQ==
=6ZWZ
-----END PGP SIGNATURE-----


More information about the dovecot mailing list