ldap passdb auth on proxy

telsch telsch at gmx.de
Fri Aug 2 20:48:34 EEST 2019


using successfully active/active replica. trying to add a proxy node in
front. this proxy node should do the auth with the same ldap passdb
settings as the replica in addition (later with kerberos). so i add to
10-auth.conf on the proxy:

	  default_fields = proxy=y host=imap.myserver.lan port=993

any idea why on the backend the user is empty in the logs?

on the proxy:

imap-login: Error: proxy(myuser): Login for imap.myserver.lan:993 timed
out in state=/none (after 30 secs, local=myip:45834): user=<myuser>,
method=PLAIN, rip=myip, lip=myip, TLS, session=<M1JtpiSPGNOsEQED>
imap-login: Info: Aborted login (internal failure, 2 successful auths):
user=<myuser>, method=PLAIN, rip=myip, lip=myip, TLS,
session=<M1JtpiSPGNOsEQED>

on the backend:

imap-login: Error: proxy(myuser): Login for imap.myserver.lan:993 timed
out in state=/none (after 30 secs, local=myip:47622): user=<myuser>,
method=PLAIN, rip=myip, lip=myip, TLS, session=<gVxZhCSPftGsEQED>
imap-login: Info: Disconnected (no auth attempts in 30 secs): user=<>,
rip=myip, lip=imap.myserver.lan, TLS handshaking: SSL_accept() syscall
failed: Success, session=<7XIkhiSPBrpfrWbS>


More information about the dovecot mailing list