Help with master user

Marcio Merlone marcio.merlone at a1.ind.br
Mon Nov 4 14:33:27 EET 2019


Pleeeease? :)

Em 01/11/2019 14:23, Marcio Merlone via dovecot escreveu:
>
> Hi,
>
> Trying to implement a master user (1) for auditing purposes without 
> luck. Ubuntu 18.04.3, canonical official repos only, no ppa nor 
> self-compiled anything. From the log below I understand the master 
> password succeeds but AD auth fails. I am pretty sure I missed 
> something here. Also, notice the messages "Ignoring unknown passdb 
> extra field: original_user".
>
> Log:
>
> Nov  1 14:02:32 netuno dovecot: auth: Debug: client in: 
> AUTH#0112#011PLAIN#011service=imap#011secured#011session=H2WM7kuWFKYKCQgI#011lip=10.9.8.8#011rip=10.9.8.8#011lport=143#011rport=42516#011resp=<hidden>
> Nov  1 14:02:32 netuno dovecot: auth: Debug: 
> passwd-file(master,10.9.8.8,master,<H2WM7kuWFKYKCQgI>): Master user 
> lookup for login: test.account
> Nov  1 14:02:32 netuno dovecot: auth: Debug: 
> passwd-file(master,10.9.8.8,master,<H2WM7kuWFKYKCQgI>): lookup: 
> user=master file=/etc/dovecot/master-users
> Nov  1 14:02:32 netuno dovecot: auth: 
> passwd-file(master,10.9.8.8,master,<H2WM7kuWFKYKCQgI>): Master user 
> logging in as test.account
> Nov  1 14:02:32 netuno dovecot: auth: 
> ldap(test.account,10.9.8.8,<H2WM7kuWFKYKCQgI>): invalid credentials
> Nov  1 14:02:34 netuno dovecot: auth: Debug: client passdb out: 
> FAIL#0112#011user=test.account#011authz#011original_user=master#011auth_user=master
> Nov  1 14:02:34 netuno dovecot: imap-login: Debug: Ignoring unknown 
> passdb extra field: original_user
> Nov  1 14:02:34 netuno dovecot: imap-login: Debug: Ignoring unknown 
> passdb extra field: auth_user
> Nov  1 14:02:42 netuno dovecot: imap-login: Aborted login (auth 
> failed, 1 attempts in 10 secs): user=<test.account>, method=PLAIN, 
> rip=10.9.8.8, lip=10.9.8.8, secured, session=<H2WM7kuWFKYKCQgI>
>
> doveconf -n:
>
> https://pastebin.com/3cAvfNqB
>
> root at netuno:/etc/dovecot# grep -v "^\s*#\|^\s*$" 
> /etc/dovecot/dovecot-ldap.conf.ext
> hosts = ad.example.net
> auth_bind = yes
> auth_bind_userdn = cn=%Lu,CN=Users,DC=ad,DC=example,DC=net
> base = DC=ad,DC=example,DC=net
> scope = base
> user_attrs = \
>         =home=/mnt/maildirs/%Lu, \
>         =uid=vmail,\
>         =gid=vmail
> user_filter = (&(objectClass=person)(uid=%Lu)(mail=*@example.net))
> root at netuno:/etc/dovecot#
>
> root at netuno:/etc/dovecot# cat /etc/dovecot/global-acls
> * user=master lr
> root at netuno:/etc/dovecot#
>
> (1) 
> https://doc.dovecot.org/configuration_manual/authentication/master_users/
>
> Best regards
>
> -- 
> *Marcio Merlone*
-- 
*Marcio Merlone*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20191104/d31baebb/attachment.html>


More information about the dovecot mailing list