Winbind auhentication
Luciano Mannucci
luciano at vespaperitivo.it
Fri Mar 10 20:05:16 UTC 2023
On Fri, 10 Mar 2023 14:22:26 -0500
"John Stoffel" <john at stoffel.org> wrote:
> Now you don't say if your local user account works or not,
> but I'd work on getting just the AD part (really, you're using
> windind?) first.
Yes the local user works.
> Also, have you compared your postfix and dovecot setups? There are
> good docs out there on how you combine them to use the same
> authentication backend.
Well, postfix doesn't need to authenticate users: it accepts all if
it comes from mynetworks.
I know it is not wise; it is just a test to explore single sign on
with didderent sources.
> And the info you posted really don't help much, since you don't post
> any log messages from when the authentication fails. That will tell
> you more I'm sure.
Apologies, you are absolutely right. Here they are:
Mar 10 14:59:12 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth
Mar 10 14:59:12 auth: Debug: Module loaded: /usr/local/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
Mar 10 14:59:12 auth: Debug: Read auth token secret from /var/run/dovecot/auth-token-secret.dat
Mar 10 14:59:12 auth: Debug: auth client connected (pid=4221)
Mar 10 14:59:25 auth: Debug: client in: AUTH 1 PLAIN service=pop3 session=yQtBK4z2lOzAqIoP lip=192.168.138.18 rip=192.168.138.15 lport=110 rport=60564 resp=AG1jcwBrYXE5LnBpcA== (previous base64 data may contain sensitive data)
Mar 10 14:59:25 auth: Debug: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Performing passdb lookup
Mar 10 14:59:25 auth: Debug: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): cache miss
Mar 10 14:59:25 auth-worker(4223): Debug: Loading modules from directory: /usr/local/lib/dovecot/auth
Mar 10 14:59:25 auth-worker(4223): Debug: Module loaded: /usr/local/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): Server accepted connection (fd=13)
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): Sending version handshake
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<1>: Handling PASSV request
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<1>: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Performing passdb lookup
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<1>: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): lookup
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<1>: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Finished passdb lookup
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<1>: Finished
Mar 10 14:59:25 auth: Debug: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Finished passdb lookup
Mar 10 14:59:25 auth: Debug: auth(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Auth request finished
Mar 10 14:59:25 auth: Debug: client passdb out: OK 1 user=mcs
Mar 10 14:59:25 auth: Debug: master in: REQUEST 980549633 4221 1 19c7b19fec4f0dee8512545a1ae27501 session_pid=4224
Mar 10 14:59:25 auth: Debug: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Performing userdb lookup
Mar 10 14:59:25 auth: Debug: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): userdb cache miss
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<2>: Handling USER request
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<2>: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Performing userdb lookup
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<2>: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): lookup
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<2>: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Finished userdb lookup
Mar 10 14:59:25 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<2>: Finished
Mar 10 14:59:25 auth: Debug: passwd(mcs,192.168.138.15,<yQtBK4z2lOzAqIoP>): Finished userdb lookup
Mar 10 14:59:25 auth: Debug: master userdb out: USER 980549633 mcs system_groups_user=mcs uid=1001 gid=1001 home=/home/mcs auth_mech=PLAIN
Mar 10 14:59:25 pop3-login: Info: Login: user=<mcs>, method=PLAIN, rip=192.168.138.15, lip=192.168.138.18, mpid=4224, session=<yQtBK4z2lOzAqIoP>
Mar 10 14:59:32 pop3(mcs)<4224><yQtBK4z2lOzAqIoP>: Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0
Mar 10 14:59:35 auth: Debug: auth client connected (pid=4225)
Mar 10 14:59:59 auth: Debug: client in: AUTH 1 PLAIN service=pop3 session=q5FJLYz2n+zAqIoP lip=192.168.138.18 rip=192.168.138.15 lport=110 rport=60575 resp=************** (previous base64 data may contain sensitive data)
Mar 10 14:59:59 auth: Debug: passwd(geoplan,192.168.138.15,<q5FJLYz2n+zAqIoP>): Performing passdb lookup
Mar 10 14:59:59 auth: Debug: passwd(geoplan,192.168.138.15,<q5FJLYz2n+zAqIoP>): cache miss
Mar 10 14:59:59 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<3>: Handling PASSV request
Mar 10 14:59:59 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<3>: passwd(geoplan,192.168.138.15,<q5FJLYz2n+zAqIoP>): Performing passdb lookup
Mar 10 14:59:59 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<3>: passwd(geoplan,192.168.138.15,<q5FJLYz2n+zAqIoP>): lookup
Mar 10 14:59:59 auth-worker(4223): Info: conn unix:auth-worker (uid=0): auth-worker<3>: passwd(geoplan,192.168.138.15,<q5FJLYz2n+zAqIoP>): invalid password field '*'
Mar 10 14:59:59 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<3>: passwd(geoplan,192.168.138.15,<q5FJLYz2n+zAqIoP>): Finished passdb lookup
Mar 10 14:59:59 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): auth-worker<3>: Finished: user_disabled
Mar 10 14:59:59 auth: Debug: passwd(geoplan,192.168.138.15,<q5FJLYz2n+zAqIoP>): Finished passdb lookup
Mar 10 14:59:59 auth: Debug: auth(geoplan,192.168.138.15,<q5FJLYz2n+zAqIoP>): Auth request finished
Mar 10 15:00:01 auth: Debug: client passdb out: FAIL 1 user=geoplan code=user_disabled
Mar 10 15:00:04 pop3-login: Info: Disconnected: Aborted login by logging out (user disabled): user=<geoplan>, method=PLAIN, rip=192.168.138.15, lip=192.168.138.18, session=<q5FJLYz2n+zAqIoP>
Mar 10 15:00:59 auth-worker(4223): Debug: conn unix:auth-worker (uid=0): Disconnected: Connection closed (fd=-1)
Thanks for your answer,
Luciano.
--
/"\ /Via A. Salaino, 7 - 20144 Milano (Italy)
\ / ASCII RIBBON CAMPAIGN / PHONE : +39 02485781 FAX: +39 0248028247
X AGAINST HTML MAIL / E-MAIL: posthamster at sublink.sublink.ORG
/ \ AND POSTINGS / WWW: http://www.lesassaie.IT/
More information about the dovecot
mailing list