Dovecot version: 2.0.19 ------------------------------------------------------- grep -v '^ *\(#.*\)\?$' /etc/dovecot/dovecot-ldap.conf hosts = server.domain.tld:389 ldap_version = 3 auth_bind = yes dn = vmail at domain.tld dnpass = somepassword base = ou=testou,dc=domain,dc=tld scope = subtree deref = never user_filter = (&(userPrincipalName=%u)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2))) pass_filter = (&(userPrincipalName=%u)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2))) pass_attrs = userPassword=password default_pass_scheme = CRYPT user_attrs = =home=/var/vmail/vmail1/%Ld/%Ln/Maildir/,=mail=maildir:/var/vmail/vmail1/%Ld/%Ln/Maildir ----------------------------------------------------- I'm authenticating users through AD and it seems to work with no problems. Unfortunately, when I try to send e-mail from a user who's not in the testou container I get the following error: Sender address rejected: User unknown in virtual mailbox table> #SMTP#. I'm assuming this happens because dovecot is not able to to lookup up that user since that user is outside the testou container. A lot of the AD users are in different places inside the AD structure and I need to be able to configure dovecot to look from the root of the AD structure down. I changed the base to this: base = dc=domain,dc=tld but it simply fails to lookup any users at that point. How would I go about getting dovecot to start at the top of the domain and look at every nested OU within AD? thanks a lot D
On 04/ 7/14 01:46 PM, Deeztek Support wrote:> > I'm authenticating users through AD and it seems to work with no > problems. Unfortunately, when I try to send e-mail from a user who's > not in the testou container I get the following error: > > Sender address rejected: User unknown in virtual mailbox table> #SMTP#. >Looks like a Postfix error, not Dovecot.
On Monday 07 April 2014 13:46:20 Deeztek Support wrote:> Dovecot version: 2.0.19 > ------------------------------------------------------- > grep -v '^ *\(#.*\)\?$' /etc/dovecot/dovecot-ldap.conf > > hosts = server.domain.tld:389 > ldap_version = 3 > auth_bind = yes > dn = vmail at domain.tld > dnpass = somepassword > base = ou=testou,dc=domain,dc=tld > scope = subtree > deref = never > user_filter > (&(userPrincipalName=%u)(objectClass=person)(!(userAccountControl:1.2.840.11 > 3556.1.4.803:=2))) pass_filter > (&(userPrincipalName=%u)(objectClass=person)(!(userAccountControl:1.2.840.11 > 3556.1.4.803:=2))) pass_attrs = userPassword=password > default_pass_scheme = CRYPT > user_attrs > =home=/var/vmail/vmail1/%Ld/%Ln/Maildir/,=mail=maildir:/var/vmail/vmail1/%Ld > /%Ln/Maildir -----------------------------------------------------Your %u need to be matched by the string postfix send to dovecot ( check your master.cf) As I say in a previous post, this filter is invoked from two parts, with (possible) different parameters : from authentication, with the username of the client, and from delivery, with usually the e-mail address or whatewer you set in postfix. IMHO is a bad design, but it works as is.