Hi All
I am using Dovecot dovecot2-2.2.25_6 on FreeBSD 11. I am trying to set up
LDAP authentication to Active Director as I had it in version 1 of Dovecot.
My settings are at bottom. When I run doveadm auth test username, I get
back
root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username
Password:
passdb: user auth succeeded
extra fields:
  user=username
root at BSD-11:/usr/local/etc/dovecot #
But when I run telnet 127.0.0.1 110 and try to log in it says unknown user.
Error below in maillog.
BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, auth
lookup id=2262958081 (client-pid=2273 client-id=1)
Nov  1 15:15:41 BSD-11 dovecot: pop3-login: Internal login failure
(pid=2273 id=1) (internal failure, 1 successful auths): user
root at BSD-11:/usr/local/etc/dovecot # doveconf -n
# 2.2.25 (7be1766): /usr/local/etc/dovecot/dovecot.conf
# OS: FreeBSD 11.0-RELEASE-p1 i386
auth_debug = yes
auth_verbose = yes
listen = *
login_greeting = Mail Server ready.
mail_location = maildir:~/Maildir
namespace inbox {
  inbox = yes
  location   mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix }
passdb {
  args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
ssl_cert = </usr/local/etc/certs/certs/dovecot.pem
ssl_key = </usr/local/etc/certs/private/dovecot.pem
userdb {
  args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
protocol lda {
  mail_plugins }
#Contents of dovecot-ldap.conf.ext
hosts = 192.168.153.143
dn = user at domain.com
dnpass = password
auth_bind = yes
auth_bind_userdn = domain\%u
ldap_version = 3
base = dc=domain,dc=com
pass_filter = (&(objectclass=person)(uid=%u))
user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002
Amy help would be appreciated.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 1 Nov 2016, Peter Fraser wrote:> root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username > Password: > passdb: user auth succeeded > extra fields: > user=username > root at BSD-11:/usr/local/etc/dovecot # > > But when I run telnet 127.0.0.1 110 and try to log in it says unknown user. > Error below in maillog. > BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, auth > lookup id=2262958081 (client-pid=2273 client-id=1) > Nov 1 15:15:41 BSD-11 dovecot: pop3-login: Internal login failure > (pid=2273 id=1) (internal failure, 1 successful auths): user > passdb { > args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > }> userdb { > args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > }> #Contents of dovecot-ldap.conf.ext > hosts = 192.168.153.143 > dn = user at domain.com > dnpass = password > auth_bind = yes > auth_bind_userdn = domain\%u > ldap_version = 3 > base = dc=domain,dc=com > pass_filter = (&(objectclass=person)(uid=%u)) > user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002duplicate pass_filter to user_filter. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBWBm0Onz1H7kL/d9rAQJWhQf+PRD5yd29UyL1drjlTOWD/s4qUffg8OBh inb8L3eCKDuSad8s9INUJSa6WxGEVdatL4PKjTcbL5IsPIob87W5jOduWFMtPlt0 FXxWtfc1bAjRyNLzkGe1mUT1z0EDVO22UkQSd9J3bZQ9wR+FzgeGqdcyzl+WSyzB Eaiea23ieCjhZRAZF/pl1gDjkap+tPQ8gZLdt4p1QQrY5Jllifu5jYEyjqPkwUXf YMfEiCJSInyMQ8CCuL1Aj8iM/7qLLi8pyC9KSA6NntK4mpHAaInYln6SZY+ZGJCY KV60nGuwwv3qQFeKchhhr+GpGDQYXJ5eBq+Ji+cKgvbypFa13NNS8A==l02F -----END PGP SIGNATURE-----
I updated dovecot-ldap.conf.ext so that it now reads as below: #Custom Settings hosts = 192.168.153.143 dn = user at domain.com dnpass = password auth_bind = yes auth_bind_userdn = %u at domain.com ldap_version = 3 base = dc=rpservices,dc=com #user_filter = (&(objectclass=person)(mail=%u)) user_filter = (&(objectclass=person)(uid=%u)) pass_filter = (&(objectclass=person)(uid=%u)) user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 When I tried to log in again using telnet 127.0.0.1 110, the error shows up in maillog. I first tried logging in with just the username, then I tried using username at domain.com. Using doveadm still works though. BSD-11 dovecot: auth: ldap(peter,127.0.0.1,<B9qF8FNAT3x/AAAB>): unknown user Nov 2 11:29:23 BSD-11 dovecot: auth: Error: ldap(user,127.0.0.1,<B9qF8FNAT3x/AAAB>): user not found from userdb Nov 2 11:29:23 BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, auth lookup id=226492417 (client-pid=874 client-id=1) Nov 2 11:29:23 BSD-11 dovecot: pop3-login: Internal login failure (pid=874 id=1) (internal failure, 1 successful auths): user=<peter>, method=PLAIN Nov 2 11:30:42 BSD-11 dovecot: auth: ldap(user at domain.com): invalid credentials Nov 2 14:08:17 BSD-11 dovecot: auth: ldap(user,127.0.0.1,<4uLkKVZAvY9/AAAB>): invalid credentials Nov 2 14:09:38 BSD-11 dovecot: auth: ldap(user at domain.com,127.0.0.1,<4uLkKVZAvY9/AAAB>): invalid credentials Nov 2 14:11:00 BSD-11 dovecot: pop3-login: Disconnected: Inactivity (auth failed, 2 attempts in 163 secs): user=<user at domain.com> On Wed, Nov 2, 2016 at 4:39 AM, Steffen Kaiser < skdovecot at smail.inf.fh-brs.de> wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Tue, 1 Nov 2016, Peter Fraser wrote: > > root at BSD-11:/usr/local/etc/dovecot # doveadm auth test username >> Password: >> passdb: user auth succeeded >> extra fields: >> user=username >> root at BSD-11:/usr/local/etc/dovecot # >> >> But when I run telnet 127.0.0.1 110 and try to log in it says unknown >> user. >> Error below in maillog. >> BSD-11 dovecot: pop3: Error: Authenticated user not found from userdb, >> auth >> lookup id=2262958081 (client-pid=2273 client-id=1) >> Nov 1 15:15:41 BSD-11 dovecot: pop3-login: Internal login failure >> (pid=2273 id=1) (internal failure, 1 successful auths): user>> > > passdb { >> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext >> driver = ldap >> } >> > > userdb { >> args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext >> driver = ldap >> } >> > > #Contents of dovecot-ldap.conf.ext >> hosts = 192.168.153.143 >> dn = user at domain.com >> dnpass = password >> auth_bind = yes >> auth_bind_userdn = domain\%u >> ldap_version = 3 >> base = dc=domain,dc=com >> pass_filter = (&(objectclass=person)(uid=%u)) >> user_attrs = homeDirectory=/home/vmail/%u,uid=1002,gid=1002 >> > > duplicate pass_filter to user_filter. > > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBWBm0Onz1H7kL/d9rAQJWhQf+PRD5yd29UyL1drjlTOWD/s4qUffg8OBh > inb8L3eCKDuSad8s9INUJSa6WxGEVdatL4PKjTcbL5IsPIob87W5jOduWFMtPlt0 > FXxWtfc1bAjRyNLzkGe1mUT1z0EDVO22UkQSd9J3bZQ9wR+FzgeGqdcyzl+WSyzB > Eaiea23ieCjhZRAZF/pl1gDjkap+tPQ8gZLdt4p1QQrY5Jllifu5jYEyjqPkwUXf > YMfEiCJSInyMQ8CCuL1Aj8iM/7qLLi8pyC9KSA6NntK4mpHAaInYln6SZY+ZGJCY > KV60nGuwwv3qQFeKchhhr+GpGDQYXJ5eBq+Ji+cKgvbypFa13NNS8A=> =l02F > -----END PGP SIGNATURE----- >