Venilton Junior
2007-May-04 13:34 UTC
[Dovecot] Help with LDAP authentication - user / user+domain
Hello Folks, I've my dovecot working well and authenticating in my ldap servers. But I'd like configure my users to authenticate in two ways. One is just submitting the username and the other one is providing user at domain.com . I'm moving from a cyrus-imap solution to dovecot and I've implemented it with VD domains. But nowadays I still have one domain at my servers. So to no cause to much impact to users, I'd like to provide this two ways of authentication. Here follows my dovecot-ldap.conf: hosts = localhost dn = uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot dnpass = XXXXXX auth_bind = no ldap_version = 3 base = dc=domain,dc=com deref = never scope = subtree user_attrs = mail,homeDirectory,,,,quota=quota=maildir:storage user_filter (&(objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=F ALSE)) pass_attrs = mail,userPassword pass_filter (&(objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=F ALSE)) default_pass_scheme = SSHA user_global_uid = 100 user_global_gid = 101 My logs: Apr 30 13:47:58 server dovecot: auth(default_with_listener): client in: AUTH 1 PLAIN service=POP3 lip=xxx.xxx.xx.xx rip=xxx.xx.xxx.xxx resp=AGpveWNlLm1hcmlhbm8AbWFrdHVi Apr 30 13:47:58 server dovecot: auth(default_with_listener): ldap(user.test,xxx.xx.xxx.xxx): pass search: base=dc=domain,dc=com scope=subtree filter=(&(objectClass=VirtualMailAccount)(mail=user.test)(accountActiveTRUE)(delete=FALSE)) fields=mail,userPassword Apr 30 13:47:58 server dovecot: auth(default_with_listener): ldap(user.test,xxx.xx.xxx.xxx): unknown user Apr 30 13:47:59 server dovecot: auth(default_with_listener): client out: FAIL 1 user=user.test Apr 30 13:48:05 server dovecot: pop3-login: Aborted login: user=<user.test>, method=PLAIN, rip=xxx.xx.xxx.xxx, lip=xxx.xxx.xx.xx If I provide user.test at domain.com works fine. Any guesses or ideas? PS: I've suppressed some information, like IPs, server names e IPs Best Regards, Venilton C. Junior HP Certified Professional Sercompe Computadores Ltda. Office: +55 47 3431-9700 Fax: +55 47 3431-9747 Mobile: +55 47 9653-5872 www.sercompe.com.br <http://www.sercompe.com.br/>
Ćukasz Mierzwa
2007-May-04 13:47 UTC
[Dovecot] Help with LDAP authentication - user / user+domain
Friday 04 of May 2007 15:34:51 Venilton Junior napisa?(a):> Hello Folks, > > > > I've my dovecot working well and authenticating in my ldap servers. > > > > But I'd like configure my users to authenticate in two ways. One is just > submitting the username and the other one is providing user at domain.com . > > > > I'm moving from a cyrus-imap solution to dovecot and I've implemented it > with VD domains. But nowadays I still have one domain at my servers. So > to no cause to much impact to users, I'd like to provide this two ways > of authentication. > > > > Here follows my dovecot-ldap.conf: > > > > hosts = localhost > > dn = uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot > > dnpass = XXXXXX > > auth_bind = no > > ldap_version = 3 > > base = dc=domain,dc=com > > deref = never > > scope = subtree > > user_attrs = mail,homeDirectory,,,,quota=quota=maildir:storage > > user_filter > (&(objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=F > ALSE)) > > pass_attrs = mail,userPassword > > pass_filter > (&(objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=F > ALSE)) > > default_pass_scheme = SSHA > > user_global_uid = 100 > > user_global_gid = 101 > > > > > > My logs: > > > > Apr 30 13:47:58 server dovecot: auth(default_with_listener): client in: > AUTH 1 PLAIN service=POP3 lip=xxx.xxx.xx.xx > rip=xxx.xx.xxx.xxx resp=AGpveWNlLm1hcmlhbm8AbWFrdHVi > > Apr 30 13:47:58 server dovecot: auth(default_with_listener): > ldap(user.test,xxx.xx.xxx.xxx): pass search: base=dc=domain,dc=com > scope=subtree > filter=(&(objectClass=VirtualMailAccount)(mail=user.test)(accountActive> TRUE)(delete=FALSE)) fields=mail,userPassword > > Apr 30 13:47:58 server dovecot: auth(default_with_listener): > ldap(user.test,xxx.xx.xxx.xxx): unknown user > > Apr 30 13:47:59 server dovecot: auth(default_with_listener): client out: > FAIL 1 user=user.test > > Apr 30 13:48:05 server dovecot: pop3-login: Aborted login: > user=<user.test>, method=PLAIN, rip=xxx.xx.xxx.xxx, lip=xxx.xxx.xx.xx > > > > If I provide user.test at domain.com works fine.Try with auth_default_realm = domain.com in dovecot.conf -- ?ukasz Mierzwa