I am trying to set up Dovecot so that it uses LDAP, but I keep getting
this error message in /var/log/syslog:
Dec 12 03:38:17 mydomain dovecot-auth: LDAP: ldap_search() failed (filter
user_filter = (mail=user at mydomain.tld)): Bad search filter
Relevant configuration files:
/etc/dovecot-ldap.conf:
hosts = localhost
dn = cn=dovecot,ou=sysAccounts,dc=mydomain,dc=tld
dnpass = password
ldap_version = 3
base = ou=mailAccounts,dc=mydomain,dc=tld
deref = never
scope = subtree
user_attrs = mail,,,,,
user_filter = (mail=%u)
pass_attrs = mail,userPassword
pass_filter = user_filter = (mail=%u)
default_pass_scheme = CRYPT
user_global_uid = 5000
user_global_gid = 5000
/etc/dovecot.conf:
protocols = imap imaps pop3s
imap_listen = 127.0.0.1
imaps_listen = *
pop3s_listen = *
ssl_cert_file = /etc/ssl/mydomain.tld/Cert.pem
ssl_key_file = /etc/ssl/mydomain.tld/PrivateKey.pem
disable_plaintext_auth = yes
login = imap
login_user = dovecot
login = pop3
verbose_proctitle = yes
first_valid_uid = 5000
last_valid_uid = 5000
first_valid_gid = 5000
last_valid_gid = 5000
mail_extra_groups = mail
valid_chroot_dirs = /var/mail/virtualmail
default_mail_env = maildir:/var/mail/virtualmail/%n/Maildir
auth = default
auth_mechanisms = plain
auth_userdb = ldap /etc/dovecot-ldap.conf
auth_passdb = ldap /etc/dovecot-ldap.conf
auth_user = dovecot
auth_verbose = yes
auth_debug = no
In /etc/ldap/slapd.conf:
access to attribute=userPassword
by dn="cn=admin,dc=mydomain,dc=tld" write
by dn="cn=dovecot,ou=sysAccounts,dc=mydomain,dc=tld" read
by anonymous auth
by self write
by * none
Output of 'slapcat | grep dovecot':
dn: cn=dovecot,ou=sysAccounts,dc=mydomain,dc=tld
cn: dovecot
sn: dovecot
I've even tried changing the dn to admin, but I still get the same
error.
What am I doing wrong?
:Peter
On Sun, 2004-12-12 at 14:56, Peter Clark wrote:> I am trying to set up Dovecot so that it uses LDAP, but I keep getting > this error message in /var/log/syslog: > > Dec 12 03:38:17 mydomain dovecot-auth: LDAP: ldap_search() failed (filter > user_filter = (mail=user at mydomain.tld)): Bad search filter > > Relevant configuration files: > /etc/dovecot-ldap.conf: > hosts = localhost > dn = cn=dovecot,ou=sysAccounts,dc=mydomain,dc=tld > dnpass = password > ldap_version = 3 > base = ou=mailAccounts,dc=mydomain,dc=tld > deref = never > scope = subtree > user_attrs = mail,,,,, > user_filter = (mail=%u) > pass_attrs = mail,userPassword > pass_filter = user_filter = (mail=%u)I don't think your pass_filter is correct. Mine (for example) is: pass_filter = (&(objectClass=posixAccount)(mail=%u)) -- Karl Latiss <karl at designit.com.au> designIT
I think you are wrong with the "pass_filter" parameter in your dovecot-ldap.conf Try to change the line "pass_filter = user_filter = (mail=%u)" with "pass_filter = (mail=%u)" Best regards. ___________________________________________________________________ Ing. PAOLO BASENGHI :::: Systems & Networking Engineer p.basenghi at netribe.it ??????????????????????????????????????????????????????????????????? NETRIBE srl :: Collaborative E-Business 42100 :: Reggio Emilia :: Italy :: Via della Costituzione, 27/4 ph. +39 0522 232378 :: fax +39 0522 232386 :: http://www.netribe.it ??????????????????????????????????????????????????????????????????? Peter Clark ha scritto:> I am trying to set up Dovecot so that it uses LDAP, but I keep getting >this error message in /var/log/syslog: > >Dec 12 03:38:17 mydomain dovecot-auth: LDAP: ldap_search() failed (filter >user_filter = (mail=user at mydomain.tld)): Bad search filter > >Relevant configuration files: >/etc/dovecot-ldap.conf: >hosts = localhost >dn = cn=dovecot,ou=sysAccounts,dc=mydomain,dc=tld >dnpass = password >ldap_version = 3 >base = ou=mailAccounts,dc=mydomain,dc=tld >deref = never >scope = subtree >user_attrs = mail,,,,, >user_filter = (mail=%u) >pass_attrs = mail,userPassword >pass_filter = user_filter = (mail=%u) >default_pass_scheme = CRYPT >user_global_uid = 5000 >user_global_gid = 5000 > >/etc/dovecot.conf: >protocols = imap imaps pop3s >imap_listen = 127.0.0.1 >imaps_listen = * >pop3s_listen = * >ssl_cert_file = /etc/ssl/mydomain.tld/Cert.pem >ssl_key_file = /etc/ssl/mydomain.tld/PrivateKey.pem >disable_plaintext_auth = yes >login = imap >login_user = dovecot >login = pop3 >verbose_proctitle = yes >first_valid_uid = 5000 >last_valid_uid = 5000 >first_valid_gid = 5000 >last_valid_gid = 5000 >mail_extra_groups = mail >valid_chroot_dirs = /var/mail/virtualmail >default_mail_env = maildir:/var/mail/virtualmail/%n/Maildir >auth = default >auth_mechanisms = plain >auth_userdb = ldap /etc/dovecot-ldap.conf >auth_passdb = ldap /etc/dovecot-ldap.conf >auth_user = dovecot >auth_verbose = yes >auth_debug = no > >In /etc/ldap/slapd.conf: >access to attribute=userPassword > by dn="cn=admin,dc=mydomain,dc=tld" write > by dn="cn=dovecot,ou=sysAccounts,dc=mydomain,dc=tld" read > by anonymous auth > by self write > by * none > >Output of 'slapcat | grep dovecot': >dn: cn=dovecot,ou=sysAccounts,dc=mydomain,dc=tld >cn: dovecot >sn: dovecot > > I've even tried changing the dn to admin, but I still get the same error. >What am I doing wrong? > :Peter > > > >