Brice Figureau
2006-Apr-11 16:06 UTC
[Dovecot] Postfix dovecot SASL and LDAP not working...
Hi,
I'm trying to setup a new mail server where postfix 2.3-20060405 would
use Dovecot's SASL and users located in LDAP.
It's with dovecot-1.0-beta5.
On the postfix side, I followed the SASL_README and have the following
in main.cf:
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
On the dovecot side I have the following related to auth:
auth_verbose = yes
auth_debug = yes
auth_debug_passwords = yes
auth default {
mechanisms = plain digest-md5 cram-md5
# LDAP database
passdb ldap {
# Path for LDAP configuration file,
see /etc/dovecot/dovecot-ldap.conf for
# example
args = /etc/dovecot/dovecot-ldap.conf
}
# LDAP database
userdb ldap {
# Path for LDAP configuration file,
see /etc/dovecot/dovecot-ldap.conf for
# example
args = /etc/dovecot/dovecot-ldap.conf
}
userdb prefetch {
}
user = root
##
## dovecot-lda & postfix SASL specific settings
##
socket listen {
master {
path = /var/run/dovecot-auth-master
mode = 0666
}
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
pop or imap authentification with LDAP works fine:
Apr 11 17:43:08 localhost dovecot: auth(default): client in:
AUTH^I1^IPLAIN^Iservice=IMAP^Isecured^Ilip=127.0.0.1^Irip=127.0.0.1^Iresp=AGJyaWNlAHRvdG8Apr
11 17:43:08 localhost dovecot: auth(default): ldap(raymond,127.0.0.1):
base=ou=people, dc=daysofwonder, dc=com scope=subtree
filter=(&(objectClass=CourierMailAccount)(uid=raymond))
fields=uid,userPassword,homeDirectory,uidNumber,gidNumber,mailbox
Apr 11 17:43:08 localhost dovecot: auth(default): ldap(raymond,127.0.0.1):
uid(user)=raymond userPassword(password)={PLAIN}toto
homeDirectory(userdb_home)=/home/raymond uidNumber(userdb_uid)=1000
gidNumber(userdb_gid)=1000 mailbox(userdb_mail)=/home/raymond/Maildir
Apr 11 17:43:08 localhost dovecot: auth(default): client out:
OK^I1^Iuser=raymond^I
Apr 11 17:43:08 localhost dovecot: auth(default): master in:
REQUEST^I1^I15439^I1
Apr 11 17:43:08 localhost dovecot: auth(default): ldap(raymond,127.0.0.1):
base=ou=people, dc=daysofwonder, dc=com scope=subtree
filter=(&(objectClass=CourierMailAccount)(uid=raymond))
fields=homeDirectory,uidNumber,gidNumber,uid,mailbox
Apr 11 17:43:08 localhost dovecot: auth(default): master out:
USER^I1^Iraymond^Isystem_user=raymond^Ihome=/home/raymond^Iuid=1000^Igid=1000^Imail=/home/raymond/Maildir
Apr 11 17:43:08 localhost dovecot: imap-login: Login: user=<raymond>,
method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
postfix SASL doesn't work, but more important don't print any debug
messages, nor try to contact the LDAP server at all:
Apr 11 18:00:59 localhost postfix/smtpd[15637]: connect from
localhost.localdomain[127.0.0.1]
Apr 11 18:01:13 localhost dovecot: auth(default): client in:
AUTH^I3^Iplain^Iservice=smtp^Iresp=YnJpY2UAYnJpY2UAdG90bw=Apr 11 18:01:14
localhost dovecot: auth(default): client out: FAIL^I3^Iuser=raymond
Apr 11 18:01:14 localhost postfix/smtpd[15637]: warning:
localhost.localdomain[127.0.0.1]: SASL plain authentication failed:
I tried several variations of the config, like without userdb prefetch,
moving postfix socket config block in another auth block... Nothing
worked.
Since the samples are mentioning only pam as userdb and passdb source,
maybe it can't work with LDAP ?
Any idea on how to solve this issue ?
Thanks,
Regards,
--
Brice Figureau
Brice Figureau
2006-Apr-12 13:03 UTC
[Dovecot] Postfix dovecot SASL and LDAP not working...
Hi, On Tue, 2006-04-11 at 18:06 +0200, Brice Figureau wrote:> I'm trying to setup a new mail server where postfix 2.3-20060405 would > use Dovecot's SASL and users located in LDAP. > [snip] > I tried several variations of the config, like without userdb prefetch, > moving postfix socket config block in another auth block... Nothing > worked.Just to say that beta7 fixes my issue. Many thanks, -- Brice Figureau