Hi,
Maybe I am missing something simple, but I can't get users authenticated
using password lookups, as opposed to auth_bind. This is how the log looks
like when using password lookup:
dovecot: auth(default): new auth connection: pid=2449
dovecot: auth(default): client in:
AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=43458#011resp=<hidden>
dovecot: auth(default): ldap(foo,127.0.0.1): pass search:
base=uid=foo,ou=people,dc=djb,dc=hell,dc=qua scope=base
filter=(accountStatus=noaccess) fields=(none)
slapd[1834]: conn=1083 op=1 SRCH
base="uid=foo,ou=people,dc=djb,dc=hell,dc=qua" scope=0 deref=0
filter="(accountStatus=noaccess)"
slapd[1834]: conn=1083 op=1 SRCH attr=(none)
slapd[1834]: conn=1083 op=1 SEARCH RESULT tag=101 err=0 nentries=0 textdovecot:
auth(default): ldap(foo,127.0.0.1): unknown user
dovecot: auth(default): ldap(foo,127.0.0.1): pass search:
base=ou=people,dc=djb,dc=hell,dc=qua scope=subtree
filter=(accountStatus=active)
fields=uid,userPassword,homeDirectory,uidNumber,gidNumber,mailQuotaSize
slapd[1834]: conn=1084 op=1 SRCH
base="ou=people,dc=djb,dc=hell,dc=qua"
scope=2 deref=0 filter="(accountStatus=active)"
slapd[1834]: conn=1084 op=1 SRCH attr=uid userPassword homeDirectory
uidNumber gidNumber mailQuotaSize
dovecot: auth(default): ldap(foo,127.0.0.1): result: uid(user)=foo
uidNumber(userdb_uid)=1008 gidNumber(userdb_gid)=1008
homeDirectory(userdb_home)=/home/foo
mailQuotaSize(userdb_quota_rule=*:bytes=%$)=*:bytes=10000000
dovecot: auth(default): ldap(foo,127.0.0.1): No password returned (and no
nopassword)
slapd[1834]: conn=1084 op=1 SEARCH RESULT tag=101 err=0 nentries=1 textdovecot:
auth(default): client out: FAIL#0111#011user=foo
*dovecot-ldap.pass*
uris = ldap://10.5.3.101
dn = uid=dove,ou=people,dc=djb,dc=hell,dc=qua
dnpass = debian
auth_bind = no
ldap_version = 3
base = ou=people,dc=djb,dc=hell,dc=qua
scope = subtree
pass_filter = (accountStatus=active)
pass_attrs = uid=user,userPassword=password,\
homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid,mailQuotaSize=userdb_quota_rule=*:bytes=%$
*dovecot-ldap.deny*
uris = ldap://10.5.3.101
ldap_version = 3
base = uid=%u,ou=people,dc=djb,dc=hell,dc=qua
scope = base
auth_bind = no
pass_filter = (accountStatus=noaccess)
pass_attrs = (none)
*dovecot.conf*
# 1.2.15: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-3-686 i686 Debian squeeze/sid
log_timestamp: %Y-%m-%d %H:%M:%S
protocols: imap managesieve
listen(default): *
listen(imap): *
listen(managesieve): *:2000
ssl: no
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable(default): /usr/lib/dovecot/imap-login
login_executable(imap): /usr/lib/dovecot/imap-login
login_executable(managesieve): /usr/lib/dovecot/managesieve-login
mail_privileged_group: mail
mail_location: maildir:~/Maildir
mbox_write_locks: fcntl dotlock
mail_executable(default): /usr/lib/dovecot/imap
mail_executable(imap): /usr/lib/dovecot/imap
mail_executable(managesieve): /usr/lib/dovecot/managesieve
mail_plugins(default): quota
mail_plugins(imap): quota
mail_plugins(managesieve):
mail_plugin_dir(default): /usr/lib/dovecot/modules/imap
mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap
mail_plugin_dir(managesieve): /usr/lib/dovecot/modules/managesieve
managesieve_logout_format(default): bytes=%i/%o
managesieve_logout_format(imap): bytes=%i/%o
managesieve_logout_format(managesieve): bytes=%i%o
lda:
postmaster_address: bar at djb.hell.qua
mail_plugins: quota sieve
deliver_log_format: msgid=%m: %$
sendmail_path: /usr/lib/sendmail
log_path: /var/log/ldaone
info_log_path: /var/log/ldatwo
debug: yes
auth default:
debug: yes
passdb:
driver: ldap
args: /etc/dovecot/dovecot-ldap.deny
deny: yes
passdb:
driver: ldap
args: /etc/dovecot/dovecot-ldap.pass
userdb:
driver: prefetch
userdb:
driver: ldap
args: /etc/dovecot/dovecot-ldap.user
socket:
type: listen
master:
path: /var/run/dovecot/auth-master
mode: 438
plugin:
quota: maildir
sieve: ~/.dovecot.sieve
sieve_dir: ~/sieve