Hi,
Added a few corrections to your config below. Hope it works.
achim~
Am 16.12.2013 11:51, schrieb Pascal den Bekker:> Hello,
>
> I am trying to setup samba4/openchange and dovecot. Does anyone has
> experiences concering dovecot connecting to samba4 ??
>
> I tried the following:
>
> /etc/dovecot.conf:
>
> protocols = imap sieve
> mail_location = maildir:/data/mail/%d/%n/Maildir
> mail_access_groups = vmail
> mail_privileged_group = vmail
> first_valid_uid = 110
> last_valid_uid = 110
last_valid_uid = 5000> first_valid_gid = 115
> last_valid_gid = 115
last_valid_gid = 5000
Your vmail user/group seems to have the uid/gid 5000 so it must be in
the valid range.> log_path = /var/log/dovecot
> log_timestamp = "%Y-%m-%d %H:%M:%S "
> login_greeting = Welcome to domain.local.
>
> service imap {
> inet_listener {
> port=143
> }
> }
>
> protocol lda {
> log_path = /var/log/mail/dovecot-deliver.log
> auth_socket_path = /var/run/dovecot/auth-master
> postmaster_address = postmaster at domain.local
> mail_plugins = sieve
> }
>
> service managesieve {
> inet_listener {
> port=12000
> }
> }
>
> auth_verbose = yes
> auth_debug = yes
>
> service auth {
> unix_listener /var/spool/postfix/private/auth {
> group = vmail
> mode = 0660
> user = postfix
> }
> }
>
> #service auth-userdb {
> # user = vmail
> # }
> #user = root
> #}
>
> passdb {
> args = /etc/dovecot/dovecot-ldap-passdb.conf
> driver = ldap
> }
>
> userdb {
> args = /etc/dovecot/dovecot-ldap-userdb.conf
> driver = ldap
> }
>
> plugin {
> sieve = /data/mail/%d/%n/sieverc
> sieve_storage=/data/mail/%d/%n/sieve
> sieve_max_redirects = 20
> }
>
>
> debug_log_path = /var/log/dovecot-debug.log
>
> dict {
> }
>
> /etc/dovecot/dovecot-ldap-passdb.conf
>
> hosts = localhost
> auth_bind = yes
> auth_bind_userdn = cn=%u,cn=Users,dc=domain,dc=local
> ldap_version = 3
> base = cn=Users,dc=domain,dc=local
> pass_filter = (&(objectClass=person)(cn=%u)(mail=*))
>
hosts = localhost
auth_bind = yes
dn = cn=ldap,cn=Users,DC=domain,DC=local
dnpass = password
#auth_bind_userdn = cn=%u,cn=Users,dc=domain,dc=local
ldap_version = 3
base = cn=Users,dc=domain,dc=local
pass_filter = (&(objectClass=person)(sAMAccountName=%u)(mail=*))
user_attrs=uid=5000
This way dovecot connects as user ldap does the user lookup according to
pass_filter and uses the resulting dn for authetification. If you create
users via the Windows Remote Management tools the dn for an user normaly
uses the Full Name as cn and not the user id which is stored as
sAMAccountName.> /etc/dovecot/dovecot-ldap-userdb.conf:
>
> hosts = localhost
> dn = cn=ldap,cn=Users,DC=domain,DC=local
> dnpass = password
> ldap_version = 3
> base = cn=Users,DC=domain,DC=local
>
> #user_attrs >
user_attrs=uid=5000,=gid=5000,=home=/data/mail/%d/%n,mail=/data/mail/%d/%u/Maildir
>
> user_filter = (&(objectClass=person)(cn=%u)(mail=*))
> iterate_attrs = cn=user
> iterate_filter = (objectClass=person)
user_filter = (&(objectClass=person)(sAMAccountName=%u)(mail=*))
iterate_attrs = sAMAccountName=user>
> When I try to login with useraccountadministrator I get the following
> error messages:
>
> 2013-12-16 11:28:29 auth: Info:
> ldap(ldap,127.0.0.1,<N3HjRaTtdAB/AAAB>): unknown user
> 2013-12-16 11:28:29 auth: Error:
> userdb(ldap,127.0.0.1,<N3HjRaTtdAB/AAAB>): user not found from userdb
> ldap
> 2013-12-16 11:28:29 imap: Error: Authenticated user not found from
> userdb, auth lookup id=783810561 (client-pid=3809 client-id=1)
> 2013-12-16 11:28:29 imap-login: Info: Internal login failure (pid=3809
> id=1) (internal failure, 1 succesful auths): user=<ldap>,
> method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=3810, secured,
> session=<N3HjRaTtdAB/AAAB>
>
> Can someone tell me what I am doing wrong, or is there way to test to
> dovecot ldap connection string ??
>
> Cheers,
>
> - Pascal
>