David Scheele
2015-Feb-24 09:51 UTC
"Temporary authentication failure" ? Cant connect with ldap user
Hmm... *ldapsearch -x cn=admin* gives me: | # A bunch of information not really interesting | # search result | search: 2 | result: 32 No such object | | numResponses: 1 *ldapsearch -x cn=admin* gives the same. Did i configure the ldap wrong? 2015-02-24 10:42 GMT+01:00 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de>:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Tue, 24 Feb 2015, David Scheele wrote: > > >> The ldap-utils were already installed. >> I did the ldapsearch you gave me, but after inputting my admin password it >> gives me >> *ldap_bind: Invalid credentials (49)* >> I logged into the ldap server with my admin credentials (which worked >> fine) >> and changed my password to '12345', Trying that, still *Invalid >> credentials* >> . >> > > Oh forgot: > > ldapsearch -x .. > > Also try: > > ldapsearch -x cn=admin > > > to get the full DN of the admin > > > 1.) I tried that already. The error switches to syntax error then. >> 2.) Not really. An upper case letter and a number + various lowercase >> letters. Not very exotic. >> >> Is the pass_filter neccessary? I just wanted to make the installation as >> basic as possible, to not get any unwanted errors. >> >> Best, >> David >> >> 2015-02-24 10:02 GMT+01:00 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de >> >: >> >> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> On Tue, 24 Feb 2015, David Scheele wrote: >>> >>> 2015-02-24 8:05 GMT+01:00 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de >>>> >: >>>> >>>> On Mon, 23 Feb 2015, David Scheele wrote: >>>>> >>>>> So, I set up the Server, installed and configured postfix, ldap and >>>>> >>>>> dovecot >>>>>> (in that order) and now simply try to log into the mail account with a >>>>>> used >>>>>> from the LDAP over telnet. >>>>>> >>>>>> The test looks like this: >>>>>> >>>>>> *|> telnet localhost 143* >>>>>> *| a bunch of stuff ending with:* >>>>>> *| OK [**] Dovecot ready.* >>>>>> *|> a login username userpassword* >>>>>> *| a NO [UNAVAILABLE] Temporary authentication failure. [host and date >>>>>> here]* >>>>>> >>>>>> In the logs it says >>>>>> >>>>>> *|[date] mailserver dovecot: auth: Error: LDAP: binding failed (dn >>>>>> cn=admin): Invalid credentials* >>>>>> >>>>>> But I KNOW the admin password I entered into the dovecot-lda.conf.ext >>>>>> is >>>>>> correct as I use it to log into the LDAP directory over jxplorer >>>>>> >>>>>> I also know the password for the user i try to log in with is correct >>>>>> as i >>>>>> set it myself over and over just to be sure there are no typos. >>>>>> I'm at a loss, I've been at this end for a few days now and can't find >>>>>> good >>>>>> tutorials online because its either always an old dovecot, postfix, >>>>>> ldap >>>>>> or >>>>>> debian version and somewhere in the middle it just stops because some >>>>>> file >>>>>> is completely missing. I get the impression I'm just not able-brained >>>>>> for >>>>>> linux useage. >>>>>> >>>>>> Anyway, here are a few more informations about the system: >>>>>> >>>>>> *Dovecot version 2.1.7* >>>>>> >>>>>> Output of grep -v '^ *\(#.*\)\?$' dovecot-ldap.conf.ext: >>>>>> *hosts = localhost* >>>>>> *dn = cn=admin* >>>>>> *dnpass = [password]* >>>>>> >>>>>> >>>>> install the ldap-utils package - that one containing ldapsearch - and >>> execute: >>> >>> ldapsearch -W -D cn=admin -b 'dc=[domainname],dc=de' \ >>> '(&(objectClass=posixAccount)(uid=<<uid>>))' >>> >>> then enter your password. >>> >>> 1) I suppose, cn=admin is missing a domain name, e.g. >>> dc=[domainname],dc=de . >>> >>> 2) does your dnpass contain "funny" characters? >>> >>> *sasl_bind = no* >>> >>>> *tls = no* >>>>>> *auth_bind = yes* >>>>>> *ldap_version = 3* >>>>>> *base = dc=[domainname],dc=de* >>>>>> *user_attrs = uidNumber=uid,gidNumber=gid* >>>>>> *user_filter = (&(objectClass=posixAccount)(uid=%u))* >>>>>> *pass_attrs = uid=user,userPassword=password* >>>>>> >>>>>> >>>>> BTW: You do not habe no pass_filter or I deleted it last time. >>> >>> >>> >>> Output of dovecot -n: >>>>>> >>>>>> *disable_plaintest_auth = no* >>>>>> *mail_location = mbox:~/mail:INBOX=/var/mail/%u* >>>>>> *[namespace config here]* >>>>>> >>>>>> *passdb {* >>>>>> *args = /etc/dovecot/dovecot-ldap.conf.ext* >>>>>> >>>>>> ^^^^^^^^^^^^^^^^^^^^ >>>>>> >>>>> >>>>> filename mismatch >>>>> >>>>> *driver = ldap* >>>>> >>>>> *}* >>>>>> *plugin {* >>>>>> *sieve = ~/.dovecot.sieve* >>>>>> *sieve_dir = ~/sieve* >>>>>> *}* >>>>>> >>>>>> *protocols = " imap pop3"* >>>>>> *ssl_cert = </etc/dovecot/dovecot.pem* >>>>>> *ssl_key = </etc/dovecot/private/dovecot.pem* >>>>>> *userdb {* >>>>>> *args = /etc/dovecot/dovecot-ldap.conf.ext* >>>>>> *driver =ldap* >>>>>> *}* >>>>>> *protocol pop3 {* >>>>>> *pop3_client_workarounds = outlook-no-nuls oe-ns-eoh* >>>>>> *pop3_uidl_format = %08Xu%08Xv* >>>>>> *}* >>>>>> >>>>>> Any help would be greatly apprechiated.... I'm going crazy over here. >>>>>> >>>>>> Thanks in advance, >>>>>> David >>>>>> >>>>>> >>>>>> - -- Steffen Kaiser >>>>>> >>>>> -----BEGIN PGP SIGNATURE----- >>>>> Version: GnuPG v1 >>>>> >>>>> iQEVAwUBVOwixXz1H7kL/d9rAQJxAgf/dNt0dBGANbIGvm6B0Oeuna/+uY5/7MR8 >>>>> 9EpFwss94eu4PyFgAfOm2Al+IOT98LP1N9OHs3Za2r/2W7LKaesgjCa3vBfH9IjZ >>>>> okUj7fsQXsTAM+UqtF+ne3f5Vp6Ng36Irabr5HLptlbIu3lq8ALMm/E/72TabVLl >>>>> Lln7bB/YFftnrTlI2HheRLnAwSOMHu4rNE7G9zLqiPEipD5XsqgDBPpAM6PwPmbi >>>>> k/irSUgq8h4b66LCzo6Ekv6lvKzWxQpzJo0MC99HT0syAP/qpyLbPARhQvDXCH7J >>>>> wvf/T19EAt+OC4zzfIPgL2YxRP5ZN5efr82NLYdiMVfAcBaDHaFWTA=>>>>> =8upy >>>>> -----END PGP SIGNATURE----- >>>>> >>>>> >>>>> >>>> - -- Steffen Kaiser >>> -----BEGIN PGP SIGNATURE----- >>> Version: GnuPG v1 >>> >>> iQEVAwUBVOw+O3z1H7kL/d9rAQIaZAf+MTnOlpm92TbjdWLCNp3THyjUHMaHDmHt >>> /EuAXa7P0r16tuBHXNuWAohSzG80ZF6ALxg1EhtFkFdH/VtrnyqZ0L6imahcXbhe >>> QnwMA1R4PK1+K7ckUisg8Pkv+3hXPrMyjvOyqMUwOTmlwG6PjHNaX7LxthDQNTu4 >>> 0PjXVZ0IBGlBPTyra/9l81K5j/vw0qfvVF4ycWAFV7An/dqM3nYBnqkBTziqozNs >>> wdhYWFQqApE/pGOe6TbFGeDEiE9PXVTue4G/H9VGe8GKu/ctlp0mtaRN7x84h5dO >>> bqshRfVouSIOhK5jynJMH/T142URGKYGGaS7evCVfwNsRkOcdWJm+g=>>> =W7kX >>> -----END PGP SIGNATURE----- >>> >>> >> > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBVOxHeXz1H7kL/d9rAQLm6ggAg0Aqx0d6zWxvPf7jIJ+fG9omXlLGrnHU > DoqcLFR+PslKJcB6jsGNNzwrN2Xlfqh2ZljreOEyvgYZmD0G0U6z+WI1siGTu/Li > Qx8qcHUbKv/fLSuwx5uV0QL4RtgHNX69/DABtHiffd4ecAeuiTL2Vgdxu5DLzgZE > zm1ZPpdrqEFDLb28qu0jxWvfhZT8tVJ+4NH2zvgxEIZ0/O7xozIBCcp/BwRiy/JH > iGK+J039UfBX03qGTpezEiL8AWIwnouVMx+f0Xh9R+Fah7scG2iF3AEcgpFsoLpS > d9b/cMgKufK6qtxQvb4IIahZuxt15EBRLdYLqW7L1QaLNwVZYtK0fw=> =pJnh > -----END PGP SIGNATURE----- >
Steffen Kaiser
2015-Feb-24 10:10 UTC
"Temporary authentication failure" ? Cant connect with ldap user
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 24 Feb 2015, David Scheele wrote:> > *ldapsearch -x cn=admin* gives me: > > | # A bunch of information not really interesting > | # search result > | search: 2 > | result: 32 No such object > | > | numResponses: 1 > > *ldapsearch -x cn=admin* gives the same. > Did i configure the ldap wrong?ldapsearch -x -h localhost cn=admin ?> > 2015-02-24 10:42 GMT+01:00 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de>: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On Tue, 24 Feb 2015, David Scheele wrote: >> >> >>> The ldap-utils were already installed. >>> I did the ldapsearch you gave me, but after inputting my admin password it >>> gives me >>> *ldap_bind: Invalid credentials (49)* >>> I logged into the ldap server with my admin credentials (which worked >>> fine) >>> and changed my password to '12345', Trying that, still *Invalid >>> credentials* >>> . >>> >> >> Oh forgot: >> >> ldapsearch -x .. >> >> Also try: >> >> ldapsearch -x cn=admin >> >> >> to get the full DN of the admin >> >> >> 1.) I tried that already. The error switches to syntax error then. >>> 2.) Not really. An upper case letter and a number + various lowercase >>> letters. Not very exotic. >>> >>> Is the pass_filter neccessary? I just wanted to make the installation as >>> basic as possible, to not get any unwanted errors. >>> >>> Best, >>> David >>> >>> 2015-02-24 10:02 GMT+01:00 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de >>>> : >>> >>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: SHA1 >>>> >>>> On Tue, 24 Feb 2015, David Scheele wrote: >>>> >>>> 2015-02-24 8:05 GMT+01:00 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de >>>>>> : >>>>> >>>>> On Mon, 23 Feb 2015, David Scheele wrote: >>>>>> >>>>>> So, I set up the Server, installed and configured postfix, ldap and >>>>>> >>>>>> dovecot >>>>>>> (in that order) and now simply try to log into the mail account with a >>>>>>> used >>>>>>> from the LDAP over telnet. >>>>>>> >>>>>>> The test looks like this: >>>>>>> >>>>>>> *|> telnet localhost 143* >>>>>>> *| a bunch of stuff ending with:* >>>>>>> *| OK [**] Dovecot ready.* >>>>>>> *|> a login username userpassword* >>>>>>> *| a NO [UNAVAILABLE] Temporary authentication failure. [host and date >>>>>>> here]* >>>>>>> >>>>>>> In the logs it says >>>>>>> >>>>>>> *|[date] mailserver dovecot: auth: Error: LDAP: binding failed (dn >>>>>>> cn=admin): Invalid credentials* >>>>>>> >>>>>>> But I KNOW the admin password I entered into the dovecot-lda.conf.ext >>>>>>> is >>>>>>> correct as I use it to log into the LDAP directory over jxplorer >>>>>>> >>>>>>> I also know the password for the user i try to log in with is correct >>>>>>> as i >>>>>>> set it myself over and over just to be sure there are no typos. >>>>>>> I'm at a loss, I've been at this end for a few days now and can't find >>>>>>> good >>>>>>> tutorials online because its either always an old dovecot, postfix, >>>>>>> ldap >>>>>>> or >>>>>>> debian version and somewhere in the middle it just stops because some >>>>>>> file >>>>>>> is completely missing. I get the impression I'm just not able-brained >>>>>>> for >>>>>>> linux useage. >>>>>>> >>>>>>> Anyway, here are a few more informations about the system: >>>>>>> >>>>>>> *Dovecot version 2.1.7* >>>>>>> >>>>>>> Output of grep -v '^ *\(#.*\)\?$' dovecot-ldap.conf.ext: >>>>>>> *hosts = localhost* >>>>>>> *dn = cn=admin* >>>>>>> *dnpass = [password]* >>>>>>> >>>>>>> >>>>>> install the ldap-utils package - that one containing ldapsearch - and >>>> execute: >>>> >>>> ldapsearch -W -D cn=admin -b 'dc=[domainname],dc=de' \ >>>> '(&(objectClass=posixAccount)(uid=<<uid>>))' >>>> >>>> then enter your password. >>>> >>>> 1) I suppose, cn=admin is missing a domain name, e.g. >>>> dc=[domainname],dc=de . >>>> >>>> 2) does your dnpass contain "funny" characters? >>>> >>>> *sasl_bind = no* >>>> >>>>> *tls = no* >>>>>>> *auth_bind = yes* >>>>>>> *ldap_version = 3* >>>>>>> *base = dc=[domainname],dc=de* >>>>>>> *user_attrs = uidNumber=uid,gidNumber=gid* >>>>>>> *user_filter = (&(objectClass=posixAccount)(uid=%u))* >>>>>>> *pass_attrs = uid=user,userPassword=password* >>>>>>> >>>>>>> >>>>>> BTW: You do not habe no pass_filter or I deleted it last time. >>>> >>>> >>>> >>>> Output of dovecot -n: >>>>>>> >>>>>>> *disable_plaintest_auth = no* >>>>>>> *mail_location = mbox:~/mail:INBOX=/var/mail/%u* >>>>>>> *[namespace config here]* >>>>>>> >>>>>>> *passdb {* >>>>>>> *args = /etc/dovecot/dovecot-ldap.conf.ext* >>>>>>> >>>>>>> ^^^^^^^^^^^^^^^^^^^^ >>>>>>> >>>>>> >>>>>> filename mismatch >>>>>> >>>>>> *driver = ldap* >>>>>> >>>>>> *}* >>>>>>> *plugin {* >>>>>>> *sieve = ~/.dovecot.sieve* >>>>>>> *sieve_dir = ~/sieve* >>>>>>> *}* >>>>>>> >>>>>>> *protocols = " imap pop3"* >>>>>>> *ssl_cert = </etc/dovecot/dovecot.pem* >>>>>>> *ssl_key = </etc/dovecot/private/dovecot.pem* >>>>>>> *userdb {* >>>>>>> *args = /etc/dovecot/dovecot-ldap.conf.ext* >>>>>>> *driver =ldap* >>>>>>> *}* >>>>>>> *protocol pop3 {* >>>>>>> *pop3_client_workarounds = outlook-no-nuls oe-ns-eoh* >>>>>>> *pop3_uidl_format = %08Xu%08Xv* >>>>>>> *}* >>>>>>> >>>>>>> Any help would be greatly apprechiated.... I'm going crazy over here. >>>>>>> >>>>>>> Thanks in advance, >>>>>>> David >>>>>>> >>>>>>> >>>>>>> - -- Steffen Kaiser >>>>>>> >>>>>> -----BEGIN PGP SIGNATURE----- >>>>>> Version: GnuPG v1 >>>>>> >>>>>> iQEVAwUBVOwixXz1H7kL/d9rAQJxAgf/dNt0dBGANbIGvm6B0Oeuna/+uY5/7MR8 >>>>>> 9EpFwss94eu4PyFgAfOm2Al+IOT98LP1N9OHs3Za2r/2W7LKaesgjCa3vBfH9IjZ >>>>>> okUj7fsQXsTAM+UqtF+ne3f5Vp6Ng36Irabr5HLptlbIu3lq8ALMm/E/72TabVLl >>>>>> Lln7bB/YFftnrTlI2HheRLnAwSOMHu4rNE7G9zLqiPEipD5XsqgDBPpAM6PwPmbi >>>>>> k/irSUgq8h4b66LCzo6Ekv6lvKzWxQpzJo0MC99HT0syAP/qpyLbPARhQvDXCH7J >>>>>> wvf/T19EAt+OC4zzfIPgL2YxRP5ZN5efr82NLYdiMVfAcBaDHaFWTA=>>>>>> =8upy >>>>>> -----END PGP SIGNATURE----- >>>>>> >>>>>> >>>>>> >>>>> - -- Steffen Kaiser >>>> -----BEGIN PGP SIGNATURE----- >>>> Version: GnuPG v1 >>>> >>>> iQEVAwUBVOw+O3z1H7kL/d9rAQIaZAf+MTnOlpm92TbjdWLCNp3THyjUHMaHDmHt >>>> /EuAXa7P0r16tuBHXNuWAohSzG80ZF6ALxg1EhtFkFdH/VtrnyqZ0L6imahcXbhe >>>> QnwMA1R4PK1+K7ckUisg8Pkv+3hXPrMyjvOyqMUwOTmlwG6PjHNaX7LxthDQNTu4 >>>> 0PjXVZ0IBGlBPTyra/9l81K5j/vw0qfvVF4ycWAFV7An/dqM3nYBnqkBTziqozNs >>>> wdhYWFQqApE/pGOe6TbFGeDEiE9PXVTue4G/H9VGe8GKu/ctlp0mtaRN7x84h5dO >>>> bqshRfVouSIOhK5jynJMH/T142URGKYGGaS7evCVfwNsRkOcdWJm+g=>>>> =W7kX >>>> -----END PGP SIGNATURE----- >>>> >>>> >>> >> - -- Steffen Kaiser >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1 >> >> iQEVAwUBVOxHeXz1H7kL/d9rAQLm6ggAg0Aqx0d6zWxvPf7jIJ+fG9omXlLGrnHU >> DoqcLFR+PslKJcB6jsGNNzwrN2Xlfqh2ZljreOEyvgYZmD0G0U6z+WI1siGTu/Li >> Qx8qcHUbKv/fLSuwx5uV0QL4RtgHNX69/DABtHiffd4ecAeuiTL2Vgdxu5DLzgZE >> zm1ZPpdrqEFDLb28qu0jxWvfhZT8tVJ+4NH2zvgxEIZ0/O7xozIBCcp/BwRiy/JH >> iGK+J039UfBX03qGTpezEiL8AWIwnouVMx+f0Xh9R+Fah7scG2iF3AEcgpFsoLpS >> d9b/cMgKufK6qtxQvb4IIahZuxt15EBRLdYLqW7L1QaLNwVZYtK0fw=>> =pJnh >> -----END PGP SIGNATURE----- >> >- -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVOxOCHz1H7kL/d9rAQIpnAgAg7AppZILrbrqcclRNKc1iZc299rPuRIm ghf2Bmv+WF21u9qKtvwHmCYFYD4v+JgmPRS1X8e+jxEFocAYkA25qESDElvjJKfD qq3CiLQ42VLcBxGQZ70WlyJXkQK5TUBMu9tF1YuhjuGwb4lF0KMOAiowSwt8xsut JlsgxHfDbVYa8okQ5DwEydHSfqcwBBs3GLzJcQb2UYZRN6GIq71wFqFqQuAI8QRk knzjGUqOYrvsrjdMcp+G+5eywk/Mum/rU5+xXU/0ReyjYtlMGf8iggOzWq8J98Wv c4brY6BegnlAlXLQfmsJnZDZn06bsovdBji88xJPCjaxjur2m8PHtQ==RCw5 -----END PGP SIGNATURE-----
David Scheele
2015-Feb-24 10:10 UTC
"Temporary authentication failure" ? Cant connect with ldap user
Ok I completed the dn as thus: *dn = cn=admin,dc=luenenet,dc=de* And now wehn i try* a login Username Password *over *telnet localhost 143* I get *a NO [AUTHENTICATIONFAILED] Authentication failed.* I confirmed that the user password is correct. by the way,* ldapsearch -x -D 'cn=admin,dc=[domainname],dc=de' -w 12345 -b 'dc=[**domainname**],dc=de' cn* gives me: *| # [**domainname* *].de* *| dn: dc=[**domainname**],dc=de* *| #admin, [**domainname* *].de* *| dn: cn=admin,dc=[**domainname* *],dc=de* *| cn: admin* *| # [User Name], [**domainname* *].de* *| dn: cn=[User Name],dc=[**domainname* *],dc=de* *| cn: [User Name]* *| #search result* *| search: 2* *| result: 0 Success* *| # numResponses: 4* *| # numEntries: 3* 2015-02-24 10:51 GMT+01:00 David Scheele <david.scheele2 at googlemail.com>:> Hmm... > > *ldapsearch -x cn=admin* gives me: > > | # A bunch of information not really interesting > | # search result > | search: 2 > | result: 32 No such object > | > | numResponses: 1 > > *ldapsearch -x cn=admin* gives the same. > Did i configure the ldap wrong? > > > 2015-02-24 10:42 GMT+01:00 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de>: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> On Tue, 24 Feb 2015, David Scheele wrote: >> >> >>> The ldap-utils were already installed. >>> I did the ldapsearch you gave me, but after inputting my admin password >>> it >>> gives me >>> *ldap_bind: Invalid credentials (49)* >>> I logged into the ldap server with my admin credentials (which worked >>> fine) >>> and changed my password to '12345', Trying that, still *Invalid >>> credentials* >>> . >>> >> >> Oh forgot: >> >> ldapsearch -x .. >> >> Also try: >> >> ldapsearch -x cn=admin >> >> >> to get the full DN of the admin >> >> >> 1.) I tried that already. The error switches to syntax error then. >>> 2.) Not really. An upper case letter and a number + various lowercase >>> letters. Not very exotic. >>> >>> Is the pass_filter neccessary? I just wanted to make the installation as >>> basic as possible, to not get any unwanted errors. >>> >>> Best, >>> David >>> >>> 2015-02-24 10:02 GMT+01:00 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de >>> >: >>> >>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: SHA1 >>>> >>>> On Tue, 24 Feb 2015, David Scheele wrote: >>>> >>>> 2015-02-24 8:05 GMT+01:00 Steffen Kaiser < >>>>> skdovecot at smail.inf.fh-brs.de>: >>>>> >>>>> On Mon, 23 Feb 2015, David Scheele wrote: >>>>>> >>>>>> So, I set up the Server, installed and configured postfix, ldap and >>>>>> >>>>>> dovecot >>>>>>> (in that order) and now simply try to log into the mail account with >>>>>>> a >>>>>>> used >>>>>>> from the LDAP over telnet. >>>>>>> >>>>>>> The test looks like this: >>>>>>> >>>>>>> *|> telnet localhost 143* >>>>>>> *| a bunch of stuff ending with:* >>>>>>> *| OK [**] Dovecot ready.* >>>>>>> *|> a login username userpassword* >>>>>>> *| a NO [UNAVAILABLE] Temporary authentication failure. [host and >>>>>>> date >>>>>>> here]* >>>>>>> >>>>>>> In the logs it says >>>>>>> >>>>>>> *|[date] mailserver dovecot: auth: Error: LDAP: binding failed (dn >>>>>>> cn=admin): Invalid credentials* >>>>>>> >>>>>>> But I KNOW the admin password I entered into the >>>>>>> dovecot-lda.conf.ext is >>>>>>> correct as I use it to log into the LDAP directory over jxplorer >>>>>>> >>>>>>> I also know the password for the user i try to log in with is correct >>>>>>> as i >>>>>>> set it myself over and over just to be sure there are no typos. >>>>>>> I'm at a loss, I've been at this end for a few days now and can't >>>>>>> find >>>>>>> good >>>>>>> tutorials online because its either always an old dovecot, postfix, >>>>>>> ldap >>>>>>> or >>>>>>> debian version and somewhere in the middle it just stops because some >>>>>>> file >>>>>>> is completely missing. I get the impression I'm just not able-brained >>>>>>> for >>>>>>> linux useage. >>>>>>> >>>>>>> Anyway, here are a few more informations about the system: >>>>>>> >>>>>>> *Dovecot version 2.1.7* >>>>>>> >>>>>>> Output of grep -v '^ *\(#.*\)\?$' dovecot-ldap.conf.ext: >>>>>>> *hosts = localhost* >>>>>>> *dn = cn=admin* >>>>>>> *dnpass = [password]* >>>>>>> >>>>>>> >>>>>> install the ldap-utils package - that one containing ldapsearch - and >>>> execute: >>>> >>>> ldapsearch -W -D cn=admin -b 'dc=[domainname],dc=de' \ >>>> '(&(objectClass=posixAccount)(uid=<<uid>>))' >>>> >>>> then enter your password. >>>> >>>> 1) I suppose, cn=admin is missing a domain name, e.g. >>>> dc=[domainname],dc=de . >>>> >>>> 2) does your dnpass contain "funny" characters? >>>> >>>> *sasl_bind = no* >>>> >>>>> *tls = no* >>>>>>> *auth_bind = yes* >>>>>>> *ldap_version = 3* >>>>>>> *base = dc=[domainname],dc=de* >>>>>>> *user_attrs = uidNumber=uid,gidNumber=gid* >>>>>>> *user_filter = (&(objectClass=posixAccount)(uid=%u))* >>>>>>> *pass_attrs = uid=user,userPassword=password* >>>>>>> >>>>>>> >>>>>> BTW: You do not habe no pass_filter or I deleted it last time. >>>> >>>> >>>> >>>> Output of dovecot -n: >>>>>>> >>>>>>> *disable_plaintest_auth = no* >>>>>>> *mail_location = mbox:~/mail:INBOX=/var/mail/%u* >>>>>>> *[namespace config here]* >>>>>>> >>>>>>> *passdb {* >>>>>>> *args = /etc/dovecot/dovecot-ldap.conf.ext* >>>>>>> >>>>>>> ^^^^^^^^^^^^^^^^^^^^ >>>>>>> >>>>>> >>>>>> filename mismatch >>>>>> >>>>>> *driver = ldap* >>>>>> >>>>>> *}* >>>>>>> *plugin {* >>>>>>> *sieve = ~/.dovecot.sieve* >>>>>>> *sieve_dir = ~/sieve* >>>>>>> *}* >>>>>>> >>>>>>> *protocols = " imap pop3"* >>>>>>> *ssl_cert = </etc/dovecot/dovecot.pem* >>>>>>> *ssl_key = </etc/dovecot/private/dovecot.pem* >>>>>>> *userdb {* >>>>>>> *args = /etc/dovecot/dovecot-ldap.conf.ext* >>>>>>> *driver =ldap* >>>>>>> *}* >>>>>>> *protocol pop3 {* >>>>>>> *pop3_client_workarounds = outlook-no-nuls oe-ns-eoh* >>>>>>> *pop3_uidl_format = %08Xu%08Xv* >>>>>>> *}* >>>>>>> >>>>>>> Any help would be greatly apprechiated.... I'm going crazy over here. >>>>>>> >>>>>>> Thanks in advance, >>>>>>> David >>>>>>> >>>>>>> >>>>>>> - -- Steffen Kaiser >>>>>>> >>>>>> -----BEGIN PGP SIGNATURE----- >>>>>> Version: GnuPG v1 >>>>>> >>>>>> iQEVAwUBVOwixXz1H7kL/d9rAQJxAgf/dNt0dBGANbIGvm6B0Oeuna/+uY5/7MR8 >>>>>> 9EpFwss94eu4PyFgAfOm2Al+IOT98LP1N9OHs3Za2r/2W7LKaesgjCa3vBfH9IjZ >>>>>> okUj7fsQXsTAM+UqtF+ne3f5Vp6Ng36Irabr5HLptlbIu3lq8ALMm/E/72TabVLl >>>>>> Lln7bB/YFftnrTlI2HheRLnAwSOMHu4rNE7G9zLqiPEipD5XsqgDBPpAM6PwPmbi >>>>>> k/irSUgq8h4b66LCzo6Ekv6lvKzWxQpzJo0MC99HT0syAP/qpyLbPARhQvDXCH7J >>>>>> wvf/T19EAt+OC4zzfIPgL2YxRP5ZN5efr82NLYdiMVfAcBaDHaFWTA=>>>>>> =8upy >>>>>> -----END PGP SIGNATURE----- >>>>>> >>>>>> >>>>>> >>>>> - -- Steffen Kaiser >>>> -----BEGIN PGP SIGNATURE----- >>>> Version: GnuPG v1 >>>> >>>> iQEVAwUBVOw+O3z1H7kL/d9rAQIaZAf+MTnOlpm92TbjdWLCNp3THyjUHMaHDmHt >>>> /EuAXa7P0r16tuBHXNuWAohSzG80ZF6ALxg1EhtFkFdH/VtrnyqZ0L6imahcXbhe >>>> QnwMA1R4PK1+K7ckUisg8Pkv+3hXPrMyjvOyqMUwOTmlwG6PjHNaX7LxthDQNTu4 >>>> 0PjXVZ0IBGlBPTyra/9l81K5j/vw0qfvVF4ycWAFV7An/dqM3nYBnqkBTziqozNs >>>> wdhYWFQqApE/pGOe6TbFGeDEiE9PXVTue4G/H9VGe8GKu/ctlp0mtaRN7x84h5dO >>>> bqshRfVouSIOhK5jynJMH/T142URGKYGGaS7evCVfwNsRkOcdWJm+g=>>>> =W7kX >>>> -----END PGP SIGNATURE----- >>>> >>>> >>> >> - -- Steffen Kaiser >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1 >> >> iQEVAwUBVOxHeXz1H7kL/d9rAQLm6ggAg0Aqx0d6zWxvPf7jIJ+fG9omXlLGrnHU >> DoqcLFR+PslKJcB6jsGNNzwrN2Xlfqh2ZljreOEyvgYZmD0G0U6z+WI1siGTu/Li >> Qx8qcHUbKv/fLSuwx5uV0QL4RtgHNX69/DABtHiffd4ecAeuiTL2Vgdxu5DLzgZE >> zm1ZPpdrqEFDLb28qu0jxWvfhZT8tVJ+4NH2zvgxEIZ0/O7xozIBCcp/BwRiy/JH >> iGK+J039UfBX03qGTpezEiL8AWIwnouVMx+f0Xh9R+Fah7scG2iF3AEcgpFsoLpS >> d9b/cMgKufK6qtxQvb4IIahZuxt15EBRLdYLqW7L1QaLNwVZYtK0fw=>> =pJnh >> -----END PGP SIGNATURE----- >> > >
Steffen Kaiser
2015-Feb-24 10:33 UTC
"Temporary authentication failure" ? Cant connect with ldap user
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 24 Feb 2015, David Scheele wrote:> Ok I completed the dn as thus: > *dn = cn=admin,dc=luenenet,dc=de* > And now wehn i try* a login Username Password *over *telnet localhost 143* I > get > *a NO [AUTHENTICATIONFAILED] Authentication failed.*Did you've added pass_filter? Has the LDAP item> *| # [User Name], [**domainname* > *].de* > *| dn: cn=[User Name],dc=[**domainname* > *],dc=de* > > *| cn: [User Name]*the attributes objectClass: posixAccount uid: <what you've enterred as Login name> ? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVOxTX3z1H7kL/d9rAQK0SQf/TgLwfpfzoEOOnZcUxVXiUdKPjmqsGyL3 tuyN2WzBPXB338lJfRdY8YVRRHqvn3Ff++LkpyM6sPXhIGqEjdln0T/75e3H4M+b NV6lvmyw+J+5s3+m7BoEa3WMam9cmubCSrmpM8UdGMIcF2W4tgsNuRQG+cAofOIU pG9yFi3RyKNUPxXJJKw1t8ZnSwDPVuEzL+CPMuFqT0QRoFPWHbEdrsyWRs5/EeUp +hROn57AF40OtWpF+dIV/HHNzyAwmFqhmJS7AJcajvqtUS8q62xj0S81EvOXnN1f 9tRoDjkfYoaxT4eOMXtP37E9MZzdrcnK5zG5G8nANbgjo8uyVOeA/Q==WqJq -----END PGP SIGNATURE-----
Mihai Badici
2015-Feb-24 10:33 UTC
"Temporary authentication failure" ? Cant connect with ldap user
On Tuesday 24 February 2015 10:51:44 David Scheele wrote:> Hmm... > > *ldapsearch -x cn=admin* gives me: > | # A bunch of information not really interesting > | # search result > | search: 2 > | result: 32 No such object > | > | numResponses: 1 > > *ldapsearch -x cn=admin* gives the same. > Did i configure the ldap wrong?Ldapsearch will search in the default container. But probably the admin user is in different container, like cn=admin,cn=config so you can't find it with this search
David Scheele
2015-Feb-25 09:31 UTC
"Temporary authentication failure" ? Cant connect with ldap user
Is there a good, foolproof dovecot-openldap tutorial that walks you through the steps and works with the newest version of both softwares? I'm giving up and starting anew. 2015-02-24 11:33 GMT+01:00 Mihai Badici <mihai at badici.ro>:> On Tuesday 24 February 2015 10:51:44 David Scheele wrote: > > Hmm... > > > > *ldapsearch -x cn=admin* gives me: > > | # A bunch of information not really interesting > > | # search result > > | search: 2 > > | result: 32 No such object > > | > > | numResponses: 1 > > > > *ldapsearch -x cn=admin* gives the same. > > Did i configure the ldap wrong? > Ldapsearch will search in the default container. > But probably the admin user is in different container, like > cn=admin,cn=config > so you can't find it with this search >
Maybe Matching Threads
- "Temporary authentication failure" ? Cant connect with ldap user
- "Temporary authentication failure" ? Cant connect with ldap user
- Dovecot & LDAP Take #2: Authentication failed and logging
- Aw: Dovecot - Postfix Calender Synchronisation
- "Temporary authentication failure" ? Cant connect with ldap user