dear all I have a postfix relaying to dovecot's lda but "strangely" it does not work, I mean I imaging it's me doing something wrong, yet I cannot figure out what. postfix logs: to=<me at my.domain>,orig_to=<root at localhost>, relay=dovecot, delay=39296, delays=39294/2.2/0/0.27, dsn=4.3.0, status=deferred (temporary failure) and dovecot logs no error, despite having debug to yes in couple of places, it shows: auth: Debug: master in: USER 1 me at my.domain service=lda auth-worker(25343): Debug: passwd(me at my.domain): lookup auth-worker(25343): passwd(me at my.domain): unknown user auth: Debug: ldap(me at my.domain): user search: base=ou=People,dc=my,dc=domain scope=subtree filter=(&(objectClass=person)(uid=me)) fieldsauth: Debug: ldap(me at my.domain): result: objectClass=top,top,top,top, ... here goes the whole lot of ldap atrribs, and at the end: unused. For passdb & userdb in the configs I only configure ldap backed, nothing else. Ldap works, I can query it without failling. I believe it's very simple set up but I must be wrong somewhere. pass_filter = (&(objectClass=posixAccount)(uid=%n)) pass_attrs = uid=user=%n,userPassword=password user_attrs = =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n user_filter = (&(objectClass=person)(uid=%n)) Any suggestions very appreciated. thanks
On 22/06/15 09:16, lejeczek wrote:> > dear all > > I have a postfix relaying to dovecot's lda but "strangely" > it does not work, I mean I imaging it's me doing something > wrong, yet I cannot figure out what. > > postfix logs: > > to=<me at my.domain>,orig_to=<root at localhost>, relay=dovecot, > delay=39296, delays=39294/2.2/0/0.27, dsn=4.3.0, > status=deferred (temporary failure) > > and dovecot logs no error, despite having debug to yes in > couple of places, > it shows: > > auth: Debug: master in: USER 1 me at my.domain > service=lda > auth-worker(25343): Debug: passwd(me at my.domain): lookup > auth-worker(25343): passwd(me at my.domain): unknown user > auth: Debug: ldap(me at my.domain): user search: > base=ou=People,dc=my,dc=domain scope=subtree > filter=(&(objectClass=person)(uid=me)) fields> auth: Debug: ldap(me at my.domain): result: > objectClass=top,top,top,top, > > ... here goes the whole lot of ldap atrribs, and at the end: > > unused. > > For passdb & userdb in the configs I only configure ldap > backed, nothing else. Ldap works, I can query it without > failling. > I believe it's very simple set up but I must be wrong > somewhere. > > > pass_filter = (&(objectClass=posixAccount)(uid=%n)) > pass_attrs = uid=user=%n,userPassword=password > > user_attrs = > =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n > user_filter = (&(objectClass=person)(uid=%n)) > > Any suggestions very appreciated. > thanks >even stranger, if I use(along with ldap in configs): userdb { driver = static args = uid=vmail gid=mail home=/var/spool/mail/%d/%n mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n sieve_storage=/var/spool/mail/%d/%n/SIEVE sieve=/var/spool/mail/%d/%n/dovecot.sieve } dovecot start to core dump: auth: Fatal: master: service(auth): child 9188 killed with signal 11 (core dumped)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 22 Jun 2015, lejeczek wrote:> On 22/06/15 09:16, lejeczek wrote: >> >> to=<me at my.domain>,orig_to=<root at localhost>, relay=dovecot, delay=39296, >> delays=39294/2.2/0/0.27, dsn=4.3.0, status=deferred (temporary failure) >> >> and dovecot logs no error, despite having debug to yes in couple of places, >> it shows: >> >> auth: Debug: master in: USER 1 me at my.domain service=lda >> auth-worker(25343): Debug: passwd(me at my.domain): lookup >> auth-worker(25343): passwd(me at my.domain): unknown user >> auth: Debug: ldap(me at my.domain): user search: >> base=ou=People,dc=my,dc=domain scope=subtree >> filter=(&(objectClass=person)(uid=me)) fields>> auth: Debug: ldap(me at my.domain): result: objectClass=top,top,top,top, >> >> ... here goes the whole lot of ldap atrribs, and at the end: >> >> unused. >> >> For passdb & userdb in the configs I only configure ldap backed, nothing >> else. Ldap works, I can query it without failling. >> I believe it's very simple set up but I must be wrong somewhere. >> >> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >> pass_attrs = uid=user=%n,userPassword=passwordUse either uid=user oder =user=%n but not uid=user=%n. I would use uid=user, so the user cannot specify the case of the username.>> user_attrs = >> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >> user_filter = (&(objectClass=person)(uid=%n)) >> > even stranger, if I use(along with ldap in configs):Please post: complete doveconf -n and the complete LDAP config being referenced by the config.> userdb { > driver = static > args = uid=vmail gid=mail home=/var/spool/mail/%d/%n > mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n > sieve_storage=/var/spool/mail/%d/%n/SIEVE > sieve=/var/spool/mail/%d/%n/dovecot.sieve > } > > dovecot start to core dump: > > auth: Fatal: master: service(auth): child 9188 killed with signal 11 (core > dumped) >- -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVYfKoHz1H7kL/d9rAQLhsQgAkwOcfTIoH/NiIXHL+IJcUjzHBpFsQJeT lXdN5XIfyXgZdpzmObXG606ON5Y5higyfR1kby3bLxlvkioyAt4WqWHcTw7XLrwo e5zz9774M7dlnZN+CpY0WAHcyllZeodaD5jVruXzS2JAZmShL8vAV1AIC2QKOtwL h4Z5y0ZYTA4bwD7J6pwZ18kaF3pV9lD6uHiFE0DTq8TupUjp0gV0wLOMKkcetsD2 kpWPvz8CGlc2LBDJTEHVdw1of7/VVIRIJKSqX3mzizWMf+DLy6fAJRue4S1o3cT8 m+4PM48B50ycGQXW1U3dJ9ERAgg21sS0kmUBbuuKnC8BWacsdSFUaA==QCeP -----END PGP SIGNATURE-----
On 22/06/15 09:16, lejeczek wrote:> > dear all > > I have a postfix relaying to dovecot's lda but "strangely" > it does not work, I mean I imaging it's me doing something > wrong, yet I cannot figure out what. > > postfix logs: > > to=<me at my.domain>,orig_to=<root at localhost>, relay=dovecot, > delay=39296, delays=39294/2.2/0/0.27, dsn=4.3.0, > status=deferred (temporary failure) > > and dovecot logs no error, despite having debug to yes in > couple of places, > it shows: > > auth: Debug: master in: USER 1 me at my.domain > service=lda > auth-worker(25343): Debug: passwd(me at my.domain): lookup > auth-worker(25343): passwd(me at my.domain): unknown user > auth: Debug: ldap(me at my.domain): user search: > base=ou=People,dc=my,dc=domain scope=subtree > filter=(&(objectClass=person)(uid=me)) fields> auth: Debug: ldap(me at my.domain): result: > objectClass=top,top,top,top, > > ... here goes the whole lot of ldap atrribs, and at the end: > > unused. > > For passdb & userdb in the configs I only configure ldap > backed, nothing else. Ldap works, I can query it without > failling. > I believe it's very simple set up but I must be wrong > somewhere. > > > pass_filter = (&(objectClass=posixAccount)(uid=%n)) > pass_attrs = uid=user=%n,userPassword=password > > user_attrs = > =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n > user_filter = (&(objectClass=person)(uid=%n)) > > Any suggestions very appreciated. > thanks >I wonder could there be some kind of collision between user/passdbs, even though I do not configure anything but ldap, when I do: #doveadm user me me at my.domain field value uid 1177 gid 513 home /home/me mail maildir:/var/spool/mail/my.domain/me/Maildir system_groups_user me uid vmail gid home /var/spool/mail/my.domain/me mail maildir:/var/spool/mail/my.domain/me/Maildir:INDEX=/var/spool/mail/my.domain/me:CONTROL=/var/spool/mail/my.domain/me I understand that it's dovecot trying something else than just ldap? Or not a collision, and these would be two separate, different users?
Am Montag, den 22.06.2015, 10:05 +0100 schrieb lejeczek:> > > I wonder could there be some kind of collision between > user/passdbs, even though I do not configure anything but > ldap, when I do:passdb { driver = pam } passdb { args = /etc/dovecot/ldap-passdb-my.domain.conf driver = ldap } Check your whole dovecot config. You have an active PAM passdb lookup and an ldap lookup.
On 22/06/15 09:16, lejeczek wrote:> > dear all > > I have a postfix relaying to dovecot's lda but "strangely" > it does not work, I mean I imaging it's me doing something > wrong, yet I cannot figure out what. > > postfix logs: > > to=<me at my.domain>,orig_to=<root at localhost>, relay=dovecot, > delay=39296, delays=39294/2.2/0/0.27, dsn=4.3.0, > status=deferred (temporary failure) > > and dovecot logs no error, despite having debug to yes in > couple of places, > it shows: > > auth: Debug: master in: USER 1 me at my.domain > service=lda > auth-worker(25343): Debug: passwd(me at my.domain): lookup > auth-worker(25343): passwd(me at my.domain): unknown user > auth: Debug: ldap(me at my.domain): user search: > base=ou=People,dc=my,dc=domain scope=subtree > filter=(&(objectClass=person)(uid=me)) fields> auth: Debug: ldap(me at my.domain): result: > objectClass=top,top,top,top, > > ... here goes the whole lot of ldap atrribs, and at the end: > > unused. > > For passdb & userdb in the configs I only configure ldap > backed, nothing else. Ldap works, I can query it without > failling. > I believe it's very simple set up but I must be wrong > somewhere. > > > pass_filter = (&(objectClass=posixAccount)(uid=%n)) > pass_attrs = uid=user=%n,userPassword=password > > user_attrs = > =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n > user_filter = (&(objectClass=person)(uid=%n)) > > Any suggestions very appreciated. > thanks >strange thing is that an IMAP clients authenticates just fine. Only problems are when sending messages with smtp/postfix.
Am 22.06.2015 um 18:21 schrieb lejeczek:> On 22/06/15 09:16, lejeczek wrote: >> >> dear all >> >> I have a postfix relaying to dovecot's lda but "strangely" it does not >> work, I mean I imaging it's me doing something wrong, yet I cannot >> figure out what. >> >> postfix logs: >> >> to=<me at my.domain>,orig_to=<root at localhost>, relay=dovecot, >> delay=39296, delays=39294/2.2/0/0.27, dsn=4.3.0, status=deferred >> (temporary failure) >> >> and dovecot logs no error, despite having debug to yes in couple of >> places, >> it shows: >> >> auth: Debug: master in: USER 1 me at my.domain service=lda >> auth-worker(25343): Debug: passwd(me at my.domain): lookup >> auth-worker(25343): passwd(me at my.domain): unknown user >> auth: Debug: ldap(me at my.domain): user search: >> base=ou=People,dc=my,dc=domain scope=subtree >> filter=(&(objectClass=person)(uid=me)) fields>> auth: Debug: ldap(me at my.domain): result: objectClass=top,top,top,top, >> >> ... here goes the whole lot of ldap atrribs, and at the end: >> >> unused. >> >> For passdb & userdb in the configs I only configure ldap backed, >> nothing else. Ldap works, I can query it without failling. >> I believe it's very simple set up but I must be wrong somewhere. >> >> >> pass_filter = (&(objectClass=posixAccount)(uid=%n)) >> pass_attrs = uid=user=%n,userPassword=password >> >> user_attrs >> =home=/var/spool/mail/%d/%n,=mail=maildir:/var/spool/mail/%d/%n/Maildir:INDEX=/var/spool/mail/%d/%n:CONTROL=/var/spool/mail/%d/%n >> >> user_filter = (&(objectClass=person)(uid=%n)) >> >> Any suggestions very appreciated. >> thanks >> > strange thing is that an IMAP clients authenticates just fine. Only > problems are when sending messages with smtp/postfix.I had a similar problem. Turned out, that when the message comes from Postfix, the identifier is an email address (surprise ;) and not a username, so my LDAP query looks similar to this: user_filter = (&(objectClass=person)(|(uid=%u)(email=%u))) Anyway, when you set auth_verbose=yes and auth_debug=yes, in 10-logging.conf you'll see the exact LDAP query. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20150623/93018071/attachment.sig>