Hi list! I'm always trying to configure Dovecot to ask our LDAP-Server (AD) in order to authenticate the users. I really don'know what can I do wrong... I configured my Dovecot so: hosts = chimaera.company.local dn = CN=mailproxy,CN=Users,DC=company,DC=local dnpass = SECRET sasl_bind = no tls = no debug_level = -1 auth_bind = yes ldap_version = 3 base = dc=company,dc=local deref = never scope = subtree user_filter = (&(sAMAccountName=%n)(objectClass=user)) pass_attrs = userPassword=password pass_filter = (&(samAccountName=%n)(objectClass=user)) default_pass_scheme = CRYPT If I try to login in, with my login and password, I see with ngrep that Dovecot ask the AD for my data AND GET THEM, then I see: T 10.0.46.4:49204 -> 192.168.168.23:389 [AP] 0p...ck."DC=DomainDnsZones,DC=company,DC=local................4....samAccountName..bertoncello....objectClass..user0. # T 192.168.168.23:389 -> 10.0.46.4:49204 [AP] 0........e................000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1. This is what I see in Dovecot's log: Jun 23 11:26:43 proxy01 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=7z8T/SsZ2AAKADPG#011lip=10.0.46.4#011rip=10.0.51.198#011lport=143#011rport=38104#011resp=<hidden> Jun 23 11:26:43 proxy01 dovecot: auth: Debug: ldap(bertoncello,10.0.51.198,<7z8T/SsZ2AAKADPG>): bind search: base=dc=company,dc=local filter=(&(samAccountName=bertoncello)(objectClass=user)) Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_search Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_filter: "(&(samAccountName=bertoncello)(objectClass=user))" Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_filter: AND Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_filter_list "(samAccountName=bertoncello)(objectClass=user)" Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_filter: "(samAccountName=bertoncello)" Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_filter: simple Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_simple_filter: "samAccountName=bertoncello" Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_filter: "(objectClass=user)" Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_filter: simple Jun 23 11:26:43 proxy01 dovecot: auth: Error: put_simple_filter: "objectClass=user" Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_build_search_req ATTRS: Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_send_initial_request Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_send_server_request Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_result ld 0x1920bb0 msgid -1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg ld 0x1920bb0 msgid -1 (timeout 0 usec) Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg continue ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Connections: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * host: chimaera.company.local port: 389 (default) Jun 23 11:26:43 proxy01 dovecot: auth: Error: refcnt: 2 status: Connected Jun 23 11:26:43 proxy01 dovecot: auth: Error: last used: Tue Jun 23 11:26:43 2015 Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Outstanding Requests: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * msgid 2, origid 2, status InProgress Jun 23 11:26:43 proxy01 dovecot: auth: Error: outstanding referrals 0, parent count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 request count 1 (abandoned 0) Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Response Queue: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Empty Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 response count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chkResponseList ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chkResponseList returns ld 0x1920bb0 NULL Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_int_select Jun 23 11:26:43 proxy01 dovecot: auth: Error: read1msg: ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ber_get_next failed. Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_result ld 0x1920bb0 msgid -1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg ld 0x1920bb0 msgid -1 (timeout 0 usec) Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg continue ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Connections: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * host: chimaera.company.local port: 389 (default) Jun 23 11:26:43 proxy01 dovecot: auth: Error: refcnt: 2 status: Connected Jun 23 11:26:43 proxy01 dovecot: auth: Error: last used: Tue Jun 23 11:26:43 2015 Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Outstanding Requests: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * msgid 2, origid 2, status InProgress Jun 23 11:26:43 proxy01 dovecot: auth: Error: outstanding referrals 0, parent count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 request count 1 (abandoned 0) Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Response Queue: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Empty Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 response count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chkResponseList ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chkResponseList returns ld 0x1920bb0 NULL Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_int_select Jun 23 11:26:43 proxy01 dovecot: auth: Error: read1msg: ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: read1msg: ld 0x1920bb0 msgid 2 message type search-entry Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_result ld 0x1920bb0 msgid -1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg ld 0x1920bb0 msgid -1 (timeout 0 usec) Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg continue ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Connections: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * host: chimaera.company.local port: 389 (default) Jun 23 11:26:43 proxy01 dovecot: auth: Error: refcnt: 2 status: Connected Jun 23 11:26:43 proxy01 dovecot: auth: Error: last used: Tue Jun 23 11:26:43 2015 Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Outstanding Requests: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * msgid 2, origid 2, status InProgress Jun 23 11:26:43 proxy01 dovecot: auth: Error: outstanding referrals 0, parent count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 request count 1 (abandoned 0) Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Response Queue: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Empty Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 response count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chkResponseList ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chkResponseList returns ld 0x1920bb0 NULL Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_int_select Jun 23 11:26:43 proxy01 dovecot: auth: Error: read1msg: ld 0x1920bb0 msgid -1 all 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: read1msg: ld 0x1920bb0 msgid 2 message type search-reference Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chase_v3referrals Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_url_parse_ext(ldap://DomainDnsZones.company.local/DC=DomainDnsZones,DC=company,DC=local) Jun 23 11:26:43 proxy01 dovecot: auth: Error: re_encode_request: new msgid 3, new dn <DC=DomainDnsZones,DC=company,DC=local> Jun 23 11:26:43 proxy01 dovecot: auth: Error: re_encode_request new request is: Jun 23 11:26:43 proxy01 dovecot: auth: Error: ber_dump: buf=0x1934920 ptr=0x1934992 end=0x19358fc len=114 Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0000: 65 72 30 00 65 72 30 00 00 00 00 00 00 00 00 00 er0.er0......... Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0070: 00 00 .. Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chase_v3referral: msgid 2, url "ldap://DomainDnsZones.company.local/DC=DomainDnsZones,DC=company,DC=local" Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_send_server_request Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_new_connection 0 1 1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_int_open_connection Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_connect_to_host: TCP DomainDnsZones.company.local:389 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_new_socket: 20 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_prepare_socket: 20 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_connect_to_host: Trying 192.168.168.26:389 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_pvt_connect: fd: 20 tm: -1 async: 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: attempting to connect: Jun 23 11:26:43 proxy01 dovecot: auth: Error: connect errno: 111 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_close_socket: 20 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_new_socket: 20 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_prepare_socket: 20 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_connect_to_host: Trying 192.168.168.23:389 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_pvt_connect: fd: 20 tm: -1 async: 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: attempting to connect: Jun 23 11:26:43 proxy01 dovecot: auth: Error: connect success Jun 23 11:26:43 proxy01 dovecot: auth: Error: anonymous rebind via ldap_sasl_bind("") Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_sasl_bind Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_send_initial_request Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_send_server_request Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_result ld 0x1920bb0 msgid 4 Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg ld 0x1920bb0 msgid 4 (timeout 100000 usec) Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg continue ld 0x1920bb0 msgid 4 all 1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Connections: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * host: DomainDnsZones.company.local port: 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: refcnt: 2 status: Connected Jun 23 11:26:43 proxy01 dovecot: auth: Error: last used: Tue Jun 23 11:26:43 2015 Jun 23 11:26:43 proxy01 dovecot: auth: Error: rebind in progress Jun 23 11:26:43 proxy01 dovecot: auth: Error: queue is empty Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * host: chimaera.company.local port: 389 (default) Jun 23 11:26:43 proxy01 dovecot: auth: Error: refcnt: 3 status: Connected Jun 23 11:26:43 proxy01 dovecot: auth: Error: last used: Tue Jun 23 11:26:43 2015 Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Outstanding Requests: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * msgid 4, origid 4, status InProgress Jun 23 11:26:43 proxy01 dovecot: auth: Error: outstanding referrals 0, parent count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: * msgid 2, origid 2, status InProgress Jun 23 11:26:43 proxy01 dovecot: auth: Error: outstanding referrals 1, parent count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 request count 2 (abandoned 0) Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Response Queue: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Empty Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 response count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chkResponseList ld 0x1920bb0 msgid 4 all 1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chkResponseList returns ld 0x1920bb0 NULL Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_int_select Jun 23 11:26:43 proxy01 dovecot: auth: Error: read1msg: ld 0x1920bb0 msgid 4 all 1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: read1msg: ld 0x1920bb0 msgid 2 message type search-reference Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chase_v3referrals Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_url_parse_ext(ldap://ForestDnsZones.company.local/DC=ForestDnsZones,DC=company,DC=local) Jun 23 11:26:43 proxy01 dovecot: auth: Error: re_encode_request: new msgid 5, new dn <DC=ForestDnsZones,DC=company,DC=local> Jun 23 11:26:43 proxy01 dovecot: auth: Error: re_encode_request new request is: Jun 23 11:26:43 proxy01 dovecot: auth: Error: ber_dump: buf=0x1936cc0 ptr=0x1936d32 end=0x1937c9c len=114 Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0000: 65 72 30 00 65 72 30 00 00 00 00 00 00 00 00 00 er0.er0......... Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Jun 23 11:26:43 proxy01 dovecot: auth: Error: 0070: 00 00 .. Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_chase_v3referral: msgid 2, url "ldap://ForestDnsZones.company.local/DC=ForestDnsZones,DC=company,DC=local" Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_send_server_request Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_new_connection 0 1 1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_int_open_connection Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_connect_to_host: TCP ForestDnsZones.company.local:389 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_new_socket: 21 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_prepare_socket: 21 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_connect_to_host: Trying 192.168.168.18:389 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_pvt_connect: fd: 21 tm: -1 async: 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: attempting to connect: Jun 23 11:26:43 proxy01 dovecot: auth: Error: connect success Jun 23 11:26:43 proxy01 dovecot: auth: Error: anonymous rebind via ldap_sasl_bind("") Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_sasl_bind Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_send_initial_request Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_send_server_request Jun 23 11:26:43 proxy01 dovecot: auth: Error: ldap_result ld 0x1920bb0 msgid 6 Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg ld 0x1920bb0 msgid 6 (timeout 100000 usec) Jun 23 11:26:43 proxy01 dovecot: auth: Error: wait4msg continue ld 0x1920bb0 msgid 6 all 1 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Connections: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * host: ForestDnsZones.company.local port: 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: refcnt: 2 status: Connected Jun 23 11:26:43 proxy01 dovecot: auth: Error: last used: Tue Jun 23 11:26:43 2015 Jun 23 11:26:43 proxy01 dovecot: auth: Error: rebind in progress Jun 23 11:26:43 proxy01 dovecot: auth: Error: queue is empty Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * host: DomainDnsZones.company.local port: 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: refcnt: 2 status: Connected Jun 23 11:26:43 proxy01 dovecot: auth: Error: last used: Tue Jun 23 11:26:43 2015 Jun 23 11:26:43 proxy01 dovecot: auth: Error: rebind in progress Jun 23 11:26:43 proxy01 dovecot: auth: Error: queue is empty Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * host: chimaera.company.local port: 389 (default) Jun 23 11:26:43 proxy01 dovecot: auth: Error: refcnt: 4 status: Connected Jun 23 11:26:43 proxy01 dovecot: auth: Error: last used: Tue Jun 23 11:26:43 2015 Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Outstanding Requests: Jun 23 11:26:43 proxy01 dovecot: auth: Error: * msgid 6, origid 6, status InProgress Jun 23 11:26:43 proxy01 dovecot: auth: Error: outstanding referrals 0, parent count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: * msgid 4, origid 4, status InProgress Jun 23 11:26:43 proxy01 dovecot: auth: Error: outstanding referrals 0, parent count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: * msgid 2, origid 2, status InProgress Jun 23 11:26:43 proxy01 dovecot: auth: Error: outstanding referrals 2, parent count 0 Jun 23 11:26:43 proxy01 dovecot: auth: Error: ld 0x1920bb0 request count 3 (abandoned 0) Jun 23 11:26:43 proxy01 dovecot: auth: Error: ** ld 0x1920bb0 Response Queue: I can't understand why it happens... I can't understand why Dovecot says anonymous rebind via ldap_sasl_bind(""), too... Thanks for your help! Luca Bertoncello