Andre Luiz Paiz
2018-Apr-16 18:39 UTC
LDAP Homedir location: Needs dovecot restart after change it
Dear group members. I work with Dovecot and Openldap authentication. Sometimes users change departments and we need to alter their homedir location. Every time this process is needed, I perform this steps: 1 - Change homedir location in openldap 2 - Move homedir folder to the new location 3 - Re-apply permissions 4 - Remove user index folder After I do that, users cannot authenticate unless I restart dovecot, process that I would like to avoid. Can you guys give a tip on what I need to change to avoid this last problematic step? After the restart, everything works. Does the auth_cache feature also store the homedir location? System: CentOS 7 Versions: dovecot-pigeonhole-2.2.10-8.el7.x86_64 dovecot-2.2.10-8.el7.x86_64 Doveconf -n: # 2.2.10: /etc/dovecot/dovecot.conf # OS: Linux 3.10.0-693.5.2.el7.x86_64 x86_64 CentOS Linux release 7.4.1708 (Core) auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_mechanisms = plain login auth_username_format = %Ln default_client_limit = 1024 default_process_limit = 1024 default_vsz_limit = 1 G listen = * mail_location = maildir:~/Maildir:INDEX=/var/indexes/dovecot/%u mail_plugins = " mail_log notify quota" mail_temp_dir = /var/tmp managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags notify mbox_write_locks = fcntl mmap_disable = yes namespace inbox { ? inbox = yes ? location ? mailbox Drafts { ? ? special_use = \Drafts ? } ? mailbox Junk { ? ? special_use = \Junk ? } ? mailbox Sent { ? ? special_use = \Sent ? } ? mailbox "Sent Messages" { ? ? special_use = \Sent ? } ? mailbox Trash { ? ? special_use = \Trash ? } ? prefix } passdb { ? driver = pam } passdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } plugin { ? mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename ? mail_log_fields = uid box msgid size ? quota = maildir ? quota_exceeded_message = Cota de armazenamento de e-mails excedida. Quota exceeded for mail store. ? quota_warning = storage=95%% quota-warning 95 %u ? quota_warning2 = storage=85%% quota-warning 85 %u ? quota_warning3 = storage=75%% quota-warning 75 %u ? sieve = ~/.dovecot.sieve ? sieve_before = /var/lib/dovecot/sieve/default.sieve ? sieve_default = /var/lib/dovecot/sieve/default.sieve ? sieve_dir = ~/sieve ? sieve_extensions = +notify +imapflags } protocols = imap pop3 lmtp sieve service anvil { ? client_limit = 14100 ? process_limit = 1 } service auth-worker { ? client_limit = 1 ? process_limit = 50 ? service_count = 1 } service auth { ? client_limit = 15100 ? process_limit = 1 } service dict { ? client_limit = 1 } service imap-login { ? inet_listener imap { ? ? port = 143 ? } ? inet_listener imaps { ? ? port = 993 ? ? ssl = yes ? } ? process_limit = 6000 ? process_min_avail = 10 ? service_count = 1 ? vsz_limit = 256 M } service imap { ? process_limit = 3000 ? vsz_limit = 1 G } service lmtp { ? client_limit = 1 ? inet_listener lmtp { ? ? port = 24 ? } ? unix_listener lmtp { ? ? mode = 0666 ? } } service managesieve-login { ? inet_listener sieve { ? ? port = 4190 ? } } service pop3-login { ? inet_listener pop3 { ? ? port = 110 ? } ? inet_listener pop3s { ? ? port = 995 ? ? ssl = yes ? } ? process_limit = 6000 ? process_min_avail = 10 ? service_count = 1 } service pop3 { ? process_limit = 3000 } service quota-warning { ? executable = script /usr/local/bin/quota-warning.sh ? unix_listener quota-warning { ? ? mode = 0666 ? ? user = dovecot ? } ? user = root } ssl = required ssl_cert = ********** ssl_key = *********** userdb { ? driver = passwd } userdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap } protocol lmtp { ? mail_plugins = " mail_log notify quota sieve quota" } protocol imap { ? mail_plugins = " mail_log notify quota imap_quota" } Thanks Andre
Gerald Galster
2018-Apr-16 19:26 UTC
LDAP Homedir location: Needs dovecot restart after change it
Hello Andre, try to flush the auth cache: doveadm auth cache flush user at example.com or: doveadm auth cache flush Best regards, Gerald> Am 16.04.2018 um 20:39 schrieb Andre Luiz Paiz <andre.paiz at iqm.unicamp.br>: > > Dear group members. > > I work with Dovecot and Openldap authentication. Sometimes users change departments and we need to alter their homedir location. Every time this process is needed, I perform this steps: > > 1 - Change homedir location in openldap > 2 - Move homedir folder to the new location > 3 - Re-apply permissions > 4 - Remove user index folder > > After I do that, users cannot authenticate unless I restart dovecot, process that I would like to avoid. Can you guys give a tip on what I need to change to avoid this last problematic step? After the restart, everything works. > > Does the auth_cache feature also store the homedir location?