search for: tls_ca_cert_dir

...et_path = director-userdb } protocol doveadm { auth_socket_path = director-userdb } local 192.168.1.2/24 { doveadm_password = # hidden, use -P to show it } # cat /usr/local/etc/dovecot/dovecot-ldap.conf uris = ldaps://192.168.1.2:636 # allow self-sign sert (not skip connect if sert not valid) tls_ca_cert_dir = /home/user/openldap/ tls_ca_cert_file = /home/user/openldap/ca-slapd-serv.crt tls_require_cert = allow dn = cn=dovecot,ou=accounts,dc=host,dc=ru dnpass = CycsonfeavaidOr ldap_version = 3 #auth_bind = no base = ou=accounts,dc=host,dc=ru deref = never scope = subtree user_attrs = homeDirectory=home...

...? unix_listener /var/spool/postfix/private/dovecot-lmtp { ????group = postfix ????mode = 0660 ????user = postfix ? } } ssl_cert =? # grep -v '^ *\(#.*\)\?$' /etc/dovecot/ldap/maliuta.org-ldap.conf.ext uris = ldap://localhost dn = cn=admin,dc=maliuta,dc=org dnpass = <secret> tls = yes tls_ca_cert_dir = /etc/ssl/certs auth_bind = no ldap_version = 3 base = ou=mail,dc=mailuta,dc=org scope = subtree default_pass_scheme = SSHA deref = never user_attrs = postfixDeliveryAddress=user user_filter = (&(postfixDeliveryEnabled=TRUE)(objectClass=postfixMailPerson)) pass_attrs = postfixDeliveryAddress=u...

Hi! Running Dovecot 2.2.36 and authenticating against an OpenLDAP 2.4.45 server. Now since some update of dovecot it will not be able to authenticate your logins after a restart of the LDAP service is restarted without a reboot of the dovecot server. Anything new here that I should be aware of? Best Regards Dag

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, 20 Nov 2016, Nikolai Lusan wrote: > # grep -v '^ *\(#.*\)\?$' /etc/dovecot/ldap/maliuta.org-ldap.conf.ext > uris = ldap://localhost > dn = cn=admin,dc=maliuta,dc=org > dnpass = <secret> > tls = yes > tls_ca_cert_dir = /etc/ssl/certs > auth_bind = no > ldap_version = 3 > base = ou=mail,dc=mailuta,dc=org > scope = subtree > default_pass_scheme = SSHA > deref = never > user_attrs = postfixDeliveryAddress=user > user_filter = > (&(postfixDeliveryEnabled=TRUE)(objectClass=postfixMailP...

...continue-ok } userdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap ? result_failure = return-fail } protocol imap { ... } protocol pop3 { ... } # grep -v '^ *\(#.*\)\?$' dovecot-ldap.conf.ext uris = ldaps://ldap.URL dn = uid=auth,o=domain,c=TLD dnpass = **** sasl_bind = no tls_ca_cert_dir = /etc/ssl/certs tls_require_cert = demand ldap_version = 3 base = ou=mail,o=asd,c=TLD deref = never scope = subtree user_attrs = =home=/dev/null/%Ld/%L{ldap:uid}, mailQuota=quota_rule=*:bytes=%$ user_filter = (objectClass=inetMailUser) pass_attrs = userPassword=password pass_filter = (objectClass=...

...continue-ok } userdb { ? args = /etc/dovecot/dovecot-ldap.conf.ext ? driver = ldap ? result_failure = return-fail } protocol imap { ... } protocol pop3 { ... } # grep -v '^ *\(#.*\)\?$' dovecot-ldap.conf.ext uris = ldaps://ldap.URL dn = uid=auth,o=domain,c=TLD dnpass = **** sasl_bind = no tls_ca_cert_dir = /etc/ssl/certs tls_require_cert = demand ldap_version = 3 base = ou=mail,o=asd,c=TLD deref = never scope = subtree user_attrs = =home=/dev/null/%Ld/%L{ldap:uid}, mailQuota=quota_rule=*:bytes=%$ user_filter = (objectClass=inetMailUser) pass_attrs = userPassword=password pass_filter = (objectClass=...

.../ldap.sv.hm:636/ uris = ldap://ldap.sv.hm:389/ dn = cn=dovecot,ou=bindusers,dc=smuy,dc=net dnpass = 1qaz2wsx #sasl_bind = no #sasl_mech = #sasl_realm = #sasl_authz_id = # Use TLS to connect to the LDAP server. tls = yes #tls = no tls_ca_cert_file = /etc/ssl/certs/ca/signing-ca.crt tls_ca_cert_dir = /etc/ssl/certs/ca #tls_cipher_suite = # TLS cert/key is used only if LDAP server requires a client certificate. #tls_cert_file = /etc/ssl/certs/mail.crt #tls_key_file = /etc/ssl/private/mail.key # Valid values: never, hard, demand, allow, try #tls_require_cert = never See some sugges...

...user_filter = (&(objectClass=CourierMailAccount)(mail=%u)) pass_filter = (&(objectClass=CourierMailAccount)(mail=%u)) user_attrs = uidNumber=5000,gidNumber=5000,homeDirectory=home,mailbox=mail=maildir:%$/Maildir:LAYOUT=fs default_pass_scheme = SSHA tls = yes tls_ca_cert_dir = /etc/postfix/ssl Why does Dovecot authentication against Openldap fail when I switch to TLS encryption? Hoping this mail will be read by somebody, Regards, Dimitri

Hi Team, I have enabled LDAP authentication with webmail client and it works successfully. But I found an error with LDAP user's mail. Email is not loaded when I log with an LDAP user. Login phase is successful and mail box is the issue. I created a mail user without including LDAP and that user works fine. Issue comes only with LDAP users. *Anushka Bandara* Research Engineer Lanka Software

..., but the # dn is still the logged in user. Normally you want to keep this empty. #sasl_authz_id = # Use TLS to connect to the LDAP server. tls = yes # TLS options, currently supported only with OpenLDAP: #tls_ca_cert_file =/etc/ssl/certs/ldap.crt tls_ca_cert_file =/etc/ssl/certs/ldap6_cacert.pem #tls_ca_cert_dir =/etc/ssl/certs/ #tls_cipher_suite = # TLS cert/key is used only if LDAP server requires a client certificate. #tls_cert_file = /etc/ssl/certs/ldap01_slapd_cert.pem #tls_key_file = /etc/ssl/private/ldap01_slapd_key.pem # Valid values: never, hard, demand, allow, try #tls_require_cert = demand # Us...

...uot;master user", but the # dn is still the logged in user. Normally you want to keep this empty. sasl_authz_id = imap/mx01.example.com at EXAMPLE.COM # Use TLS to connect to the LDAP server. #tls = yes # TLS options, currently supported only with OpenLDAP: tls_ca_cert_file = /etc/ipa/ca.crt #tls_ca_cert_dir = #tls_cipher_suite = # TLS cert/key is used only if LDAP server requires a client certificate. #tls_cert_file = #tls_key_file = # Valid values: never, hard, demand, allow, try tls_require_cert = demand # Use the given ldaprc path. #ldaprc_path = # LDAP library debug level as specified by LDAP_DE...