similar to: Using auth_bind_userdn causes uid to be improper case

Let me know how you like this one. This assumes one config parameter. The non-null of auth_bind_userdn overrides auth_bind = yes. I'm using this patch now on cvs head. Comments are always welcome. Thanks much, Geff -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot.patch.auth_bind_userdn Type: application/octet-stream Size: 4607 bytes Desc: not

Hello List! I'm having some troubles for a client of mine: he has two ldap branches which may contain valid users for imap login... For now, dovecot is configured so that it uses the auth_bind: ======== uris = ldap://localhost:389/ auth_bind = yes auth_bind_userdn = uid=%u,ou=user,dc=org ldap_version = 3 base = dc=artemis user_attrs = user_global_uid = 8 user_global_gid = 8 pass_attrs =

I'm trying to setup a system with ldap+postfix+dovecot. Everyone who gets an email is stored in LDAP, some of these users also have a local unix account, regardless I want all users to be dealt with as virtual users. All the mail is stored by postfix in /var/spool/mail in Maildir format with permissions 600 vmail:vmail. Everything works fine when dovecot tries to read the mail of a completely

Hello Steffen and List, Thanks for the answer and help, I mean I found the biggest problem it is "auth_bind_userdn = " please read the rest ;-) Am Dienstag, 25. Oktober 2016, 12:19:08 schrieb Steffen Kaiser: > On Tue, 25 Oct 2016, G?nther J. Niederwimmer wrote: > > I setup ldap (FreeIPA) to have a user for dovecot that can (read search > > compare) all attributes that

I?ve attempted the user Mail with the same password with the same result (binding as my own user was a last-ditch attempt). aaron at aaron-Parallels-Virtual-Platform:/etc/sssd$ ldapsearch -x -H ldap://dc1.ad.automaton.uk -D CN=aaron.jenkins,CN=users,DC=ad,DC=automaton,DC=uk -W - -b CN=aaron.jenkins,CN=users,DC=ad,DC=automaton,DC=uk Enter LDAP Password: # extended LDIF # # LDAPv3 # base

This is the user DN: > cn=Klara Fall,ou=People,dc=[domainname],dc=de According to your Dovecot configuration > auth_bind_userdn = cn=%u,ou=People,dc=**[domainname]**,dc=de if you login with "klarafall" it will be expanded into cn=klarafall,ou=People,dc=[domainname],dc=de which is not the correct DN for Mrs Klara. So if you login with "Klara Fall" it should work,

Hi, I use a OpenLDAP for authentication. To authenticate a full DN as the user name must be used, like "cn=jim,ou=users,dc=example,dc=com". There are several domains, like example2.com and example3.com. I want to use Dovecot with ldap and authentication binds. For testing I use "auth_bind_userdn = cn=%n,ou=users,dc=%d" and the user name must provide as "jim at

I am trying to get dovecot 2.0.19 authenticate users via LDAP (OpenLDAP 2.4.28) and using Wireshark to debug the process. It looks like the basic configuration of dovecot is fine, but it doesn't pull it off to send the right request to the LDAP server. First of all, this is how my LDAP-entries look: # ht dn: dc=ht objectClass: top objectClass: dcObject objectClass:

Hi Michael, Just noticed you are using auth_bind_userdn which we don't. I think you may need to use pass_filter rather than user_filter?? Best Regards Martin On 2017-06-07 10:59, Martin Wheldon wrote: > Hi Michael, > > We do exactly that see example below: > > user_filter = >

On Tue, 2015-11-17 at 12:44 +0000, Luchko Dmitriy wrote: > Andrew, thank for answer! > > We understand about limitation subdomains on Samba but we suggested > that is one cause of current problem. We can all agree that this is a current limitation. > May be you know why python process can hung with 100% CPU ? Does > samba have limitation of groups or OU hierarchy? > p.s.

Stand contains two DC with Windows 2003 Std SP2 En: - root domain company.local - child domain (1) gonzo.company.local -- site 1: Windows 2003 (FSMO) -- site 2: Samba AD DC - child domain (2) depth.company.local I have CentOS 7 and Samba 4.3 in child domain (1) in dedicated active directory site (site 2 ). When I try logon from client (windows 7 workstation) I have error "Insufficient

I?ve removed the dn / dnpass. When attempting with new user: $ cat /var/log/dovecot-info.log Nov 27 00:09:29 imap-login: Info: Internal login failure (pid=5553 id=1) (internal failure, 1 successful auths): user=<test.user>, method=PLAIN, rip=10.211.55.29, lip=10.211.55.33, mpid=5558, TLS, session=<rQXRqdIIZwAK0zcd> Nov 27 00:09:29 imap-login: Info: Internal login failure (pid=5559

Hi, When we try replicate domain tree from Win DC to Samba DC we have timeout error: ERROR(<class 'samba.drs_utils.drsException'>): DsReplicaSync failed - drsException: DsReplicaSync failed (-1073741643, '{Device Timeout} The specified I/O operation on %hs was not completed before the time-out period expired.') File

Hi all, I have an AD testsetup with auth_bind setting auth_bind_userdn = "spdev\\%Ln" I created a testuser "claasc (test)" which works fine in all ldapfilters but not for the auth_bind. the log shows everything correct just "invalid credentials" mail.debug: Jun 9 14:12:31 dovecot: auth: Debug: auth client connected (pid=12202) mail.debug: Jun 9 14:12:31

Hi all, I'd like to know if it's possible to add a custom field when the authentification is made by users. My boolean custom field will be for example "AllowUser" (false/true). I'm trying to do something like that but it's not working : /user_filter = (&(objectClass=posixAccount)(uid=%u)(objectClass=myclass)(AllowUser=TRUE))/ This is my dovecot/ldap

Hi, colleges, We have a big environment with windows domains controllers. We know that KCC in samba doesn't work well now. How we can disable KCC in Samba and create site-link manually? Best regards,   DMITRIY LUCHKO

Hi Andrew! I notice, when we have a lot of domain Samba replicate object from all domain - it's too long for us (GC about 16gb). I going to use --domain-critical-only, and after join disable GC on Samba. -----Original Message----- From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Andrew Bartlett Sent: Friday, October 30, 2015 6:31 AM To: Luchko Dmitriy; samba at

I really forgot about .local but I don't think that the problem is related with this. -----Original Message----- From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Rowland Penny Sent: Friday, October 02, 2015 3:25 PM To: samba at lists.samba.org Subject: Re: [Samba] Samba 4.3 Logon Error (Insufficient system resources exist to complete the requested service) On 02/10/15

On Tue, 2015-11-17 at 08:27 +0000, Luchko Dmitriy wrote: > I created test environment: 1 root domain, 2 subdomain. I created > about 250000 user accounts in subdomain 2 (sub2.company.com) ntds.dit > 14gb. Joining samba in first subdomain (sub1) was without problem. > But in production environment (with a lot of domains and objects) > python process was hung with 100% CPU (after 6

Hi all, I'm in my final steps with my testing server using rc23 in a x86 RHEL4 machine. Everything is working quite well, but still are some LDAP related issues I'd like to clarify: - I'm using auth_bind and auth_bind_userdn. So pass_filter isn't used, and pass_attrs are never searched. Is this true or am I missing something? - Is there a choice for the userdb bind/queries