auth(default): ldap(foo,127.0.0.1): bind search: base=... auth(default): ldap(foo,127.0.0.1): result: uid(user)=foo
If Dovecot receives a reply to the "bind search", it logs the "result" line, which your logs show is missing.
On Apr 4, 2008, at 12:06 AM, Jack McKinney wrote:
I am not sure that I understand you, here. Are you saying that I ammissing something from my configuration after the "filter=" line like a pass_attrs listing fields to return? I do not have one, as there are nofields that I need returned. The only thing that dovecot needs is the DN of the match itself. According to http://wiki.dovecot.org/AuthDatabase/LDAP , "The pass_filter is used to find the LDAP entry, and the DN is taken from the reply." Should I add a dummy pass_attrs entry? What field is safe to grab? E.g., I do not want to overwrite "user"... On Thu, 2008-04-03 at 23:59 +0300, Timo Sirainen wrote:On Thu, 2008-04-03 at 09:46 -0500, Jack McKinney wrote:ldap([EMAIL PROTECTED],y.y.y.y): bind search: base=ou=users, dc=lorentz,dc=com filter=(&(objectClass=inetOrgPerson)([EMAIL PROTECTED]))Here should be a line saying "result: <returned fields>". Since thereisn't, Dovecot never appears to receive the reply. You could verify thisby adding to src/auth/db-ldap.c ldap_input() around line 372: msgid = ldap_msgid(res); // added line: i_info("LDAP: Received reply %d", msgid); msgid might be the same as this tag:Apr 3 08:13:30 fourier slapd[14039]: conn=7 op=3 SEARCH RESULT tag=101But I'm not sure. If you anyway receive a reply after the "bind search",there's something wrong in Dovecot's error handling.-- Jack McKinney GPG 1024D/99C6A174 [EMAIL PROTECTED] YM:lfaatsnat2006 AIM:jackmclorentz"There is no parameter that makes it impossible for you to perform stillmore excellently." -Mario Cuomo, on the lack of a clock in baseball
PGP.sig
Description: This is a digitally signed message part
