Re: [Dovecot] LDAP authentication

Fri, 19 Apr 2013 07:44:38 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 19 Apr 2013, val john wrote:


uris = ldap://ldap.example.com:389
dn = cn=admin,dc=example,dc=com
dnpass = abc
tls = no
ldap_version = 3
base = ou=users,dc=example,dc=com
scope = subtree
user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid

               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^


# Entry 1: uid=userone,ou=users,dc=example,dc=com
dn: uid=userone,ou=users,dc=example,dc=com
cn: Firtname Lastname
displayname: Firtname Lastname
givenname: Firstname
mail: [email protected]
objectclass: inetOrgPerson
objectclass: top
sn: Lastname
uid: userone
userpassword: {SHA}0P/ssspVCIZx8+tVsss=


No uidNumber nor gidNumber nor homeDirectory here.


but authentication fails with the follwing error  ,  Please Advice



Apr 19 08:18:50 localhost dovecot: auth(default):
ldap(userone,127.0.0.1): result: uid(user)=userone
userPassword(password)=<hidden>
Apr 19 08:18:50 localhost dovecot: auth(default): client out:
OK#0111#011user=userone


LDAP authentification succeeds.


Apr 19 08:18:50 localhost dovecot: auth(default):
ldap(userone,127.0.0.1): user search: base=ou=users,dc=example,dc=com
scope=subtree filter=(uid=userone)
fields=homeDirectory,uidNumber,gidNumber


Now requesting the LDAP attributes you've specified, ...


Apr 19 08:18:51 localhost dovecot: auth(default):
ldap(userone,127.0.0.1): no fields returned by the server


..., but none there.


Apr 19 08:18:51 localhost dovecot: auth(default): master out:
USER#0111#011userone
Apr 19 08:18:51 localhost dovecot: dovecot: User userone is missing
UID (see mail_uid setting)


Dovecot does not know, which uid to use.
Either assign global mail_uid and mail_gid or add mailUid and mailGid attributes to your LDAP items. 

Next problem will be the missing homeDirectory ... .


Apr 19 08:18:51 localhost dovecot: imap-login: Internal login failure
(auth failed, 1 attempts): user=<userone>, method=PLAIN,
rip=127.0.0.1, lip=127.0.0.1, secured
- -- Steffen Kaiser 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBUXFYdV3r2wJMiz2NAQJmrwf/U5six5ut3Z+QwfFvm+mSgyXz44nhWnsB
EozjS2ULT4MtOUWZacDLooQf6FYh+7gOUwpCOqeBHfOcQvW5p5gTflJU4S+WdDgL
Vuq9IeUcbcaHOOTrEuuenOMuI0nZLB1pv9Rz7KjeRfgAr9H/v4GmirYj9+cuHrWs
jSWjwN+lOj1FmOp7U1F3UAZoibQOTi9JdgUm7MgEOB6v5QobG+oxpiA7Xkl/MXAY
Ip3BOo7qWsuwXVuSnI/9bH7jDk4yK0jitHulsYY5+yl2ePvF86hOLxv60oliyVkI
qkIRd1W8aWLnz9lPTdiL2N5eKOXWpHi0gZYyrVe8vYxVYxrdpgSMmQ==
=t29J
-----END PGP SIGNATURE-----

Reply via email to