Can you send doveconf -n
Aki
On 02/06/2026 21:10 EEST Tom via dovecot <[1][email protected]> wrote:
On 2026-06-02 09:36, Aki Tuomi via dovecot wrote:
>>> I can't seem to find documentation that shows how to set up 2 LDAP
passdb blocks. I can get each of them working properly, but only the
second of the two works at any given time. I can't figure out the syntax
needed to get both to work, even though I've been all over the Dovecot
2.4x official documentation. The docs seem to suggest settings that the
server rejects.
>>>
>>> Anyone have any experience doing this, or know the correct syntax?
Thanks in advance!
>>
>> # you can share settings like this
>> ldap_auth_dn = cn=dovecot,ou=apps,dc=example,dc=com
>> ldap_auth_dn_password = D0vec0t
>> ldap_uris = ldapi://%2Frun%2Fldapi
>> ldap_version = 3
>> ldap_bind = yes
>>
>> passdb ldab-1 {
>> driver = ldap
>> ldap_bind_userdn = cn=%{user},ou=apps,dc=example,dc=com
>> ldap_filter = (&(objectClass=applicationProcess)(cn=%{user}))
>> }
>>
>> passdb ldap-2 {
>> driver = ldap
>> ldap_bind_userdn = cn=%{user},ou=apps,dc=example,dc=com
>> ldap_filter =
(&(objectClass=posixAccount)(uid=%{user|username})(memberOf=cn=mail,ou=%{user|domain},ou=groups,dc=example,dc=com))
>> }
>>
>> Aki
Sorry, small mistake
ldap_bind = yes => passdb_ldap_bind = yes
Thanks for your replies.
2026.06.02 13:52:40
auth([2][email protected],10.0.0.99,sasl:plain)<qgg2+khTlLgKAABj>:
Debug: sasl(plain): Set authid [3]'[email protected]'
2026.06.02 13:52:40
auth([4][email protected],10.0.0.99,sasl:plain)<qgg2+khTlLgKAABj>:
Debug: sasl(plain): Performing plain passdb verification
2026.06.02 13:52:40
auth([5][email protected],10.0.0.99,sasl:plain)<qgg2+khTlLgKAABj>:
Debug: ldap-1: Performing passdb lookup
2026.06.02 13:52:40
auth([6][email protected],10.0.0.99,sasl:plain)<qgg2+khTlLgKAABj>:
Debug: ldap-1: Finished passdb lookup
2026.06.02 13:52:40
auth([7][email protected],10.0.0.99,sasl:plain)<qgg2+khTlLgKAABj>:
Debug: ldap-2: Performing passdb lookup
2026.06.02 13:52:40
auth([8][email protected],10.0.0.99,sasl:plain)<qgg2+khTlLgKAABj>:
Debug: ldap-2: Finished passdb lookup
2026.06.02 13:52:43
auth([9][email protected],10.0.0.99,sasl:plain)<qgg2+khTlLgKAABj>:
Debug: sasl(plain): Finished plain passdb verification
(status=internal-failure)
2026.06.02 13:52:43
auth([10][email protected],10.0.0.99,sasl:plain)<qgg2+khTlLgKAABj>:
Debug: sasl(plain): Interaction failed (internal failure)
2026.06.02 13:52:43
auth([11][email protected],10.0.0.99,sasl:plain)<qgg2+khTlLgKAABj>:
Debug: Auth request finished
2026.06.02 13:52:43
auth([12][email protected],10.0.0.99,sasl:plain)<qgg2+khTlLgKAABj>:
Debug: immediate auth failure due to internal failure
Not getting either one to work. This is with full debugging on. It looks
like the internal error happens instantly, no attempt to contact the
directory.
_______________________________________________
dovecot mailing list -- [13][email protected]
To unsubscribe send an email to [14][email protected]
References
Visible links
1. mailto:[email protected]
2. mailto:[email protected]
3. mailto:'[email protected]
4. mailto:[email protected]
5. mailto:[email protected]
6. mailto:[email protected]
7. mailto:[email protected]
8. mailto:[email protected]
9. mailto:[email protected]
10. mailto:[email protected]
11. mailto:[email protected]
12. mailto:[email protected]
13. mailto:[email protected]
14. mailto:[email protected]
_______________________________________________
dovecot mailing list -- [email protected]
To unsubscribe send an email to [email protected]
