Re: [SOGo] Dovecot can't authenticate against Samba

Thu, 02 Apr 2015 08:24:04 -0700 

On 2015-04-02 7:44 AM, Rowland Penny wrote:




You posted your /etc/dovecot/dovecot-ldap.conf file, this showed that 
your login DN is:


dn = cn=administrator,dc=erlphase,dc=com

The portion of your log shows:


Error: LDAP: binding failed (dn cn=admin,dc=erlphase,dc=com): Invalid 
credentials



Are you trying to bind with 'cn=admin' as shown in the log, or with 
'cn=administrator' ?


Your 'dovecot-ldap.conf' also shows your search base as:

base = dc=oc,dc=local

er, thats different from 'dc=erlphase,dc=com'

finally, did you really create ' Administrator' with samba-tool ?

Rowland


Hi,


I can see Samba running on port 389. and a 'samba-tool user list' shows 
me this:


# samba-tool user list
Administrator
JohnDoe
krbtgt
Guest
sogo

Okay, here's what I did...

Samba:


samba-tool domain provision --realm=erlphase.com --domain=ERLPHASE 
--adminpass='openchange1!' --server-role=dc --use-rfc2307 
--function-level=2008_R2



dovecot.conf

# cat /etc/dovecot/dovecot.conf
disable_plaintext_auth = no
log_path = /var/log/dovecot.message
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:/var/mail/%u
mail_privileged_group = mail

protocols = imap sieve

service auth {
#  unix_listener auth-master {
#    group = vmail
#    mode = 0600
#    user = vmail
#  }
  unix_listener auth-userdb {
    user = vmail
    group = vmail
  }
#  user = root
}

ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem

userdb {
  args = /etc/dovecot/dovecot-ldap.conf
  driver = ldap
}

userdb {
  driver = passwd
}

passdb {
    driver = ldap
    args = /etc/dovecot/dovecot-ldap.conf
}

protocol lda {
  hostname = erlphase.com
  log_path = /var/log/dovecot.message
  postmaster_address = [email protected]
}

protocol imap {
  mail_plugins = quota imap_quota autocreate
}

protocol pop3 {
  pop3_uidl_format = %08Xu%08Xv
}

service managesieve-login {
  inet_listener sieve {
    port = 4190
  }
}

service managesieve {
}

protocol sieve {
}

plugin {
  quota = maildir:User quota
  quota_rule = *:storage=0

  sieve = /var/vmail/sieve/%d/%u/sieve-script
  sieve_global_path = /var/vmail/sieve/default.sieve
  sieve_storage = /var/vmail/sieve/%d/%u

  autocreate = Trash
  autocreate2 = Spam
  autocreate3 = Sent
  autocreate4 = Drafts
  autosubscribe = Trash
  autosubscribe2 = Spam
  autosubscribe3 = Sent
  autosubscribe4 = Drafts

}



dovecot-ldap.conf

# cat /etc/dovecot/dovecot-ldap.conf

uris = ldap://127.0.0.1
dn = "[email protected]"
dnpass = "openchange1!"
sasl_bind = no
tls = no
ldap_version = 3
deref = never
scope = subtree
base = cn=Users,dc=erlphase,dc=com
auth_bind = yes
user_filter = (&(objectClass=user)(sAMAccountName=%u))

user_attrs = 
sAMAccountName=user,userPassword=password,=mail=maildir:/var/vmail/%Ld/%n, 
=home=/var$

pass_filter = (&(objectClass=user)(sAMAccountName=%u))
pass_attrs = sAMAccountName=user,userPassword=password


Gerald

--
[email protected]
https://inverse.ca/sogo/lists





















					Reply via email to