Re: [Courier-imap] advanced courier ldap auth problem solved

Fri, 06 Apr 2007 17:51:12 -0700 

Sam Varshavchik wrote:
> Jax writes:
>
>> Sam Varshavchik wrote:
>>> Jax writes:
>>>
>>>> Brian Candler wrote:
>>>>> On Tue, Apr 03, 2007 at 01:23:58AM +0200, Jax wrote:
>>>>>  
>>>>>>>> authdaemon: starting client module
>>>>>>>> authdaemon: REJECT
>>>>>>>> authdaemon: REJECT
>>>>>>>>         
>>>>>>> Turn up debugging.  Set DEBUG_LOGIN=2 in authdaemonrc.
>>>>>>>
>>
>> Well the only problem was that DEBUG_LOGIN=2 is not uppercase but 
>> lowercase. Now I see what cause the problem:
>>
>> Sep 18 06:03:18 Slider authdaemond.ldap: received auth request, 
>> service=imap, authtype=login
>> Sep 18 06:03:18 Slider authdaemond.ldap: authldap: trying this module
>> Sep 18 06:03:18 Slider authdaemond.ldap: using search filter: 
>> (&(objectClass=CourierMailAccount)([EMAIL PROTECTED]))
>> Sep 18 06:03:19 Slider authdaemond.ldap: one entry returned, DN: 
>> cn=john,ou=Courier,ou=Services,dc=logonserver,dc=lan
>> Sep 18 06:03:19 Slider authdaemond.ldap: raw ldap entry returned:
>> Sep 18 06:03:19 Slider authdaemond.ldap: | mail: [EMAIL PROTECTED]
>> Sep 18 06:03:19 Slider authdaemond.ldap: | cn: john
>> Sep 18 06:03:19 Slider authdaemond.ldap: | homeDirectory: 
>> /home/users/user1
>> Sep 18 06:03:19 Slider authdaemond.ldap: | userPassword: 
>> {MD5}Tlu66vyCq3qhOFvqjvXTCg==
>> Sep 18 06:03:19 Slider authdaemond.ldap: authldaplib: 
>> [EMAIL PROTECTED], sysuserid=1017, sysgroupid=1017, 
>> homedir=/home/users/user1, [EMAIL PROTECTED], fullname=john, 
>> maildir=<null>, quota=<null>, options=<null>
>> Sep 18 06:03:19 Slider authdaemond.ldap: authldaplib: 
>> clearpasswd=<null>, passwd={MD5}Tlu66vyCq3qhOFvqjvXTCg==
>> Sep 18 06:03:19 Slider authdaemond.ldap: rebinding with DN 
>> 'cn=john,ou=Courier,ou=Services,dc=logonserver,dc=lan' to validate 
>> password
>> Sep 18 06:03:19 Slider authdaemond.ldap: authentication bind failed, 
>> invalid credentials
>> Sep 18 06:03:19 Slider authdaemond.ldap: authldap: REJECT - try next 
>> module
>> Sep 18 06:03:19 Slider authdaemond.ldap: FAIL, all modules rejected
>>
>> It tries to rebind the connection using the john credential, but 
>> everyone has read permission to everything atm. So do I need to give 
>> any other specific privilege for someone to "log in" to ldap?! I 
>> already added the posixuser attribute to it.
>
> You do not need an authenticated bind in this configuration.  Remove 
> LDAP_AUTHBIND.
>
>   
Thank you very much. Now finally works :-)

Regards,

Jax

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Courier-imap mailing list
Courier-imap@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap

Reply via email to