<quote who="Jack McKinney"> > So why is dovecot searching for uid? I am not asking it to; in fact, my > pass_attrs field is empty.
Im' no tsure, I was hoping someone else would know why. Is it a hard coded default? > Also, I have switched around my setup to not use auth_bind: > > hosts = ldap.lrtz > dn = cn=varmail,ou=users,dc=lorentz,dc=com > dnpass = ******* > ldap_version = 3 > auth_bind = no > pass_attrs = userPassword=password > pass_filter = (&(objectClass=inetOrgPerson)(mail=%Lu)) > base = ou=users, dc=%Dd > scope = onelevel > > With this configuration, it becomes inconsistant. Sometimes my client > authenticates, and sometimes my client goes through the same timeout as > below. > I have not had time to run enough trials to prove this, but it seems > like this new configuration works for the first connection made to > dovecot, and then times out on subsequent connections. If I restart > dovecot, then I get one successful connection again, and then the others > fail. > I am not certain on this, however. I seem to remember the first > connection timing out on one run... > > On Wed, 2008-04-16 at 23:20 +0100, Gavin Henry wrote: >> <quote who="Jack McKinney"> >> > No, it isn't. I have verified the connection with "openssl s_client". >> > Besides, the server is receiving the username "[EMAIL PROTECTED]", so >> > the connection has already been made by this time. >> > What is happening every time is that dovecot sends the correct query >> to >> > OpenLDAP (as noted in the log below), OpenLDAP receives that query >> > (according to its log) and responds with one match, but dovecot never >> > seems to see that response. 180 seconds after the auth fails, dovecot >> > drops the connection with the IMAP client for inactivity. >> > >> >> I've gone back to your first post, and you slapd logs show: >> >> Apr 3 08:13:30 fourier slapd[14039]: conn=7 op=3 SRCH >> base="ou=users,dc=lorentz,dc=com" scope=1 deref=0 >> filter="(&(objectClass=inetOrgPerson)(mail=jackmc at lorentz.com))" >> Apr 3 08:13:30 fourier slapd[14039]: conn=7 op=3 SRCH attr=uid >> Apr 3 08:13:30 fourier slapd[14039]: conn=7 op=3 SEARCH RESULT tag=101 >> err=0 nentries=1 text= >> >> Which shows the correct filter, but the requested attribute to return is >> "uid", which is _not_ in your entry: >> >> # Jack McKinney, users, lorentz.com >> dn: cn=Jack McKinney,ou=users,dc=lorentz,dc=com >> objectClass: top >> objectClass: person >> objectClass: organizationalPerson >> objectClass: inetOrgPerson >> cn: Jack McKinney >> givenName: Jack McKinney >> sn: McKinney >> mail: jackmc at lorentz.com >> >> Try the same search again, but using (note uid on end): >> >> ldapsearch -h ldap.lrtz -b 'ou=users, dc=lorentz, dc=com' -D >> 'cn=varmail,ou=users,dc=lorentz,dc=com' -x -W -s onelevel >> '(&(objectClass=inetOrgPerson)(mail=jackmc at lorentz.com))' uid >> >> It should be empty, hence why dovecot isn't getting anything. >> >> >> > -- > Jack McKinney > GPG 1024D/99C6A174 > [EMAIL PROTECTED] YM:lfaatsnat2006 AIM:jackmclorentz > Beware geeks bearing diffs >
