> Do you have a "nopassword" field in LDAP? If not, then it doesn't get > set. Perhaps what you want is: > > pass_attrs = uid=user, =nopassword=1
Timo, Thank you for your tip. The correct dovecot-ldap.conf line should look like: pass_attrs = uid=user, =password=, =nopassword=1 But even in this case we get: dovecot: auth(default): ldap(user1,127.0.0.1): pass search: base=ou=People,dc=example,dc=local scope=subtree filter=(&(objectClass=inetOrgPerson)(uid=user1)) fields=uid dovecot: auth(default): ldap(user1,127.0.0.1): result: uid(user)=user1 dovecot: auth(default): ldap(user1,127.0.0.1): No password in reply dovecot: auth(default): client out: FAIL 1 user=user1 temp in our logs. I beleive this is due to the way attribute templates/static fields are processed in db-ldap.c. Thanks in advance! P.S. By the way, could you please share your opinion about possible SASL EXTERNAL usage in this case? Do you think this is the appropriate use case?
