[Dovecot] LDAP auth_bind fails

[Pol Bettinger]

Hello,




Dovecot version 2.1.1 (I started with 2.1.0 and hoped 2.1.1 would fix it)





any help would appreciated

Sincerely
Pol Bettinger


output of mail.log:

Mar  6 12:16:34 Dell dovecot: auth: Debug: client in: CONT<hidden>


output of dovecot -n:
# 2.1.1: /etc/dovecot/dovecot.conf
# OS: Linux 3.0.0-15-generic i686 Ubuntu 11.10 ext4
auth_debug = yes
auth_default_realm = arvoreen.net
auth_mechanisms = plain digest-md5 cram-md5
auth_verbose = yes
base_dir = /var/run/dovecot/
mail_location = maildir:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
managesieve_notify_capability = mailto

namespace inbox {
  inbox = yes
  location =
  mailbox Archive {
    auto = create
    special_use = \Archive
  }
  mailbox Drafts {
    auto = create
    special_use = \Drafts
  }
  mailbox Junk {
    auto = create
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    auto = create
    special_use = \Trash
  }
  prefix =
}
passdb {
  args = /etc/dovecot/dovecot-ldap_pass.conf.ext
  driver = ldap
}
plugin {
  sieve = /var/sieve/%d/%1n/%n
  sieve_dir = /var/sieve/%d/%1n/%n
}
protocols = imap lmtp sieve
service managesieve-login {
  inet_listener sieve {
    port = 4190
  }
}
ssl_cert = </etc/ssl/certs/webmail.arvoreen.pem
ssl_key = </etc/ssl/private/webmail.arvoreen.key
userdb {
  args = /etc/dovecot/dovecot-ldap_user.conf.ext
  driver = ldap
}
protocol lmtp {
  mail_plugins = " sieve"
}


output of cat /etc/dovecot/dovecot-ldap_pass.conf.ext:
hosts = 127.0.0.1:389
auth_bind = yes
auth_bind_userdn = uid=%n,ou=Users,dc=arvoreen,dc=net
base = ou=Users,dc=arvoreen, dc=net
ldap_version = 3


olcAccess infomation:
olcSuffix: dc=arvoreen,dc=net

 s auth by dn="cn=admin,dc=arvoreen,dc=net" write by * none
olcAccess: {1}to dn.base="" by * read

 * read

I wanted to configure dovecot for using auth_bind but didn't succeed to me it seems like it does always an anonymous bind. I tried to play around with the base, pass_attrs,pass_filter to no avail but didn't succeed. Looking at a wireshark trace i only saw 7 packets and it seemed to me dovecot did only an anonymous bind. Mar 6 12:16:34 Dell dovecot: auth: Debug: client in: AUTH#0112#011CRAM-MD5#011service=imap#011secured#011lip=192.168.16.27#011rip=192.168.16.20#011lport=993#011rport=51838 Mar 6 12:16:34 Dell dovecot: auth: Debug: client out: CONT#0112#011PDQ1NjgyMjE3NjYyMDk3NjkuMTMzMTAzMjU5NEBEZWxsPg== Mar 6 12:16:34 Dell dovecot: auth: Debug: password(a...@arvoreen.net,192.168.16.20): passdb doesn't support credential lookups Mar 6 12:16:36 Dell dovecot: auth: Debug: client out: FAIL#0112#011user=a...@arvoreen.net managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymou olcAccess: {2}to * by self write by dn="cn=admin,dc=arvoreen,dc=net" write by

ldap_auth_bind.pcap
Description: Binary data