Hello! Dovecot uses it's own SASL implementation, doesn't it?
Aug 14 23:45:23 example.com auth[10428]: GSSAPI client step 1
Aug 14 23:45:23 example.com auth[10428]: encoded packet size too big
(813804546 > 65536)
Aug 14 23:45:23 example.com dovecot[10085]: auth-worker(10428): Error:
LDAP: Can't connect to server: ldap://ipa2.example.com
Aug 14 23:45:23 example.com dovecot[10085]: auth: Error: auth worker:
Aborted USER request for eugene: Lookup timed out
Aug 14 23:45:23 example.com dovecot[10085]: imap: Error: auth-master:
login: request [3847225345]: Login auth request failed: Internal auth failure
(auth connected 60000 msecs ago, request took 60000 msecs, client-pid=10362
client-id=1)
Looks like cyrus-sasl encountered same problem earlier.
https://lists.andrew.cmu.edu/pipermail/cyrus-sasl/2017-March/003001.html
I never have such an issue with ldapsearch. So, I assume there is a similar
problem in Dovecot SASL implementation.
--
Eugene Bright
IT engineer
Tel: + 79257289622
signature.asc
Description: OpenPGP digital signature
