[Dovecot] Help with LDAP authentication - user / user+domain
Hello Folks, I've my dovecot working well and authenticating in my ldap servers. But I'd like configure my users to authenticate in two ways. One is just submitting the username and the other one is providing [EMAIL PROTECTED] . I'm moving from a cyrus-imap solution to dovecot and I've implemented it with VD domains. But nowadays I still have one domain at my servers. So to no cause to much impact to users, I'd like to provide this two ways of authentication. Here follows my dovecot-ldap.conf: hosts = localhost dn = uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot dnpass = XX auth_bind = no ldap_version = 3 base = dc=domain,dc=com deref = never scope = subtree user_attrs = mail,homeDirectoryquota=quota=maildir:storage user_filter = ((objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=F ALSE)) pass_attrs = mail,userPassword pass_filter = ((objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=F ALSE)) default_pass_scheme = SSHA user_global_uid = 100 user_global_gid = 101 My logs: Apr 30 13:47:58 server dovecot: auth(default_with_listener): client in: AUTH 1 PLAIN service=POP3lip=xxx.xxx.xx.xx rip=xxx.xx.xxx.xxx resp=AGpveWNlLm1hcmlhbm8AbWFrdHVi Apr 30 13:47:58 server dovecot: auth(default_with_listener): ldap(user.test,xxx.xx.xxx.xxx): pass search: base=dc=domain,dc=com scope=subtree filter=((objectClass=VirtualMailAccount)(mail=user.test)(accountActive= TRUE)(delete=FALSE)) fields=mail,userPassword Apr 30 13:47:58 server dovecot: auth(default_with_listener): ldap(user.test,xxx.xx.xxx.xxx): unknown user Apr 30 13:47:59 server dovecot: auth(default_with_listener): client out: FAIL1 user=user.test Apr 30 13:48:05 server dovecot: pop3-login: Aborted login: user=user.test, method=PLAIN, rip=xxx.xx.xxx.xxx, lip=xxx.xxx.xx.xx If I provide [EMAIL PROTECTED] works fine. Any guesses or ideas? PS: I've suppressed some information, like IPs, server names e IPs Best Regards, Venilton C. Junior HP Certified Professional Sercompe Computadores Ltda. Office: +55 47 3431-9700 Fax: +55 47 3431-9747 Mobile: +55 47 9653-5872 www.sercompe.com.br http://www.sercompe.com.br/
Re: [Dovecot] Help with LDAP authentication - user / user+domain
Tnx, it's working fine! :) This option in my dovecot.conf worked for me!! Regards, Venilton C. Junior HP Certified Professional Sercompe Computadores Ltda. Office: +55 47 3431-9700 Fax: +55 47 3431-9747 Mobile: +55 47 9653-5872 www.sercompe.com.br -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lukasz Mierzwa Sent: sexta-feira, 4 de maio de 2007 10:47 To: dovecot@dovecot.org; Venilton Junior Subject: Re: [Dovecot] Help with LDAP authentication - user / user+domain Friday 04 of May 2007 15:34:51 Venilton Junior napisał(a): Hello Folks, I've my dovecot working well and authenticating in my ldap servers. But I'd like configure my users to authenticate in two ways. One is just submitting the username and the other one is providing [EMAIL PROTECTED] . I'm moving from a cyrus-imap solution to dovecot and I've implemented it with VD domains. But nowadays I still have one domain at my servers. So to no cause to much impact to users, I'd like to provide this two ways of authentication. Here follows my dovecot-ldap.conf: hosts = localhost dn = uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot dnpass = XX auth_bind = no ldap_version = 3 base = dc=domain,dc=com deref = never scope = subtree user_attrs = mail,homeDirectoryquota=quota=maildir:storage user_filter = ((objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=F ALSE)) pass_attrs = mail,userPassword pass_filter = ((objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=F ALSE)) default_pass_scheme = SSHA user_global_uid = 100 user_global_gid = 101 My logs: Apr 30 13:47:58 server dovecot: auth(default_with_listener): client in: AUTH 1 PLAIN service=POP3lip=xxx.xxx.xx.xx rip=xxx.xx.xxx.xxx resp=AGpveWNlLm1hcmlhbm8AbWFrdHVi Apr 30 13:47:58 server dovecot: auth(default_with_listener): ldap(user.test,xxx.xx.xxx.xxx): pass search: base=dc=domain,dc=com scope=subtree filter=((objectClass=VirtualMailAccount)(mail=user.test)(accountActive= TRUE)(delete=FALSE)) fields=mail,userPassword Apr 30 13:47:58 server dovecot: auth(default_with_listener): ldap(user.test,xxx.xx.xxx.xxx): unknown user Apr 30 13:47:59 server dovecot: auth(default_with_listener): client out: FAIL1 user=user.test Apr 30 13:48:05 server dovecot: pop3-login: Aborted login: user=user.test, method=PLAIN, rip=xxx.xx.xxx.xxx, lip=xxx.xxx.xx.xx If I provide [EMAIL PROTECTED] works fine. Try with auth_default_realm = domain.com in dovecot.conf -- Łukasz Mierzwa
Re: [Dovecot] dovecot + ldap + quota
I had some problems to implement this and here follows my config file to help you. I've configured quota information in my ldap server, but in my config file I kept local quota configuration (commented): /etc/dovecot.conf protocols = imap imaps pop3 pop3s ssl_disable = no ssl_cert_file = /usr/share/ssl/certs/cert.pem ssl_key_file = /usr/share/ssl/private/key.pem mail_extra_groups = mail valid_chroot_dirs = ~vmail/domains default_mail_env = maildir:~vmail/domains/%d/%n/mail::INDEX=/var/indexes/%d/%n lock_method = dotlock mmap_disable = yes auth_debug = yes auth_debug_passwords = yes first_valid_uid = 100 last_valid_uid = 100 first_valid_gid = 101 last_valid_gid = 101 maildir_copy_with_hardlinks = no disable_plaintext_auth = no protocol imap { mail_plugins = quota imap_quota } protocol lda { mail_plugins = quota } protocol pop3 { pop3_uidl_format = %08Xu%08Xv mail_plugins = quota } auth default_with_listener { mechanisms = plain login userdb ldap { args = /etc/dovecot-ldap.conf } passdb ldap { args = /etc/dovecot-ldap.conf } socket listen { master { path = /var/run/dovecot/auth-master mode = 0660 user = vmail group = mail } } } plugin { #quota = maildir:/home/vmail/%d/%u/mail:storage=102400 convert_mail = maildir:/home/vmail/%d/%u/mail #quota = maildir:storage=102400 quota = maildir } Hope this helps you. And an advise, use the latest stable release :) http://www.dovecot.org/download.html not the release candidate. Regards, Venilton C. Junior HP Certified Professional Sercompe Computadores Ltda. Office: +55 47 3431-9700 Fax: +55 47 3431-9747 Mobile: +55 47 9653-5872 www.sercompe.com.br -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of aza zel Sent: sexta-feira, 27 de abril de 2007 16:43 To: Dovecot Mailing List Subject: [Dovecot] dovecot + ldap + quota hi i using dovecot 1.0rc26 and i started to configure quota plugin but i think its not working fine. i configure like suggested in http://wiki.dovecot.org/Quota in dovecot.conf: protocol imap { mail_plugins = quota imap_quota } plugin { # 10 MB quota limit quota = maildir:storage=10240 } in dovecot-ldap.conf: user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid,quotaStorage=quota if a mua send a attach near 9MB i receive a message tell me that the server don't have more space, but if i attach files of 2MB this messages are sending ok, and the cur directory of this user have 15 MB. another question: in ldap entry, the attribute quota are the attibute that A represents the quota on a mailbox, ¿so why i put 10MB as limit? uota = maildir:storage=10240 ¿this value is for all entryes or the quota limit is the entry quota limit? i you can see, i not understand how dovecot works with the attribute quota in ldap entry; ¿can anybody explain me this? Thanks in advance!!!
Re: [Dovecot] dovecot + ldap + quota
Here follows /etc/dovecot-ldap.conf entries working: user_attrs = mail,homeDirectoryquota=quota=maildir:storage user_filter = ((objectClass=VirtualMailAccount)(mail=%u)(accountActive=TRUE)(delete=FALSE)) Regards, Venilton C. Junior HP Certified Professional Sercompe Computadores Ltda. Office: +55 47 3431-9700 Fax: +55 47 3431-9747 Mobile: +55 47 9653-5872 www.sercompe.com.br -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charles Marcus Sent: sexta-feira, 27 de abril de 2007 16:54 To: aza zel Cc: Dovecot Mailing List Subject: Re: [Dovecot] dovecot + ldap + quota aza zel wrote: hi i using dovecot 1.0rc26 Please upgrade to 1.0.0 release version, then if you are still having problems, come back and provide dovecot -n output... and i started to configure quota plugin but i think its not working fine. i configure like suggested in http://wiki.dovecot.org/Quota in dovecot.conf: protocol imap { mail_plugins = quota imap_quota } plugin { # 10 MB quota limit quota = maildir:storage=10240 } in dovecot-ldap.conf: user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid,quotaStorage=quota if a mua send a attach near 9MB i receive a message tell me that the server don't have more space, but if i attach files of 2MB this messages are sending ok, and the cur directory of this user have 15 MB. another question: in ldap entry, the attribute quota are the attibute that A represents the quota on a mailbox, ¿so why i put 10MB as limit? uota = maildir:storage=10240 ¿this value is for all entryes or the quota limit is the entry quota limit? i you can see, i not understand how dovecot works with the attribute quota in ldap entry; ¿can anybody explain me this? Thanks in advance!!! -- Best regards, Charles Marcus I.T. Director Media Brokers International 678.514.6200 x224 678.514.6299 fax