Hi Jim,
I don't know why your setup is not working. I only can provide you some hints
from our working setup. We authenticate our users against a MS Active
Directory Server.
the uri in dovecot-ldap.conf is:
uris = ldaps://hostname
we also had to add in /etc/ldap/ldap.conf
TLS_CACERT /etc/ssl/certs/certfile.crt
TLS_REQCERT demand
hope this helps,
Martin
Am 20.05.2010 15:35, schrieb Jim Moseby:
Hi list!
I am trying to get dovecot to authenticate users against Novell eDirectory
via LDAP. I have successfully gotten open-xchange to authenticate, and I
have written a PHP module that authenticates, however I cannot seem to get
Dovecot working.
If I turn on TLS and restart dovecot, I get:
dovecot: 2010-05-20 09:22:05 Error: auth(default): LDAP: ldap_start_tls_s()
failed: Connect error
dovecot: 2010-05-20 09:22:05 Error: auth(default): LDAP: ldap_start_tls_s()
failed: Local error
If I turn it off, it starts without error, but returns this when a user tries
to authenticate:
dovecot: 2010-05-20 08:48:39 Error: auth(default): ldap(jkmoseby,127.0.0.1):
ldap_bind() failed: Confidentiality required
I have tried all combinations of host:port, and LDAP uri strings I can think
of, nothing seems to work.
Thanks in advance, config files follow.
Jim
'dovecot -n' returns:
# 1.0.15: /etc/dovecot/dovecot.conf
base_dir: /var/run/dovecot/
log_path: /var/log/dovecot.log
info_log_path: /var/log/dovecot.log
log_timestamp: %Y-%m-%d %H:%M:%S
protocols: imap
login_dir: /var/run/dovecot//login
login_executable: /usr/lib/dovecot/imap-login
login_greeting: EFA mail server ready.
mail_privileged_group: mail
auth default:
passdb:
driver: ldap
args: /etc/dovecot/dovecot-ldap.conf
userdb:
driver: ldap
args: /etc/dovecot/dovecot-ldap.conf
-
'grep -v '^ *\(#.*\)\?$' dovecot-ldap.conf' returns:
hosts = 10.1.10.200
tls = yes
auth_bind = yes
auth_bind_userdn = cn=%u,o=GSO,o=EFA
base = o=EFA
scope = subtree
user_filter = ((objectClass=posixAccount)(uid=%u))