-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 8 Apr 2008, Jack McKinney wrote:
hosts = ldap.lrtz
dn = cn=varmail,ou=users,dc=lorentz,dc=com
dnpass = *********
ldap_version = 3
auth_bind = yes
pass_filter = (&(objectClass=inetOrgPerson)(mail=%Lu))
base = ou=users, dc=%Dd
scope = onelevel
Your configuration looks bad:
You use auth_bind, but the displayed LDAP item does not contain no
"userPassword" attribute and you've specified "dn", not necessary for
auth_bind's. And you have no pass_attrs config.
I guess the first step is to set auth_bind = no
and add the password attribute to the user.
Or keep the auth_bind = yes and add a userPassword attribute to the user,
so each user can bind itself to his/her LDAP item.
Wiki: http://wiki.dovecot.org/AuthDatabase/LDAP
The OpenLDAP log shows that the query is received and that it
returns a match:
Apr 3 08:13:30 fourier slapd[14039]: conn=7 op=3 SRCH
base="ou=users,dc=lorentz,dc=com" scope=1 deref=0
filter="(&(objectClass=inetOrgPerson)([EMAIL PROTECTED]))"
Apr 3 08:13:30 fourier slapd[14039]: conn=7 op=3 SRCH attr=uid
Apr 3 08:13:30 fourier slapd[14039]: conn=7 op=3 SEARCH RESULT tag=101
err=0 nentries=1 text=
Well, does nentries=1 really indicates one _match_ or just one returned
item/packet? If I use ldapsearch -x uid=nonexisting , I get: "#
numResponses: 1" in the last line, but no hit.
You also see that the search is attr=uid, why?
I do _not_ know why Dovecot just hangs, this is probably a bug due to the
configuration glitches.
Bye,
- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFH/xFeVJMDrex4hCIRAq1TAJ9MVpxpDnAmNgDp7y3MO1tIcE6zhQCeMMe4
GQ5xrufcilvadYYiyaJvvCI=
=IgtW
-----END PGP SIGNATURE-----
