[Dovecot] Dovecot 1.2.x masteruser proxy problem

Tom Mihalicek Mon, 30 Nov 2009 07:28:25 -0800

Greetings to all

I need a masteruser/proxy account for some applications to be implemented
and i am having some problems. Normal users are proxyied through 
ldap queries to the remote machine and this is working like it sopose to,
but i can't make the master user to work. Below are both the dovecot.conf 
and dovecot-ldap.conf and verbose logs on the proxy machine.


If i log directly on the remote machine that should be proxied everything is
working normal ...

### dovecot.conf

protocols =  pop3 imap managesieve

mail_uid = 10021
mail_gid = 10021
mail_privileged_group = vmail
mail_access_groups = vmail

log_path =
info_log_path =
log_timestamp = "%b %d %H:%M:%S "
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
login_log_format = %$: %s
mail_log_prefix = "%Us(%u): "

disable_plaintext_auth = no
login_process_per_connection=yes
auth_default_realm = example.com
login_processes_count = 8
login_max_processes_count = 128
login_max_connections = 256
verbose_proctitle = yes
max_mail_processes = 512

mail_debug = yes
auth_verbose = yes
auth_debug = yes
auth_debug_passwords = yes

auth_master_user_separator = *
login_chroot = yes

ssl = no
protocol imap {
        imap_client_workarounds = delay-newmail outlook-idle netscape-eoh
tb-extra-mailbox-sep
        listen = xx.xx.xx.xx:143
        imap_max_line_length = 65536
        imap_logout_format = bytes=%i/%o
        mail_max_userip_connections = 10
}

protocol pop3 {
        pop3_uidl_format = %08Xu%08Xv
        pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
        pop3_enable_last = yes
        pop3_uidl_format = %08Xu%08Xv
        listen = xx.xx.xx.xx:110
        mail_max_userip_connections = 10
}

protocol managesieve {
        listen = xx.xx.xx.xx:2000
        login_executable =
/usr/local/dovecot/libexec/dovecot/managesieve-login
        mail_executable = /usr/local/dovecot/libexec/dovecot/managesieve
        managesieve_max_line_length = 65536
        managesieve_implementation_string = dovecot
        managesieve_logout_format = bytes ( in=%i : out=%o )
}

auth default {
mechanisms = plain login
user = vmail

passdb passwd-file {
        args = /etc/dovecot/passwd.masterusers
        master = yes
        pass = yes
}

passdb ldap {
        args = /etc/dovecot/dovecot-ldap.conf
}

userdb ldap {
        args = /etc/dovecot/dovecot-ldap.conf
}

socket listen {
        master { 
                path = /var/run/dovecot/auth-master
                mode = 0600
                user = vmail
                group = vmail
                }
        client {
                path = /var/spool/postfix/dovecot-auth
                mode = 0660
                user = postfix
                group = postfix
                }
    }
}

### dovecot-ldap.conf

hosts           = ldap.example.com
ldap_version    = 3
auth_bind       = yes
dn              = cn=vmail,dc=example,dc=com
dnpass          = secret_pass
base            = ou=Users,domainName=%d,o=domains,dc=example,dc=com
scope           = subtree
deref           = never
user_filter     =
(&(mail=%u)(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=%Ls))
user_attrs      =
storageBaseDirectory=home,mailHost=host,=proxy=yes,=nologin=yes,=nodelay=yes
pass_filter     =
(&(mail=%u)(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=%Ls))
pass_attrs      =
userPassword=password,mailHost=host,=proxy=yes,=nologin=yes,=nodelay=yes
default_pass_scheme = CRYPT

### /var/log/mail/dovecot.info

Nov 30 14:26:59 dougie dovecot: auth(default): new auth connection: pid=5873
Nov 30 14:27:28 dougie dovecot: auth(default): client in: AUTH  1       PLAIN
service=pop3    lip=xx.xx.xx.xx rip=192.168.22.222      
lport=110       rport=36639
resp=AHRtaWhhbGljZWtAeG5ldC5sYW4qbWlncmF0aW9uQHhuZXQuaHIAbTFncjR0MTBu
Nov 30 14:27:28 dougie dovecot: auth(default):
passwd-file(migrat...@example.com,192.168.22.222,master): lookup:
user=master_u...@example.com 
file=/etc/dovecot/passwd.masterusers
Nov 30 14:27:28 dougie dovecot: auth(default):
passdb(master_u...@example.com,192.168.22.222,master): Master user logging
in as some_u...@example.com
Nov 30 14:27:28 dougie dovecot: auth(default):
ldap(some_u...@example.com,192.168.22.222): bind search: 
base=ou=Users,domainName=example.com,o=domains,dc=example,dc=com
filter=(&(mail=some_u...@example.com)(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=pop3))
Nov 30 14:27:28 dougie dovecot: auth(default):
ldap(some_u...@example.com,192.168.22.222): result:
mailHost(host)=xx.xx.xx.xx
Nov 30 14:27:28 dougie dovecot: auth(default):
ldap(some_u...@example.com,192.168.22.222): invalid credentials (given
password: master_password)
Nov 30 14:27:28 dougie dovecot: auth(default): client out: FAIL 1
user=some_u...@example.com      authz   nodelay host=xx.xx.xx.xx        
proxynologin    pass=master_password    master=master_u...@example.com
Nov 30 14:27:28 dougie dovecot: pop3-login: Ignoring unknown passdb extra
field: authz


-- 
View this message in context: 
http://old.nabble.com/Dovecot-1.2.x-masteruser-proxy-problem-tp26574804p26574804.html
Sent from the Dovecot mailing list archive at Nabble.com.

[Dovecot] Dovecot 1.2.x masteruser proxy problem

Reply via email to