I wrote a wiki on how to build an ldap-authenticated network using samba4. the dovecot part is on this page, but there are other relevant parts reachable from the main page as well:
http://cocnm.computerisms.ca/index.php/Install_Qmail-ldap,_Dovecot,_and_Related_Email_Services -- Computerisms Bob Miller 867-334-7117 / 867-633-3760 http://computerisms.ca On Fri, 2013-12-06 at 19:21 +0100, d...@quantentunnel.de wrote: > Hello list, > > I am struggling with setting up dovecot 2.1.7 with samba 4.1.2 on debian > wheezy. Dovecot should authenticate via LDAP, but I cannot get it to work > reliably. Sometimes auth works, sometimes not. Referals are already activated > in ldap.conf … LDAP-authentication works fine with other clients (Apache > Directory Studio, …) > Has somebody got a similar setup running? I would love some hints on how to > debug this issue … > > Thank you! > > > Regards > > > > > dovecot-ldap.conf > hosts = 192.168.188.156:389 > dn = CN=Administrator,CN=Users,DC=DOMAIN,DC=LOCAL > dnpass = Test123 > auth_bind = yes > ldap_version = 3 > base = DC=DOMAIN,DC=LOCAL > tls = no > debug_level = -1 > ldap_version = 3 > scope = subtree > user_attrs = uidNumber=uid,gidNumber=gid > user_filter = (&(&(objectClass=Person)(sAMAccountName=%u))) > pass_attrs = sAMAccountName=user,userPassword=password > pass_filter = (&(&(objectClass=Person)(sAMAccountName=%u))) > > > > logs: > srv1 dovecot: auth: Debug: auth client connected (pid=0) > srv1 dovecot: auth: Debug: client in: > AUTH#0111#011PLAIN#011service=doveadm#011resp=<hidden> > srv1 dovecot: auth: Debug: ldap(john): bind search: base=DC=DOMAIN,DC=LOCAL > filter=(&(&(objectClass=Person)(sAMAccountName=john))) > srv1 dovecot: auth: Error: ldap_search > srv1 dovecot: auth: Error: put_filter: > "(&(&(objectClass=Person)(sAMAccountName=john)))" > srv1 dovecot: auth: Error: put_filter: AND > srv1 dovecot: auth: Error: put_filter_list > "(&(objectClass=Person)(sAMAccountName=john))" > srv1 dovecot: auth: Error: put_filter: > "(&(objectClass=Person)(sAMAccountName=john))" > srv1 dovecot: auth: Error: put_filter: AND > srv1 dovecot: auth: Error: put_filter_list > "(objectClass=Person)(sAMAccountName=john)" > srv1 dovecot: auth: Error: put_filter: "(objectClass=Person)" > srv1 dovecot: auth: Error: put_filter: simple > srv1 dovecot: auth: Error: put_simple_filter: "objectClass=Person" > srv1 dovecot: auth: Error: put_filter: "(sAMAccountName=john)" > srv1 dovecot: auth: Error: put_filter: simple > srv1 dovecot: auth: Error: put_simple_filter: "sAMAccountName=john" > srv1 dovecot: auth: Error: ldap_build_search_req ATTRS: sAMAccountName > srv1 dovecot: auth: Error: ldap_send_initial_request > srv1 dovecot: auth: Error: ldap_send_server_request > srv1 dovecot: auth: Error: ldap_result ld 0x7fef48794580 msgid -1 > srv1 dovecot: auth: Error: wait4msg ld 0x7fef48794580 msgid -1 (timeout 0 > usec) > srv1 dovecot: auth: Error: wait4msg continue ld 0x7fef48794580 msgid -1 all 0 > srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Connections: > srv1 dovecot: auth: Error: * host: DOMAIN.local port: 0 > srv1 dovecot: auth: Error: refcnt: 1 status: Connected > srv1 dovecot: auth: Error: last used: Fri Dec 6 19:08:49 2013 > srv1 dovecot: auth: Error: > srv1 dovecot: auth: Error: > srv1 dovecot: auth: Error: * host: 192.168.188.156 port: 389 (default) > srv1 dovecot: auth: Error: refcnt: 2 status: Connected > srv1 dovecot: auth: Error: last used: Fri 2013 > srv1 dovecot: auth: Error: > srv1 dovecot: auth: Error: > srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Outstanding Requests: > srv1 dovecot: auth: Error: * msgid 37, origid 37, status InProgress > srv1 dovecot: auth: Error: outstanding referrals 0, parent count 0 > srv1 dovecot: auth: Error: * msgid 35, origid 33, status InProgress > srv1 dovecot: auth: Error: outstanding referrals 0, parent count 1 > srv1 dovecot: auth: Error: * msgid 33, origid 33, status RequestCompleted > srv1 dovecot: auth: Error: outstanding referrals 1, parent count 1 > srv1 dovecot: auth: Error: ld 0x7fef48794580 request count 3 (abandoned 0) > srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Response Queue: > srv1 dovecot: auth: Error: Empty > srv1 dovecot: auth: Error: ld 0x7fef48794580 response count 0 > srv1 dovecot: auth: Error: ldap_chkResponseList ld 0x7fef48794580 msgid -1 > all 0 > srv1 dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fef48794580 NULL > srv1 dovecot: auth: Error: ldap_int_select > srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid -1 all 0 > srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid 35 message type > search-result > srv1 dovecot: auth: Error: ldap_chase_referrals > srv1 dovecot: auth: Error: read1msg: V2 referral chased, mark request > completed, id = 35 > srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 0 new referrals > srv1 dovecot: auth: Error: read1msg: mark request completed, ld > 0x7fef48794580 msgid 35 > srv1 dovecot: auth: Error: merged parent (id 33) error info: result errno 1, > error <00002020: Operation unavailable without authentication>, matched <> > srv1 dovecot: auth: Error: request done: ld 0x7fef48794580 msgid 33 > srv1 dovecot: auth: Error: res_errno: 1, res_error: <00002020: Operation > unavailable without authentication>, res_matched: <> > srv1 dovecot: auth: Error: ldap_free_request (origid 33, msgid 33) > srv1 dovecot: auth: Error: ldap_free_request (origid 33, msgid 35) > srv1 dovecot: auth: Error: ldap_free_connection 0 1 > srv1 dovecot: auth: Error: ldap_send_unbind > srv1 dovecot: auth: Error: ldap_free_connection: actually freed > srv1 dovecot: auth: Error: ldap_parse_result > srv1 dovecot: auth: Error: ldap_err2string > srv1 dovecot: auth: Error: ldap(john): ldap_search(base=DC=DOMAIN,DC=LOCAL > filter=(&(&(objectClass=Person)(sAMAccountName=john)))) failed: Operations > error > srv1 dovecot: auth: Error: ldap_msgfree > srv1 dovecot: auth: Error: ldap_result ld 0x7fef48794580 msgid -1 > srv1 dovecot: auth: Error: wait4msg ld 0x7fef48794580 msgid -1 (timeout 0 > usec) > srv1 dovecot: auth: Error: wait4msg continue ld 0x7fef48794580 msgid -1 all 0 > srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Connections: > srv1 dovecot: auth: Error: * host: 192.168.188.156 port: 389 (default) > srv1 dovecot: auth: Error: refcnt: 2 status: Connected > srv1 dovecot: auth: Error: last used: Fri 2013 > srv1 dovecot: auth: Error: > srv1 dovecot: auth: Error: > srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Outstanding Requests: > srv1 dovecot: auth: Error: * msgid 37, origid 37, status InProgress > srv1 dovecot: auth: Error: outstanding referrals 0, parent count 0 > srv1 dovecot: auth: Error: ld 0x7fef48794580 request count 1 (abandoned 0) > srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Response Queue: > srv1 dovecot: auth: Error: Empty > srv1 dovecot: auth: Error: ld 0x7fef48794580 response count 0 > srv1 dovecot: auth: Error: ldap_chkResponseList ld 0x7fef48794580 msgid -1 > all 0 > srv1 dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fef48794580 NULL > srv1 dovecot: auth: Error: ldap_int_select > srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid -1 all 0 > srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid 37 message type > search-entry > srv1 dovecot: auth: Error: ldap_first_attribute > srv1 dovecot: auth: Error: ldap_get_values > srv1 dovecot: auth: Error: ldap_next_attribute > srv1 dovecot: auth: Debug: auth(john): username changed john -> john > srv1 dovecot: auth: Debug: ldap(john): result: sAMAccountName=john > srv1 dovecot: auth: Error: ldap_get_dn > srv1 dovecot: auth: Error: ldap_msgfree > srv1 dovecot: auth: Error: ldap_result ld 0x7fef48794580 msgid -1 > srv1 dovecot: auth: Error: wait4msg ld 0x7fef48794580 msgid -1 (timeout 0 > usec) > srv1 dovecot: auth: Error: wait4msg continue ld 0x7fef48794580 msgid -1 all 0 > srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Connections: > srv1 dovecot: auth: Error: * host: 192.168.188.156 port: 389 (default) > srv1 dovecot: auth: Error: refcnt: 2 status: Connected > srv1 dovecot: auth: Error: last used: Fri 2013 > srv1 dovecot: auth: Error: > srv1 dovecot: auth: Error: > srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Outstanding Requests: > srv1 dovecot: auth: Error: * msgid 37, origid 37, status InProgress > srv1 dovecot: auth: Error: outstanding referrals 0, parent count 0 > srv1 dovecot: auth: Error: ld 0x7fef48794580 request count 1 (abandoned 0) > srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Response Queue: > srv1 dovecot: auth: Error: Empty > srv1 dovecot: auth: Error: ld 0x7fef48794580 response count 0 > srv1 dovecot: auth: Error: ldap_chkResponseList ld 0x7fef48794580 msgid -1 > all 0 > srv1 dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fef48794580 NULL > srv1 dovecot: auth: Error: ldap_int_select > srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid -1 all 0 > srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid 37 message type > search-reference > srv1 dovecot: auth: Error: ldap_chase_v3referrals > srv1 dovecot: auth: Error: > ldap_url_parse_ext(ldap://DOMAIN.local/CN=Configuration,DC=DOMAIN,DC=local) > srv1 dovecot: auth: Error: re_encode_request: new msgid 39, new dn > <CN=Configuration,DC=DOMAIN,DC=local> > srv1 dovecot: auth: Error: re_encode_request new request is: > srv1 dovecot: auth: Error: ber_dump: buf=0x7fef4879d8d0 ptr=0x7fef4879d956 > end=0x7fef4879e8ac len=134 > srv1 dovecot: auth: Error: 0000: 61 6d 65 4e 61 6d 65 00 00 00 00 00 00 > 00 00 00 ameName......... > srv1 dovecot: auth: Error: 0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 > 00 00 00 ................ > srv1 dovecot: auth: Error: 0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 > 00 00 00 ................ > srv1 dovecot: auth: Error: 0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 > 00 00 00 ................ > srv1 dovecot: auth: Error: 0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 > 00 00 00 ................ > srv1 dovecot: auth: Error: 0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 > 00 00 00 ................ > srv1 dovecot: auth: Error: 0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 > 00 00 00 ................ > srv1 dovecot: auth: Error: 0070: 00 00 00 00 00 00 00 00 00 00 00 00 00 > 00 00 00 ................ > srv1 dovecot: auth: Error: 0080: 00 00 00 00 00 00 > ...... > srv1 dovecot: auth: Error: ldap_chase_v3referral: msgid 37, url > "ldap://DOMAIN.local/CN=Configuration,DC=DOMAIN,DC=local"; > srv1 dovecot: auth: Error: ldap_send_server_request > srv1 dovecot: auth: Error: ldap_new_connection 0 1 1 > srv1 dovecot: auth: Error: ldap_int_open_connection > srv1 dovecot: auth: Error: ldap_connect_to_host: TCP DOMAIN.local:389 > srv1 dovecot: auth: Error: ldap_new_socket: 19 > srv1 dovecot: auth: Error: ldap_prepare_socket: 19 > srv1 dovecot: auth: Error: ldap_connect_to_host: Trying 192.168.188.156:389 > srv1 dovecot: auth: Error: ldap_pvt_connect: fd: 19 tm: -1 async: 0 > srv1 dovecot: auth: Error: anonymous rebind via ldap_sasl_bind("") > srv1 dovecot: auth: Error: ldap_sasl_bind > srv1 dovecot: auth: Error: ldap_send_initial_request > srv1 dovecot: auth: Error: ldap_send_server_request > srv1 dovecot: auth: Error: ldap_result ld 0x7fef48794580 msgid 40 > srv1 dovecot: auth: Error: wait4msg ld 0x7fef48794580 msgid 40 (timeout > 100000 usec) > srv1 dovecot: auth: Error: wait4msg continue ld 0x7fef48794580 msgid 40 all 1 > srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Connections: > srv1 dovecot: auth: Error: * host: DOMAIN.local port: 0 > srv1 dovecot: auth: Error: refcnt: 2 status: Connected > srv1 dovecot: auth: Error: last used: Fri 2013 > srv1 dovecot: auth: Error: rebind in progress > srv1 dovecot: auth: Error: queue is empty > srv1 dovecot: auth: Error: > srv1 dovecot: auth: Error: * host: 192.168.188.156 port: 389 (default) > srv1 dovecot: auth: Error: refcnt: 3 status: Connected > srv1 dovecot: auth: Error: last used: Fri 2013 > srv1 dovecot: auth: Error: > srv1 dovecot: auth: Error: > srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Outstanding Requests: > srv1 dovecot: auth: Error: * msgid 40, origid 40, status InProgress > srv1 dovecot: auth: Error: outstanding referrals 0, parent count 0 > srv1 dovecot: auth: Error: * msgid 37, origid 37, status InProgress > srv1 dovecot: auth: Error: outstanding referrals 1, parent count 0 > srv1 dovecot: auth: Error: ld 0x7fef48794580 request count 2 (abandoned 0) > srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Response Queue: > srv1 dovecot: auth: Error: Empty > srv1 dovecot: auth: Error: ld 0x7fef48794580 response count 0 > srv1 dovecot: auth: Error: ldap_chkResponseList ld 0x7fef48794580 msgid 40 > all 1 > srv1 dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fef48794580 NULL > srv1 dovecot: auth: Error: ldap_int_select > srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid 40 all 1 > srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 msgid 37 message type > search-result > srv1 dovecot: auth: Error: read1msg: ld 0x7fef48794580 0 new referrals > srv1 dovecot: auth: Error: read1msg: mark request completed, ld > 0x7fef48794580 msgid 37 > srv1 dovecot: auth: Error: wait4msg ld 0x7fef48794580 0 s 99976 us to go > srv1 dovecot: auth: Error: wait4msg continue ld 0x7fef48794580 msgid 40 all 1 > srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Connections: > srv1 dovecot: auth: Error: * host: DOMAIN.local port: 0 > srv1 dovecot: auth: Error: refcnt: 2 status: Connected > srv1 dovecot: auth: Error: last used: Fri 2013 > srv1 dovecot: auth: Error: rebind in progress > srv1 dovecot: auth: Error: queue is empty > srv1 dovecot: auth: Error: > srv1 dovecot: auth: Error: * host: 192.168.188.156 port: 389 (default) > srv1 dovecot: auth: Error: refcnt: 2 status: Connected > srv1 dovecot: auth: Error: last used: Fri 2013 > srv1 dovecot: auth: Error: > srv1 dovecot: auth: Error: > srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Outstanding Requests: > srv1 dovecot: auth: Error: * msgid 40, origid 40, status InProgress > srv1 dovecot: auth: Error: outstanding referrals 0, parent count 0 > srv1 dovecot: auth: Error: * msgid 37, origid 37, status RequestCompleted > srv1 dovecot: auth: Error: outstanding referrals 1, parent count 0 > srv1 dovecot: auth: Error: ld 0x7fef48794580 request count 2 (abandoned 0) > srv1 dovecot: auth: Error: ** ld 0x7fef48794580 Response Queue: > srv1 dovecot: auth: Error: Empty > srv1 dovecot: auth: Error: ld 0x7fef48794580 response count 0 > srv1 dovecot: auth: Error: ldap_chkResponseList ld 0x7fef48794580 msgid 40 > all 1 > srv1 dovecot: auth: Error: ldap_chkResponseList returns ld 0x7fef48794580 NULL > > dovecot -n: > # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.2 > auth_debug = yes > auth_verbose = yes > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character > vacation subaddress comparator-i;ascii-numeric relational regex imap4flags > copy include variables body enotify environment mailbox date ihave > passdb { > args = /etc/dovecot/dovecot-ldap.conf > driver = ldap > } > protocols = " imap lmtp sieve" > service auth { > unix_listener /var/spool/postfix/private/auth { > group = vmail > mode = 0660 > user = postfix > } > unix_listener auth-master { > group = vmail > mode = 0600 > user = vmail > } > } > ssl = no > userdb { > driver = passwd > }
