-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, 7 Apr 2014, Deeztek Support wrote:
On 4/7/2014 6:13 PM, Reindl Harald wrote:
Am 07.04.2014 23:47, schrieb Deeztek Support:
On 4/7/2014 4:42 PM, Christian Schmidt wrote:
7.04.2014 20:43, Deeztek Support:
On 4/7/2014 2:08 PM, Oscar del Rio wrote:
On 04/ 7/14 01:46 PM, Deeztek Support wrote:
I'm authenticating users through AD and it seems to work with no
problems. Unfortunately, when I try to send e-mail from a user who's
not in the testou container I get the following error:
Sender address rejected: User unknown in virtual mailbox table>
#SMTP#.
Looks like a Postfix error, not Dovecot.
I don't think so. Postfix already looks from the root of the AD down and
it has no problems. Dovecot does not authenticate at all if I simply put
the AD root in the ldap configuration file.
"User unknown in virtual mailbox table" is what *postfix* tells you.
Dovecot does not do SMTP (yet). Thus, I suppose that dovecot doesn't get
involved at all (although this depends on your configuration).
I recommend to check the restrictions you defined in your postfix
configuration.
The reason I think it's Dovecot generating the error is because when the
IP address of the sending server is not in
the mynetworks directive of postfix I get the following error
why in the world do you strip logs
syslog contains even the process who generates a entry and
so there is not much to guess if you *really* look at the log
I'm not stripping any logs. The error I put is from the bounce message. The
syslog says the following:
Apr 7 17:39:39 ewa postfix/pipe[7134]: E35AE860B26: to=<some...@domain.tld>,
relay=dovecot, delay=0.02, delays=0/0/0/0.01, dsn=5.1.1, status=bounced (user
unknown. Command output:
So mystery solved, it really is dovecot generating the error.
Question remains, can someone please tell me how to get Dovecot do LDAP looks
from the AD root?
The primary question is: Does
ldapsearch -H ldap://server.domain.tld:389 \
-b dc=domain,dc=tld -D ... -W \
'(&(userPrincipalName=<<user>>)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))'
return the user?
How many domain controllers to you have in the AD? Which of them holds
which domains? See
http://technet.microsoft.com/en-us/library/cc978012.aspx
- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBU0OUvXD1/YhP6VMHAQIF9AgAu2wxEpYXMoHwS1uA7fxKbMPY1tGXU2SE
Ub0GVd6CZ6tUWsYW4YE7rYsyy2LFdLDlTFkeOttP30XeoLdYbvnh8QqOR+iURJx2
u2Y/x91SfTIqhRIjDLckq6pmcgugyaLngWKMBCWvkpra03GTqCUmY7Wndh9FoXRm
/S1F3u/q0vID1JDEZWeoEInrpKh7KCxX4WPDiUTLUho1CwnzYiMpDlLYJMHNn7P/
K8P2ESPapFwr16tShUewXi7l2hGVGt8Eaqb/z2OqnkWEdSNILejnv5TkZif6GT6H
sh8/AxPsotpmV2kEh/IjMG4mjihHCnzvxngpMu96xkTufsBcgt4RyQ==
=dM6R
-----END PGP SIGNATURE-----
