Hi Achim
Don't wanna bothering you, but I still got error Messages. Jun 28 15:09:57 rv1325 dovecot: auth: Debug: auth client connected (pid=2157) Jun 28 15:09:57 rv1325 dovecot: auth: Debug: client in: AUTH#0111#011NTLM#011service=imap#011session=KkN8mDbgGABUmsab#011lip=178.254.21.125#011rip=84.154.198.155#011lport=143#011rport=49432 Jun 28 15:09:57 rv1325 dovecot: auth: Debug: client passdb out: CONT#0111#011 Jun 28 15:09:57 rv1325 dovecot: auth: Debug: client in: CONT#0111#011TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAGAvAjAAAADw== (previous base64 data may contain sensitive data) Jun 28 15:09:57 rv1325 dovecot: auth: Debug: client passdb out: CONT#0111#011TlRMTVNTUAACAAAADAAMADAAAAAFAooAzlGLZuaYgz0AAAAAAAAAABQAFAA8AAAAcgB2ADEAMwAyADUAAwAMAHIAdgAxADMAMgA1AAAAAAA= Jun 28 15:09:58 rv1325 dovecot: auth: Debug: client in: CONT#0111#011TlRMTVNTUAADAAAAGAAYAHYAAADAAMAAjgAAAAAAAABYAAAAEAAQAFgAAAAOAA4AaAAAAAAAAABOAQAABQKIAgYC8CMAAAAP6HRQNL0+o3yODw5hHqFFvHQAZQBzAHQAdQBzAGUAcgBXADAAMAAwADAAMAA1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABnluuxW4N/hRueL6TyYm30BAQAAAAAAAB2Yjc4AdM4B6LKt7eH6AGUAAAAAAwAMAHIAdgAxADMAMgA1AAgAMAAwAAAAAAAAAAEAAAAAIAAABJBPeBFKFDBXIh0KoOgHioqV/yHKS7i3O2lbwelRVv4KABAAAAAAAAAAAAAAAAAAAAAAAAkAMABpAG0AYQBwAC8AcgB2ADEAMwAyADUALgBkAGUAbABlAGwAbABpAHMALgBuAGUAdAAAAAAAAAAAAA== (previous base64 data may contain sensitive data) Jun 28 15:09:58 rv1325 dovecot: auth: Debug: password(testuser,84.154.198.155,<KkN8mDbgGABUmsab>): passdb doesn't support credential lookups Jun 28 15:09:58 rv1325 dovecot: auth: Debug: password(testuser,84.154.198.155,<KkN8mDbgGABUmsab>): passdb doesn't support credential lookups Jun 28 15:10:00 rv1325 dovecot: auth: Debug: client passdb out: FAIL#0111#011user=testuser Jun 28 15:10:00 rv1325 dovecot: auth: Debug: client in: AUTH#0112#011DIGEST-MD5#011service=imap#011session=KkN8mDbgGABUmsab#011lip=178.254.21.125#011rip=84.154.198.155#011lport=143#011rport=49432 Jun 28 15:10:04 rv1325 dovecot: auth: Debug: client passdb out: CONT#0112#011cmVhbG09IiIsbm9uY2U9Ii9nZndwbWd1TTlDMlVkekhZRld0R0E9PSIscW9wPSJhdXRoIixjaGFyc2V0PSJ1dGYtOCIsYWxnb3JpdGhtPSJtZDUtc2VzcyI= Jun 28 15:10:04 rv1325 dovecot: auth: Debug: client in: CONT#0112#011dXNlcm5hbWU9InRlc3R1c2VyIixyZWFsbT0iIixub25jZT0iL2dmd3BtZ3VNOUMyVWR6SFlGV3RHQT09IixkaWdlc3QtdXJpPSJpbWFwL3J2MTMyNS5kZWxlbGxpcy5uZXQiLGNub25jZT0iMjQ0NTRjZjAxNjVmOTE3YmVjMTJhMjk5OTc1ZGQ0MTYiLG5jPTAwMDAwMDAxLHJlc3BvbnNlPWVjZWI4MjJhZDFiZWY4NjU1OTYzMTk0YzhlZDQ0NmYxLHFvcD1hdXRoLGNoYXJzZXQ9dXRmLTg= (previous base64 data may contain sensitive data) Jun 28 15:10:04 rv1325 dovecot: auth: Debug: password(testuser,84.154.198.155,<KkN8mDbgGABUmsab>): passdb doesn't support credential lookups Jun 28 15:10:06 rv1325 dovecot: auth: Debug: client passdb out: FAIL#0112#011user=testuser Jun 28 15:10:06 rv1325 dovecot: auth: Debug: client in: AUTH#0113#011PLAIN#011service=imap#011session=KkN8mDbgGABUmsab#011lip=178.254.21.125#011rip=84.154.198.155#011lport=143#011rport=49432#011resp=AHRlc3R1c2VyAHRlc3R1c2Vy (previous base64 data may contain sensitive data) My auth.conf file Looks like: hosts = localhost auth_bind = yes auth_bind_userdn = sAMAccountName=%u,cn=Users,dc=delellis,dc=net base = cn=Users,dc=delellis,dc=net ldap_version = 3 pass_filter = (&(objectClass=user)(sAMAccoutName=%u)(mail=*)) And I have no idea why it doesn't work. --- Mit freundlichem Gruß Carsten Laun-De Lellis Hauptstrasse 13 D-67705 Trippstadt Phone: +49 6306 992140 Fax: +49 6306 992142 Mobile: +49 151 27530865 email: carsten.delel...@delellis.net http://www.linkedin.com/in/carstenlaundelellis [2] Am 2013-06-28 14:04, schrieb Achim Gottinger: > Am 28.06.2013 13:55, schrieb Carsten Laun-De Lellis: > >> Hi Achim >> >> Thankx a lot. I will try. >> >> Have a nice Weekend. > NP take a look at this > > http://wiki2.dovecot.org/AuthDatabase/LDAP/AuthBinds [1] > > --- > > Mit freundlichem Gruß > > Carsten Laun-De Lellis > > Hauptstrasse 13 > D-67705 Trippstadt > > Phone: +49 6306 992140 > Fax: +49 6306 992142 > Mobile: +49 151 27530865 > email: carsten.delel...@delellis.net > > http://www.linkedin.com/in/carstenlaundelellis [2] > > Am 2013-06-28 13:35, schrieb Achim Gottinger: > > Am 28.06.2013 13:24, schrieb Carsten Laun-De Lellis: > Hi Achim First of all thankx for your input. The way you set it up was the > way I did it. But when I go thru your ldap configuration it doesn't really > solves my Problem or, maybe more likely, I don't understand it. For Auth I > want my users to connect to dovecot with user/Password token. In your config > I can't see where you match the Password to the AD Password. > > For authetification dovecot uses what is configured in passdb in the > corresponding ldap config you can see it uses auth_bind=yes and > auth_bind_userdn defines the dn used to auth against samb4 ldap. > As said on my side cn is identical with sAMAccountName, if it's not on > your side you may have to use cn/Password instead of > sAMAccountName/Password . > Maybe I wasn't specific enough, what I want to do. Or I don't understand > where I you match again the user Password. And again there is a good Chance > that the Problem is myself. Weinend Thankx again. --- Mit freundlichem Gruß > Carsten Laun-De Lellis Hauptstrasse 13 D-67705 Trippstadt Phone: +49 6306 > 992140 Fax: +49 6306 992142 Mobile: +49 151 27530865 email: > carsten.delel...@delellis.net <mailto:carsten.delel...@delellis.net> > http://www.linkedin.com/in/carstenlaundelellis [2]Am 2013-06-28 13:13, > schrieb Achim Gottinger: Am 28.06.2013 10:31, schrieb Carsten Laun-De Lellis: > Hi list Does anyone has experience in setting up dovecot or any other mail > system with user auth against a Samba4 AD ? If yes could I get some advice on > that Topic or even a link to a ressource where I can get some Information. > Googled a lot but didn't find something yet. Thankx in advance. I did it with > dovecot/postfix on debian wheezy, there is alot more info if you look for > dovecot setup agains Microsoft AD. First create an user for ldap queries: >samta-tool user add ldap [password] Configure dovecot passdb against Samba4 AD, add or change this in your dovecot.conf bzw. auth-ldap-conf.ext (on wheezy) # Authentication for LDAP users passdb { driver = ldap args = /etc/dovecot/dovecot-ldap-passdb.conf.ext } Create /etc/dovecot/dovecot-ldap-passdb.conf.ext, can be you have to use sAMAccountName instead of cn for auth_bind_userdn and pass_filter. On my side these are identical because i migrated from samba3/openldap. Filter is looking for person classes with matchin cn and an exiting mail attribute. hosts = localhost auth_bind = yes auth_bind_userdn = cn=%u,cn=Users,dc=yourdomain,dc=local ldap_version = 3 base = cn=Users,dc=yourdomain,dc=local pass_filter = (&(objectClass=person)(cn=%u)(mail=*)) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba [3] Links: ------ [1] http://wiki2.dovecot.org/AuthDatabase/LDAP/AuthBinds [2] http://www.linkedin.com/in/carstenlaundelellis [3] https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
