Re: [Dovecot] Does dovecot work with OpenLDAP? (was Re: Please help: LDAP configuration _almost_ works.)

2008-04-18 Thread Jack McKinney
TLS/SSL for the LDAP connection. > > BTW: Do you use any sort of firewall, iptables or whatsoever on the mail, > dns or ldap server? Did you disabled it? LDAP and IMAP are on the same server. Since the query and the result both show up in the LDAP logs, it couldn't be a fir

Re: [Dovecot] more than one ldap database.

2008-04-17 Thread Jack McKinney
y ldap, ex: dc=dominio1,dc=it is the first > database and dc=dominio2,dc=it is the second one. > Can I put these two search bases in dovecot-ldap.conf? > -- Jack McKinney GPG 1024D/99C6A174 [EMAIL PROTECTED] YM:lfaatsnat2006 AIM:jackmclorentz Beware geeks bearing diffs signature.asc Description: This is a digitally signed message part

Re: [Dovecot] Does dovecot work with OpenLDAP? (was Re: Please help: LDAP configuration _almost_ works.)

2008-04-17 Thread Jack McKinney
]: conn=7 op=3 SEARCH RESULT tag=101 > err=0 nentries=1 text= > > Which shows the correct filter, but the requested attribute to return is > "uid", which is _not_ in your entry: > > # Jack McKinney, users, lorentz.com > dn: cn=Jack McKinney,ou=users,dc=lorentz,dc=c

Re: [Dovecot] Does dovecot work with OpenLDAP? (was Re: Please help: LDAP configuration _almost_ works.)

2008-04-16 Thread Jack McKinney
> method=PLAIN, rip=y.y.y.y, lip=x.x.x.x, TLS > > > > This isn't a TLS mismatch kidn of thing is it? -- Jack McKinney GPG 1024D/99C6A174 [EMAIL PROTECTED] YM:lfaatsnat2006 AIM:jackmclorentz Beware geeks bearing diffs signature.asc Description: This is a digitally signed message part

Re: [Dovecot] Does dovecot work with OpenLDAP? (was Re: Please help: LDAP configuration _almost_ works.)

2008-04-16 Thread Jack McKinney
e from OpenLDAP. > > What do you see in the dovecot logs with auth debug on? -- Jack McKinney GPG 1024D/99C6A174 [EMAIL PROTECTED] YM:lfaatsnat2006 AIM:jackmclorentz Beware geeks bearing diffs signature.asc Description: This is a digitally signed message part

[Dovecot] Does dovecot work with OpenLDAP? (was Re: Please help: LDAP configuration _almost_ works.)

2008-04-16 Thread Jack McKinney
. Rob, It sounds like you are trying to do EXACTLY what I am trying to do: 1. My users login with their email address. 2a. My users are all over the tree in the sense that you cannot determine the DN from the email alone. E.g., I am [EMAIL PROTECTED], but my DN is "cn=Jack McKinney, ou

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-16 Thread Jack McKinney
d=password? dovecot should never need to see the contents of this field. Indeed, this is the whole point of using auth_bind: instead of dovecot retrieving the password from LDAP and checking it against the user-supplied one, dovecot should _send_ the password to LDAP in the form of a bind and have LDAP

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-15 Thread Jack McKinney
ymous read I do not have this in my configuration, and dovecot does indeed use the credential I provide to successfully query LDAP for the user based on the (mail=%u) criteria. However, it does not see the reply. The fact that it does perform the query successfully implies to me

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-15 Thread Jack McKinney
On Tue, 2008-04-15 at 14:35 +0200, Steffen Kaiser wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Fri, 11 Apr 2008, Jack McKinney wrote: > > > dn: dovecot needs a dn with which to search the database to find the > > user's DN based on their

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-11 Thread Jack McKinney
h can search all domains for the "mail" field. Thus, dovecot will bind using the varmail DN and then search onelevel of "ou=users, dc=lorentz, dc=com" for an inetOrgPerson entry whose mail field is [EMAIL PROTECTED] As demonstrated by the ldapsearch in my earlier email, this will

[Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-08 Thread Jack McKinney
sers,dc=lorentz,dc=com' -x -W -s onelevel '(&(objectClass=inetOrgPerson)([EMAIL PROTECTED]))' Enter LDAP Password: # extended LDIF # # LDAPv3 # base with scope oneLevel # filter: (&(objectClass=inetOrgPerson)([EMAIL PROTECTED])) # requesting: ALL # # Jack McKinney, use

Re: [Dovecot] LDAP auth_bind hangs and times out

2008-04-04 Thread Jack McKinney
Me, too. I am sure that it is my configuration, but I cannot see what... On Fri, 2008-04-04 at 17:20 +0300, Timo Sirainen wrote: -- Jack McKinney GPG 1024D/99C6A174 [EMAIL PROTECTED] YM:lfaatsnat2006 AIM:jackmclorentz "There is no parameter that makes it impossible for you to pe

Re: [Dovecot] LDAP auth_bind hangs and times out

2008-04-04 Thread Jack McKinney
Dovecot is not receiving... On Fri, 2008-04-04 at 09:54 +0300, Timo Sirainen wrote: > On Apr 4, 2008, at 12:50 AM, Jack McKinney wrote: > > Hmmm... what versions of OpenLDAP and Dovecot are you using? > > A lot of people have them working with different LDAP versions. I've

Re: [Dovecot] LDAP auth_bind hangs and times out

2008-04-03 Thread Jack McKinney
(user)=foo > > If Dovecot receives a reply to the "bind search", it logs the "result" > line, which your logs show is missing. > > On Apr 4, 2008, at 12:06 AM, Jack McKinney wrote: > > I am not sure that I understand you, here. Are you saying that

Re: [Dovecot] LDAP auth_bind hangs and times out

2008-04-03 Thread Jack McKinney
ss_filter is used to find the LDAP entry, and the DN is taken > > from the reply." > > > > Should I add a dummy pass_attrs entry? What field is safe to grab? > > E.g., I do not want to overwrite "user"... > > > > On Thu, 2008-04-03

Re: [Dovecot] LDAP auth_bind hangs and times out

2008-04-03 Thread Jack McKinney
te "user"... On Thu, 2008-04-03 at 23:59 +0300, Timo Sirainen wrote: > On Thu, 2008-04-03 at 09:46 -0500, Jack McKinney wrote: > > > ldap([EMAIL PROTECTED],y.y.y.y): bind search: base=ou=users, > > dc=lorentz,dc=com > > filter=(&(objectClass=inetOrgPerson)([EM

Re: [Dovecot] LDAP auth_bind hangs and times out

2008-04-03 Thread Jack McKinney
Red Hat Linux release 7.2 (Enigma) OpenLDAP 2.3.38 Dovecot 1.0.12 On Thu, 2008-04-03 at 23:43 +0300, Timo Sirainen wrote: > On Thu, 2008-04-03 at 09:46 -0500, Jack McKinney wrote: > > I have _almost_ got Dovecot working! One little snag... > > What version? > -- Jack

[Dovecot] LDAP auth_bind hangs and times out

2008-04-03 Thread Jack McKinney
address/login name. I am trying to use auth_bind: when I login with [EMAIL PROTECTED], dovecot should search for [EMAIL PROTECTED] in the onelevel below ou=users,dc=lorentz,dc=com and find me as "cn=Jack McKinney,ou=users,dc=lorentz,dc=com". I have created an entry in LDA