On Fri, 2008-12-19 at 02:53 +0300, Zohan wrote:
> As we see, the first "if" block intercepts auth_request->passdb_password ==
> NULL condition, ignoring auth_request->no_password and making line 127
> (passdb_result = PASSDB_RESULT_OK) unreachable even if
> auth_request->no_password is set.
> Fo
Timo,
Seems that "nopassword" extra field (more exactly, auth_request->no_password
condition) is completely ignored in passdb-ldap.c, due to (line 112 as of
Dovecot 1.1.7):
===
if (auth_request->passdb_password == NULL) {
auth_request_log_error(auth_request, "ldap",
> Do you have a "nopassword" field in LDAP? If not, then it doesn't get
> set. Perhaps what you want is:
>
> pass_attrs = uid=user, =nopassword=1
Timo,
Thank you for your tip. The correct dovecot-ldap.conf line should look like:
pass_attrs = uid=user, =password=, =nopassword=1
But even in this
On Tue, 2008-12-09 at 02:44 +0300, Zohan wrote:
> Dec 9 02:11:15 localhost dovecot: auth(default): ldap(user1,127.0.0.1): pass
> search: base=ou=People,dc=example,dc=com scope=subtree
> filter=(&(objectClass=inetOrgPerson)(uid=user1)) fields=uid,nopassword
Do you have a "nopassword" field in LD
OTECTED] On Behalf
> Of Zohan
> Sent: Tuesday, December 09, 2008 12:45 AM
> To: dovecot@dovecot.org
> Subject: [Dovecot] "nopassword" extra field useless with LDAP passdb
>
> Hi,
>
> We are trying to implement a highly secure mail server with user
> authenticat
Hi,
We are trying to implement a highly secure mail server with user authentication
restricted to SSL certificates only (not using passwords at all). Still, user
information is stored in a LDAP directory. In this configuration LDAP is used
to check whether the user is registered (and probably s
