Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-16 Thread Anders
Wojtek Bogusz wrote: i need to offer users simple way of changing the password and editing mail address aliases. i was thinking of writing a simple web interface. but maybe there are already programs for doing this? I found Phamm and GOsa while looking for this kind of thing. Anders.

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-16 Thread Wojtek Bogusz
Rob. actually it works... you made me check one thing again and i did have a mistake with the user specified in dn in dovecot-ldap.conf. it was not possible to search userdb information with it. so a small fix in slapd.conf and it is working. now i am off to setting the ldap aliases for postfi

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-16 Thread Rob Coward
On Wed, 2008-04-16 at 08:28 -0500, Jack McKinney wrote: > Looking at your config, it seems that your passdb for LDAP depends on > your userdb, as you have mail= twice in your pass_attrs, once for > userdb_user. > For that matter, why do you have userPassword=password? dovecot should > n

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-16 Thread Jack McKinney
On Wed, 2008-04-16 at 08:16 +, Rob Coward wrote: > I cant help you with what is going wrong for you, but we use dovecot > very successfully with ldap lookups against Active Directory, using > auth_bind=yes, and it does not require anonymous connections. The > initial connection is by an un-priv

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-16 Thread Rob Coward
On Wed, 2008-04-16 at 10:39 +0100, Wojtek Bogusz wrote: > dear Rob, thank you for support! > there are small differences in mine and yours config, like: > > - you do not have auth_bind_userdn defined. if i comment my out i cannot > authenticate at all - log file: > auth(default): ldap(wojtek,192.

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-16 Thread Wojtek Bogusz
dear Rob, thank you for support! there are small differences in mine and yours config, like: - you do not have auth_bind_userdn defined. if i comment my out i cannot authenticate at all - log file: auth(default): ldap(wojtek,192.168.0.200): unknown user dovecot: auth(default): client out: FAIL^

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-16 Thread Rob Coward
I cant help you with what is going wrong for you, but we use dovecot very successfully with ldap lookups against Active Directory, using auth_bind=yes, and it does not require anonymous connections. The initial connection is by an un-privileged user that searches for the user, then a 2nd connection

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-15 Thread Wojtek Bogusz
/etc/ldap/sldap.conf: access to attr=uid,homeDirectory,uidNumber by anonymous read I do not have this in my configuration, and dovecot does indeed use the credential I provide to successfully query LDAP for the user based on the (mail=%u) criteria. However, it does not see the r

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-15 Thread Jack McKinney
On Tue, 2008-04-15 at 19:09 +0100, Wojtek Bogusz wrote: > >>> dn: dovecot needs a dn with which to search the database to find the > >>> user's DN based on their email. > >> This is done with an anonymous connection, > > > > Hmmm... wish the docs mentioned that. It means that I need to set up

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-15 Thread Wojtek Bogusz
dn: dovecot needs a dn with which to search the database to find the user's DN based on their email. This is done with an anonymous connection, Hmmm... wish the docs mentioned that. It means that I need to set up LDAP to allow anonymous searches for the mail field. Odd... is this tr

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-15 Thread Jack McKinney
On Tue, 2008-04-15 at 14:35 +0200, Steffen Kaiser wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Fri, 11 Apr 2008, Jack McKinney wrote: > > > dn: dovecot needs a dn with which to search the database to find the > > user's DN based on their email. > > This is done with an anonymo

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-15 Thread Steffen Kaiser
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 11 Apr 2008, Jack McKinney wrote: dn: dovecot needs a dn with which to search the database to find the user's DN based on their email. This is done with an anonymous connection, Now that dovecot knows what the user's DN is, it wi

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-11 Thread Jack McKinney
Hmmm... Perhaps my understanding is wrong. Below is the thought process that brought me here... userPassword: this is not included _because_ I am using auth_bind. dovecot is not going to check the userPassword field itself; instead, it is going to try and use the password supplied by the

Re: [Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-11 Thread Steffen Kaiser
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 8 Apr 2008, Jack McKinney wrote: hosts = ldap.lrtz dn = cn=varmail,ou=users,dc=lorentz,dc=com dnpass = * ldap_version = 3 auth_bind = yes pass_filter = (&(objectClass=inetOrgPerson)(mail=%Lu)) base = ou=users, dc=%Dd scope = onelevel

[Dovecot] Please help: LDAP configuration _almost_ works.

2008-04-08 Thread Jack McKinney
Red Hat Linux release 7.2 (Enigma) OpenLDAP 2.3.38 Dovecot 1.0.12 SHORT VERSION - --- Here is my dovecot-ldap.conf: hosts = ldap.lrtz dn = cn=varmail,ou=users,dc=lorentz,dc=com dnpass = * ldap_version = 3 auth_bind = yes pass_filter = (&(objectClass=inetOrgPerson)(mail=%L