15 messages in net.sourceforge.lists.courier-imapRe: [Courier-imap] advanced courier l...| From | Sent On | Attachments |
|---|---|---|
| Jax | Apr 1, 2007 10:06 pm | |
| Sam Varshavchik | Apr 2, 2007 3:59 am | |
| Jax | Apr 2, 2007 11:30 am | |
| Jax | Apr 2, 2007 12:02 pm | |
| Christian Rost | Apr 2, 2007 12:58 pm | |
| Sam Varshavchik | Apr 2, 2007 3:23 pm | |
| Jax | Apr 2, 2007 4:23 pm | |
| Brian Candler | Apr 5, 2007 12:18 pm | |
| Jax | Apr 5, 2007 7:50 pm | |
| Sam Varshavchik | Apr 5, 2007 9:37 pm | |
| Brian Candler | Apr 5, 2007 11:01 pm | |
| Brian Candler | Apr 5, 2007 11:40 pm | |
| Jax | Apr 5, 2007 11:40 pm | |
| Sam Varshavchik | Apr 6, 2007 6:39 am | |
| Jax | Apr 6, 2007 5:48 pm |
| Subject: | Re: [Courier-imap] advanced courier ldap auth problem solved | |
|---|---|---|
| From: | Jax (cybe...@gmail.com) | |
| Date: | Apr 6, 2007 5:48:59 pm | |
| List: | net.sourceforge.lists.courier-imap | |
Sam Varshavchik wrote:
Jax writes:
Sam Varshavchik wrote:
Jax writes:
Brian Candler wrote:
On Tue, Apr 03, 2007 at 01:23:58AM +0200, Jax wrote:
authdaemon: starting client module authdaemon: REJECT authdaemon: REJECT
Turn up debugging. Set DEBUG_LOGIN=2 in authdaemonrc.
Well the only problem was that DEBUG_LOGIN=2 is not uppercase but lowercase. Now I see what cause the problem:
Sep 18 06:03:18 Slider authdaemond.ldap: received auth request, service=imap, authtype=login Sep 18 06:03:18 Slider authdaemond.ldap: authldap: trying this module Sep 18 06:03:18 Slider authdaemond.ldap: using search filter: (&(objectClass=CourierMailAccount)(mail=use...@test.com)) Sep 18 06:03:19 Slider authdaemond.ldap: one entry returned, DN: cn=john,ou=Courier,ou=Services,dc=logonserver,dc=lan Sep 18 06:03:19 Slider authdaemond.ldap: raw ldap entry returned: Sep 18 06:03:19 Slider authdaemond.ldap: | mail: use...@test.com Sep 18 06:03:19 Slider authdaemond.ldap: | cn: john Sep 18 06:03:19 Slider authdaemond.ldap: | homeDirectory: /home/users/user1 Sep 18 06:03:19 Slider authdaemond.ldap: | userPassword: {MD5}Tlu66vyCq3qhOFvqjvXTCg== Sep 18 06:03:19 Slider authdaemond.ldap: authldaplib: sysusername=use...@test.com, sysuserid=1017, sysgroupid=1017, homedir=/home/users/user1, address=use...@test.com, fullname=john, maildir=<null>, quota=<null>, options=<null> Sep 18 06:03:19 Slider authdaemond.ldap: authldaplib: clearpasswd=<null>, passwd={MD5}Tlu66vyCq3qhOFvqjvXTCg== Sep 18 06:03:19 Slider authdaemond.ldap: rebinding with DN 'cn=john,ou=Courier,ou=Services,dc=logonserver,dc=lan' to validate password Sep 18 06:03:19 Slider authdaemond.ldap: authentication bind failed, invalid credentials Sep 18 06:03:19 Slider authdaemond.ldap: authldap: REJECT - try next module Sep 18 06:03:19 Slider authdaemond.ldap: FAIL, all modules rejected
It tries to rebind the connection using the john credential, but everyone has read permission to everything atm. So do I need to give any other specific privilege for someone to "log in" to ldap?! I already added the posixuser attribute to it.
You do not need an authenticated bind in this configuration. Remove LDAP_AUTHBIND.
Thank you very much. Now finally works :-)
Regards,
Jax