[Dovecot] Dovecot 1.2.12+Postfix+Active Directory: virtual domain name dropped.
embed_bucket at cox.net
Fri Dec 24 01:53:32 EET 2010
I have a Windoze-only client who wants to move their mail hosting from
godaddy.com hosting to an in-house system. I'm pitching Linux as an
alternative to Exchange, and trying to set up a demonstration system for
them. While a long-time Linux user, my server admin experience has been in
setting up front-ends (mostly Apache-based web interfaces) for the embedded
systems I specialize in.
The goal is to have an IMAP server where the users don't have Linux IDs, and
only need to manually login to the Active Directory domain controller.
The client has multiple Internet domains, but all users are in the same
Active Directory realm internally.
With the help of the how-tos at linuxmail.info, I got the system to the point
of being able to authenticate logins for both IMAP and SMTP (usng
dovecot-SASL). I tried using PAM first, but it didn't work: running kinit
from the command line takes over 90 seconds to get a ticket, and Dovecot
timed out after 60 on every login attempt. So I switched to LDAP. Note: I
still don't understand why, but authentication through Active Directory
didn't work until I changed the querying distinguished name from
the "cn=,dc=,dc=" format to "user at xxxx.local" format.
I have Postfix using dovecot-deliver as the LDA, but I hit a snag: deliver is
not putting the domain name in the path to the maildir.
I have the active directory query set as:
user_filter = (&(objectClass=user)(samaccountname=%n))
user_attrs = =home=/var/mailstore/%d/%n. =uid=501, =gid=501, \
When I send mail to testing.testing at xxxx.xxx (real domain obscured), I see
this in mail.log
Dec 23 10:49:24 IBMUBUNTU1 dovecot: auth(default): master in:
USER#0111#011testing.testing at xxxx.xxx#011service=deliver
Dec 23 10:49:24 IBMUBUNTU1 dovecot: auth(default): ldap(testing.testing): user
search: base=dc=lawley, dc=local scope=subtree filter=(&(objectClass=user)
Dec 23 10:49:24 IBMUBUNTU1 dovecot: auth(default): ldap(testing.testing):
result: objectClass(?unknown?)= cn(?unknown?)= sn(?unknown?)=
givenName(?unknown?)= distinguishedName(?unknown?)= instanceType(?unknown?)=
whenCreated(?unknown?)= whenChanged(?unknown?)= displayName(?unknown?)=
uSNCreated(?unknown?)= uSNChanged(?unknown?)= name(?unknown?)=
primaryGroupID(?unknown?)= objectSid(?unknown?)= sAMAccountName(?unknown?)=
Dec 23 10:49:24 IBMUBUNTU1 dovecot: auth(default): master out:
i.e., the domain does not appear in the paths to the home directory or
I found a bug report in the mailing list that looks like it might be the same
problem (%d not supported in user_attrs), but the fix it references is for
Is this a known problem in 1.x? Is there a fix/workaround for it? E.g.,
could I have Postfix generate the maidir path and pass it to deliver as
the "-m" parameter?
More information about the dovecot