[Dovecot] dovecot with Active Directory problem
tss at iki.fi
Thu Nov 18 19:50:40 EET 2010
On Sun, 2010-11-14 at 21:31 +0900, marie ot wrote:
> I am using dovecot-2.0.6 with NetBSD amd64.
> hosts = xxx.xxx.xxx.xxx:389
> dn = cn=Mail Administrator, cn=Users, dc=example, dc=com
> dnpass = *********
dn is set, so Dovecot does a bind before doing anything else.
> Both dovecot and postfix the first "bindRequest" was quite
> the same demand and the results.
> Next, dovecot demanded query of "userPrincipalName" and "unixUserPassword".
> It seems to be ok for the result.
> # This fails if it doesn't add to "Account Operators" group.
> However, "name" and "simple" were issued by the blank (anonymously?)
What do you mean by "name" and "simple"?
> as for the following next demand (bindRequest).
Since you have auth_bind=no, there should be only a single bind request
at the beginning of LDAP connection, nothing afterwards.
> In addition, query of "userPrincipalName" and "unixUserPassword" is issued
> "cn=Configuration, dc=example, dc=com" afterwards.
Where's that Configuration coming from? It's not in your config file, so
I don't see why Dovecot would go querying it. Unless perhaps it's
OpenLDAP library that goes doing this stuff internally.
> errorMessage: 000004DC: LdapErr: DSID-0C0906DC, comment: In order to perform
> this operation a successful bind must be completed on the connection., data
> 0, v1db0
I don't see how this could happen, except if the previous LDAP reply
contains some kind of a reference elsewhere and OpenLDAP automatically
goes connecting there.
More information about the dovecot