[Dovecot] Multiple LDAP authentication servers

Romer Ventura rventura at h-st.com
Mon Oct 3 17:29:39 EEST 2011



We are performing a Domain migration and I was wondering if there was any
way to get Dovecot to authenticate to more than 1 LDAP server? Currently
dovecot is configure to query the "mail" attribute from Active Directory and
when found it binds with the credentials the user provided.


This works fine, but when migrating user accounts, they get disabled in the
source domain so that the user can no longer log on to it. But disabling the
account in the source domain, causes the user to be unable to use his email


Is there any way to get dovecot to try a second LDAP server if the first one
fails to authenticate..?


~# dovecot -n

# 1.2.11: /etc/dovecot/dovecot.conf

# OS: Linux 2.6.29-xs5.5.0.15 i686 Debian 5.0.4 ext3

log_timestamp: %Y-%m-%d %H:%M:%S

protocols: imaps imap

ssl_cert_file: /etc/ssl/certs/smtpd.crt

ssl_key_file: /etc/ssl/private/smtpd.key

login_dir: /var/run/dovecot/login

login_executable: /usr/lib/dovecot/imap-login

login_user: postfix

mail_privileged_group: mail

mail_uid: vmail

mail_gid: vmail

mail_location: maildir:/srv/mail/vmail/%Ud/%Ln/Maildir

mbox_write_locks: fcntl dotlock

imap_client_workarounds: delay-newmail outlook-idle netscape-eoh


  postmaster_address: postmaster at h-st.com

  auth_socket_path: /var/run/dovecot/auth-master

  log_path: /var/log/dovecot-deliver.log

  info_log_path: /var/log/dovecot-deliver-info.log

auth default:

  mechanisms: plain login


    driver: ldap

    args: /etc/dovecot/dovecot-ldap.conf


    driver: ldap

    args: /etc/dovecot/dovecot-ldap.conf


    type: listen


      path: /var/spool/postfix/private/auth-client

      mode: 432

      user: postfix

      group: postfix


      path: /var/run/dovecot/auth-master

      mode: 384

      user: vmail

      group: vmail




Romer Ventura


More information about the dovecot mailing list