authenticate LDAP to email server

Fri Jun 26 22:36:27 UTC 2015

i have made a file "/etc/dovecot/dovecot-ldap.conf.ext"

hosts = 10.10.1.3
base = dc=robina,dc=private
ldap_version = 3
auth_bind = yes
auth_bind_userdn = cn=%u,cn=home,ou=robina_users,dc=robina,dc=private
pass_attrs = uid=user
pass_filter = (&(objectClass=posixAccount)(uid=%u))

i have also uncommented out the "include" line in the file10-auth.conf

tried testing it by doing a telnet on my local host but it cant find my
user, any suggestions

many thanks

rob

On 26 June 2015 at 18:39, Robert Wild <robertkwild at gmail.com> wrote:

> Sorry for top posting, don't mean to, looks like my outlook mobile client
> does it by default
>
> Ok great thanks Daniel for this, also do you know if I have to change/edit
> the config files for postfix/openldap as well or just for dovecot
>
> Thank you
>
> Rob
>
> Sent from my Windows Phone
> ------------------------------
> From: Daniel Tröder <troeder at univention.de>
> Sent: ‎26/‎06/‎2015 08:35
> To: dovecot at dovecot.org
>
> Subject: Re: authenticate LDAP to email server
>
> Am 26.06.2015 um 09:27 schrieb Robert Wild:
> > That's great thanks,
> >
> > One thing tho I did a "ls /etc/dovecot" and I don't see a
> dovecot-ldap.conf
> >
> > Do I need to create that file or install it via yum?
> >
> > Thanks again for your help, very much appreciated
> >
> > Rob
> >
> > Sent from my Windows Phone
> Hi Rob,
>
> please don't top-post. On mailinglists it is custom, to write replies
> below the previous post.
>
> I don't use Fedora/CentOS/RH, so I don't really know, but in Debian*
> there is the LDAP part in a separate package. Maybe it is so in your
> case too.....
>
> I just looked at
> https://apps.fedoraproject.org/packages/dovecot/contents and it seems
> its all in 1 package, and you'll just have to copy it from
> /usr/share/doc/dovecot/example-config/ to /etc/dovecot.
>
> Greetings
> Daniel
>
> >
> > -----Original Message-----
> > From: "Daniel Tröder" <troeder at univention.de>
> > Sent: ‎26/‎06/‎2015 07:20
> > To: "dovecot at dovecot.org" <dovecot at dovecot.org>
> > Subject: Re: authenticate LDAP to email server
> >
> > Am 25.06.2015 um 22:36 schrieb robert k Wild:
> >> hi all,
> >>
> >> first things first my version and config -
> >>
> >> # 2.0.9: /etc/dovecot/dovecot.conf
> >>
> >> # OS: Linux 2.6.32-504.el6.x86_64 x86_64 CentOS release 6.6 (Final)
> >>
> >> auth_mechanisms = plain login
> >>
> >> mail_location = maildir:~/Maildir
> >>
> >> mbox_write_locks = fcntl
> >>
> >> passdb {
> >>
> >>   driver = pam
> >>
> >> }
> >>
> >> protocols = imap pop3
> >>
> >> service auth {
> >>
> >>   unix_listener /var/spool/postfix/private/auth {
> >>
> >>     group = postfix
> >>
> >>     mode = 0666
> >>
> >>     user = postfix
> >>
> >>   }
> >>
> >> }
> >>
> >> ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
> >>
> >> ssl_key = </etc/pki/dovecot/private/dovecot.pem
> >>
> >> userdb {
> >>
> >>   driver = passwd
> >>
> >> }
> >>
> >> -
> >>
> >> i have installed dovecot+ postfix email server and a
> >>
> >> LDAP server, if i create users on the LDAP server can dovecot pick up
> >>
> >> the usernames and create a mailbox for the individual users
> >>
> >> as atm
> >>
> >> if i want to create an email address for users i add the user to the
> >>
> >> email server and make a directory for the users mailbox and have to
> >>
> >> chmod and chown
> >>
> >> also just another question, can i set up mail groups on dovecot?
> >>
> >> cheers
> >>
> >> rob
> >>
> > Hi Rob,
> >
> > all you need to do is figure out what the attribute in your LDAP tree
> > is, that holds the email address. Then configure uris, dn, dnpass,
> > [tls*], base, scope, user_attrs, user_filter, iterate_attrs and
> > iterate_filter in /etc/dovecot/dovecot-ldap.conf.ext and uncomment the
> > include line in /etc/dovecot/conf.d/10-auth.conf
> >
> > http://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb
> >
> > Good luck
> > Daniel
> >
>
> --
> Daniel Tröder
> Open Source Software Engineer
>
> Univention GmbH
> be open
> Mary-Somerville-Str.1
> 28359 Bremen
> Tel.: +49 421 22232-91
> Fax : +49 421 22232-99
>
> troeder at univention.de
> http://www.univention.de
>
> Geschäftsführer: Peter H. Ganten
> HRB 20755 Amtsgericht Bremen
> Steuer-Nr.: 71-597-02876
>
>

-- 
Regards,

Robert K Wild.