madeinjura
New member
- Joined
- Oct 30, 2012
- Messages
- 1
Hello everybody,
As explained in the topic, i have troubles with authentication of my users.
First of all, sorry for my poor english...
I'm running dovecot v1.2.15 on a Debian 6 64bits server up to date.
My users database is an Active Directory 2003 (it's important to know that because Active Directory can't retrieve users passwords, you have to bind LDAP with a domain administrator).
So, i'm using userdb ldap for authenticated my users and it works ! BUT...
When an user having a password with special characters like " ² ° § µ à é è ç à â ê î ô û ù ä ë ï ö ü ", authentication does not work.
And in my log file : MY_SERVER | mail/info | dovecot | 2012/08/27 10:42:14 | auth(default): cache(my_user,192.168.7.127): plain(RU0975é*) != 'RU0975é*'
As you can see, the character é has been replaced by é.
My dovecot.conf :
protocols = imap imaps pop3 pop3s managesieve
shutdown_clients = yes
protocol imap {
listen = 192.168.7.1:143
ssl_listen = 192.168.7.1:993
mail_plugins = quota imap_quota autocreate
imap_client_workarounds = outlook-idle delay-newmail tb-extra-mailbox-sep
}
protocol pop3 {
listen = 192.168.7.1:110
ssl_listen = 192.168.7.1:995
mail_plugins = quota
pop3_no_flag_updates = no
pop3_reuse_xuidl = no
pop3_lock_session = no
pop3_uidl_format = %08Xu%08Xv
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
protocol managesieve {
listen = 192.168.7.1:4190
login_executable = /usr/lib/dovecot/managesieve-login
mail_executable = /usr/lib/dovecot/managesieve
managesieve_implementation_string = dovecot
}
protocol lda {
mail_plugins = sieve quota
postmaster_address = [email protected]
hostname = webmail.contoso.fr
sendmail_path = /usr/sbin/sendmail
quota_full_tempfail = no
auth_socket_path = /var/run/dovecot/auth-master
}
log_timestamp = "%Y-%m-%d %H:%M:%S "
syslog_facility = mail
mail_debug = no
auth_debug = no
auth_debug_passwords = no
ssl = required
ssl_cert_file = /etc/ssl/certs/webmail.contoso.fr.pem
ssl_key_file = /etc/ssl/private/webmail.contoso.fr.key
ssl_ca_file = /etc/ssl/certs/VERYSIGN.pem
ssl_verify_client_cert = no
mail_location = maildir:%h
mail_full_filesystem_access = no
mail_uid = 500
mail_gid = 8
mail_privileged_group = mail
first_valid_uid = 500
last_valid_uid = 500
first_valid_gid = 8
last_valid_gid = 8
login_greeting = Webmail CONTOSO
login_process_size = 256
login_process_per_connection = no
login_processes_count = 2
login_max_processes_count = 128
login_max_connections = 512
max_mail_processes = 1024
mail_process_size = 256
mail_max_keyword_length = 50
disable_plaintext_auth = yes
auth_failure_delay = 2
auth_process_size = 256
auth_username_format = %Lu
auth default {
mechanisms = plain login
auth_cache_size = 2048
passdb ldap {
args = /etc/dovecot/dovecot-ldap.conf
}
userdb ldap {
args = /etc/dovecot/dovecot-ldap.conf
}
user = vmail
count = 1
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0600
user = vmail
group = mail
}
client {
path = /var/run/dovecot/auth-client
mode = 0666
user = vmail
group = mail
}
}
}
dict {
}
plugin {
quota = maildir:User quota
quota_warning = bytes=80%% /usr/lib/dovecot/quota-warning 80
quota_warning2 = bytes=95%% /usr/lib/dovecot/quota-warning 95
quota_warning3 = bytes=99%% /usr/lib/dovecot/quota-warning 99
sieve=dovecot.sieve
sieve_dir=~/.Sieve
sieve_extensions=+imapflags
autocreate = Spam
autocreate2 = Trash
autosubscribe = Spam
autosubscribe2 = Trash
autosubscribe3 = Sent
autosubscribe4 = Drafts
}
And my dovecot-ldap.conf :
# My domain controller
uris = ldap://192.168.1.1:3268
dn = CN=ServerOperator,CN=Users,DC=contoso,DC=fr
dnpass = MyPassword
debug_level = 0
auth_bind = yes
ldap_version = 3
base = CN=Users,DC=contoso,DC=fr
deref = never
scope = subtree
user_attrs = mailDirectory=home=/var/spool/mail/%$,mailQuota=quota_rule=*:bytes=%$,=quota_rule2=Trash:storage=100%%
user_filter = (&(|(sAMAccountName=%n)(mailAcceptingGeneralID=%u)(mail=%u))(!(|(mailDrop="*|*")(mailDrop="*:*")(mailDrop="*/*")(userParams=noMail))))
pass_filter = (&(sAMAccountName=%n)(!(|(mailDrop="*|*")(mailDrop="*:*")(mailDrop="*/*")(userParams=noMail))))
default_pass_scheme = CRYPT
Does anyone else have this problem? If yes, how to solve?
Thank you in advance.
As explained in the topic, i have troubles with authentication of my users.
First of all, sorry for my poor english...
I'm running dovecot v1.2.15 on a Debian 6 64bits server up to date.
My users database is an Active Directory 2003 (it's important to know that because Active Directory can't retrieve users passwords, you have to bind LDAP with a domain administrator).
So, i'm using userdb ldap for authenticated my users and it works ! BUT...
When an user having a password with special characters like " ² ° § µ à é è ç à â ê î ô û ù ä ë ï ö ü ", authentication does not work.
And in my log file : MY_SERVER | mail/info | dovecot | 2012/08/27 10:42:14 | auth(default): cache(my_user,192.168.7.127): plain(RU0975é*) != 'RU0975é*'
As you can see, the character é has been replaced by é.
My dovecot.conf :
protocols = imap imaps pop3 pop3s managesieve
shutdown_clients = yes
protocol imap {
listen = 192.168.7.1:143
ssl_listen = 192.168.7.1:993
mail_plugins = quota imap_quota autocreate
imap_client_workarounds = outlook-idle delay-newmail tb-extra-mailbox-sep
}
protocol pop3 {
listen = 192.168.7.1:110
ssl_listen = 192.168.7.1:995
mail_plugins = quota
pop3_no_flag_updates = no
pop3_reuse_xuidl = no
pop3_lock_session = no
pop3_uidl_format = %08Xu%08Xv
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
protocol managesieve {
listen = 192.168.7.1:4190
login_executable = /usr/lib/dovecot/managesieve-login
mail_executable = /usr/lib/dovecot/managesieve
managesieve_implementation_string = dovecot
}
protocol lda {
mail_plugins = sieve quota
postmaster_address = [email protected]
hostname = webmail.contoso.fr
sendmail_path = /usr/sbin/sendmail
quota_full_tempfail = no
auth_socket_path = /var/run/dovecot/auth-master
}
log_timestamp = "%Y-%m-%d %H:%M:%S "
syslog_facility = mail
mail_debug = no
auth_debug = no
auth_debug_passwords = no
ssl = required
ssl_cert_file = /etc/ssl/certs/webmail.contoso.fr.pem
ssl_key_file = /etc/ssl/private/webmail.contoso.fr.key
ssl_ca_file = /etc/ssl/certs/VERYSIGN.pem
ssl_verify_client_cert = no
mail_location = maildir:%h
mail_full_filesystem_access = no
mail_uid = 500
mail_gid = 8
mail_privileged_group = mail
first_valid_uid = 500
last_valid_uid = 500
first_valid_gid = 8
last_valid_gid = 8
login_greeting = Webmail CONTOSO
login_process_size = 256
login_process_per_connection = no
login_processes_count = 2
login_max_processes_count = 128
login_max_connections = 512
max_mail_processes = 1024
mail_process_size = 256
mail_max_keyword_length = 50
disable_plaintext_auth = yes
auth_failure_delay = 2
auth_process_size = 256
auth_username_format = %Lu
auth default {
mechanisms = plain login
auth_cache_size = 2048
passdb ldap {
args = /etc/dovecot/dovecot-ldap.conf
}
userdb ldap {
args = /etc/dovecot/dovecot-ldap.conf
}
user = vmail
count = 1
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0600
user = vmail
group = mail
}
client {
path = /var/run/dovecot/auth-client
mode = 0666
user = vmail
group = mail
}
}
}
dict {
}
plugin {
quota = maildir:User quota
quota_warning = bytes=80%% /usr/lib/dovecot/quota-warning 80
quota_warning2 = bytes=95%% /usr/lib/dovecot/quota-warning 95
quota_warning3 = bytes=99%% /usr/lib/dovecot/quota-warning 99
sieve=dovecot.sieve
sieve_dir=~/.Sieve
sieve_extensions=+imapflags
autocreate = Spam
autocreate2 = Trash
autosubscribe = Spam
autosubscribe2 = Trash
autosubscribe3 = Sent
autosubscribe4 = Drafts
}
And my dovecot-ldap.conf :
# My domain controller
uris = ldap://192.168.1.1:3268
dn = CN=ServerOperator,CN=Users,DC=contoso,DC=fr
dnpass = MyPassword
debug_level = 0
auth_bind = yes
ldap_version = 3
base = CN=Users,DC=contoso,DC=fr
deref = never
scope = subtree
user_attrs = mailDirectory=home=/var/spool/mail/%$,mailQuota=quota_rule=*:bytes=%$,=quota_rule2=Trash:storage=100%%
user_filter = (&(|(sAMAccountName=%n)(mailAcceptingGeneralID=%u)(mail=%u))(!(|(mailDrop="*|*")(mailDrop="*:*")(mailDrop="*/*")(userParams=noMail))))
pass_filter = (&(sAMAccountName=%n)(!(|(mailDrop="*|*")(mailDrop="*:*")(mailDrop="*/*")(userParams=noMail))))
default_pass_scheme = CRYPT
Does anyone else have this problem? If yes, how to solve?
Thank you in advance.
