Postfix + Dovecot / Slapd Authentication - dovecot lda uidnumber Error

Status
Not open for further replies.

ryanm021

New member
Joined
Aug 4, 2014
Messages
1
I'm Trying to Configure Postfix and Dovecot with Openldap/Slapd Authentication and the mailing panel is Squirrelmail.

**[Slapd Server]**--------------**[Postfix/Dovecot/Squirrelmail(SRV2)]**--------------**[Client]**

Linux Distribution: Debian Wheezy 7.5
Dovecot Version: 2.1.7
Postfix Version: 2.9.6
Slapd Version: 2.4.31


Slapd Directory and LDAP User Objects are Configured Correctly and all users can login to Squirrelmail panel which means that dovecot and postfix ldap queries will be searched on ldap directories and get users attributes and it succeeds.

The Problem Is That, When Someone for example user:tom with uidnumber:1002 Sends an email, dovecot-lda will have an error on user uidnumber which says:

> SRV2 dovecot: lda([email protected]): Fatal: setuid(1002 from
> userdb lookup) failed with euid=1001(admin): Operation not permitted
> (This binary should probably be called with process user set to 1002
> instead of 1001(admin))

But When user:admin with uidnumber:1001 Sends an email It Will Work Perfectly. So By This Issue, Everyone Except user:admin Cannot Send emails.

On Slapd, uid and ObjectClass are indexed and "everyone" is able to read ldap directories.

***Summary of main.cf***

inet_protocols = ipv4

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,reject_unauth_destination

virtual_mailbox_domains = mh.com
virtual_mailbox_maps = ldap:/etc/postfix/ldap.cf
virtual_transport = dovecot
local_recipient_maps =

myhostname = SRV2
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = /usr/lib/dovecot/deliver
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all


***master.cf***

dovecot unix - n n - - pipe
flags=DRhu user=admin:admin argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}


***/etc/postfix/ldap.cf***

server_host = 192.168.10.1
bind = yes
bind_dn = cn=admin,dc=mh,dc=com
bind_pw = xxxxx
search_base = ou=People,dc=mh,dc=com
query_filter = (uid=%u)
result_attribute = uid


***Summary of doveconf -n***

auth_default_realm = mh.com
disable_plaintext_auth = no
mail_gid = admin
mail_uid = admin
mail_location = maildir:/home/%n/Maildir
passdb {
driver = pam
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = " imap pop3"
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0777
group = postfix
user = postfix
}
unix_listener auth-userdb {
mode = 0777
}
}
service dict {
unix_listener dict {
mode = 0777
}
}
service lmtp {
unix_listener lmtp {
mode = 0777
}
}
ssl = no
userdb {
driver = passwd
}
userdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
protocol lda {
postmaster_address = root
}


> ***on mail server i've added admin user:***
>
> ***security things doesn't matter right now... :)***
>
> useradd -m admin
> chgrp admin /home
> chmod -R 777 /home

***Summary of /etc/dovecot/dovecot-ldap.conf.ext***

hosts = 192.168.10.1
dn = cn=admin,dc=mh,dc=com
dnpass = xxxxx
auth_bind = yes
ldap_version = 3
base = ou=People,dc=mh,dc=com
user_filter = (uid=%n)
pass_filter = (uid=%n)
 
You're posting in the wrong forum. The DirectAdmin forums are for users of the DirectAdmin webhosting control panel and we don't support Postfix. We use Exim.

Jeff
 
Status
Not open for further replies.
Back
Top