Hi all,
I think I did my homework, but stuck on an small part...so if someone know and has a time, please write.
So I have Centos ( and Postfix+ldap+dovecot ) TLS works with Postfix and LDAP. When I open evolution mail client I can browse ldap tree and search for users, send-receive mails ...all fine
But, when I set up
security ssf=112
in /etc/openldap/slapd.conf I cannot authorize users when connecting using evolution mail client.
At same time
Code:
ldapsearch -LLL -x -W -D 'cn=Manager,dc=abc,dc=com' -H ldap://mail1.abc.com -ZZ '(uid=*)'
works without problems , and I can list content of ldap tree.
and also
ldapsearch -x does not return anything -- so tls for ldap works.
How I understand it, it stucks when dovecot try to get information about passwords for users from LDAP, now I am trying to understand how to "learn" dovecot to talk over tls/ssl with ldap directory ?
Thanks in advance for any hint
/etc/dovecot.conf
Code:
protocols = imaps
ssl_disable = no
ssl_cert_file = /etc/pki/tls/certs/mail1.abc.com.cert
ssl_key_file = /etc/pki/tls/private/mail1.abc.com.key
mail_location = maildir:/home/vmail/%u/Maildir/,%u/Maildir
protocol imap {
}
protocol pop3 {
}
protocol lda {
}
auth_username_format = %Lu
auth default {
mechanisms = plain
passdb ldap {
args = /etc/dovecot-ldap.conf
}
passdb pam {
}
userdb static {
args = uid=507 gid=507 home=/home/vmail/%u
}
user = root
}
dict {
}
plugin {
}
/etc/dovecot-ldap.conf
Code:
hosts = 192.168.11.113
base = ou=People,dc=abc,dc=com
ldap_version = 3
/etc/postfix/ldap-users.conf
Code:
server_host = 192.168.11.113
search_base = ou=People,dc=abc,dc=com
version = 3
bind = yes
query_filter = (&(objectClass=person)(mail=%s))
result_attribute = uid