Authentification dovecot ldap

Support Debian
#1

Bonjour a tous:

Alors voila je suis en stage et je dois mettre en place un service de mail.
Pour ce faire nous avons opté pour3 les 3 programmes suivant:
onpenLDAP
Dovecot
Postfix
Pour le moment j’ai mis en place openLDAP et Dovecot.
Je voudrais authentifier un utilisateur sur dovecot en passant par openldap.

Pour tester ma config je fait un telnet:
login test@flo-debian.gescom test
. NO Temporary authentication failure.

Dans les fichiers log:
Feb 25 12:27:18 Flo-Debian dovecot: auth(default): ldap(test@flo-debian.gescom,127.0.0.1): ldap_search((& (objectClass=mailAccount)(mail=test@flo-debian.gescom)(mailenable=OK))) failed: No such object

fichier de config:
ldap.conf:
host localhost
base dc=flo-debian,dc=gescom

dovecot-ldap:

LDAP protocol version to use. Likely 2 or 3.

ldap_version = 3

LDAP base. %variables can be used here.

base = dc=flo-debian, dc=gescom

Dereference: never, searching, finding, always

#deref = never

Search scope: base, onelevel, subtree

#scope = subtree

User attributes are given in LDAP-name=dovecot-internal-name list. The

internal names are:

uid - System UID

gid - System GID

home - Home directory

mail - Mail location

There are also other special fields which can be returned, see

wiki.dovecot.org/UserDatabase/ExtraFields

user_attrs = mailbox=home

Filter for user lookup. Some variables can be used (see

wiki.dovecot.org/Variables for full list):

%u - username

%n - user part in user@domain, same as %u if there’s no domain

%d - domain part in user@domain, empty if user there’s no domain

user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK)))

Password checking attributes:

user: Virtual user name (user@domain), if you wish to change the

user-given username to something else

password: Password, may optionally start with {type}, eg. {crypt}

There are also other special fields which can be returned, see

wiki.dovecot.org/PasswordDatabase/ExtraFields

pass_attrs = mail=user,userPassword=password

If you wish to avoid two LDAP lookups (passdb + userdb), you can use

userdb prefetch instead of userdb ldap in dovecot.conf. In that case you’ll

also have to include user_attrs in pass_attrs field prefixed with “userdb_”

string. For example:

#pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid

Filter for password lookups

pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))

Default password scheme. “{scheme}” before password overrides this.

List of supported schemes is in: wiki.dovecot.org/Authentication

#default_pass_scheme = CRYPT

You can use same UID and GID for all user accounts if you really want to.

If the UID/GID is still found from LDAP reply, it overrides these values.

user_global_uid = vmail
user_global_gid = mail

Je suis sur une debian lenny
l’utilisateur test a ete ajouté

Comment réussir a authentifier au près de ldap ?

Merci pour votre aidre

Xillion