Server :: Dovecot Authentication Over TLS To LDAP Directory
Nov 12, 2010
I have Centos ( and Postfix+ldap+dovecot ) TLS works with Postfix and LDAP. When I open evolution mail client I can browse ldap tree and search for users, send-receive mails ...all fine
View 3 Replies
ADVERTISEMENT
Apr 5, 2010
i have successful secure ldap replication but i could not make ldap client to direct its authentication to slave ldap
here is my config file on ldap client (i am not sure if it is the right place though)
ip : 192.168.1.183 is master ldap
ip : 192.168.1.185 is slave ldap
pico /etc/ldap/ldap.conf
#
# LDAP Defaults
code....
View 11 Replies
View Related
May 25, 2011
I am using RackMonkey to map out my lab. Unfortunately, due to RM limitations, every user who accesses the site has write access UNLESS they are logged in as a user named "guest". I currently have Apache allowing only the users (sysadmins) in an LDAP group access to RM, but I would like to allow read-only access for other users as well.I found mod_authn_anon, but I am having trouble combining the two authentication methods. I am using Apache 2.2.18 (compiled myself) on SLES 11.1.
This is the common part:
Code:
AuthType Basic
AuthBasicProvider ldap anon
Order allow,deny
Allow from all
This part by itself works for the LDAP authentication:
Code:
AuthName "System Admins"
AuthLDAPURL "ldaps://example.com/ou=ldap,o=example.com?mail" SSL
Require ldap-group cn=SysAdmins,ou=memberlist,ou=groups,o=example.com
This part works by itself for guest access:
Code:
Anonymous guest
Anonymous_VerifyEmail Off
Anonymous_MustGiveEmail Off
Anonymous_LogEmail on
Require valid-user
But if I have both of the previous blocks enabled at once, then guest access does not work. If I throw in a "Satisfy any", then I am not prompted for a username at all. How can I allow access to this LDAP group and to a user named "guest", but not allow all valid LDAP users to log in?
View 1 Replies
View Related
Mar 4, 2010
I have installed openldap version 2.4.21 and configured with the help of the site [URL] and the LDAP address book is working fine. But I need to create an LDAP directory such that it will contain the user name and passwords for the users and when user is logging to any application he is authenticated from LDAP directory
e.g Users who need to browse the internet need to authenticate with username and password for access from the firewall (Juniper Netscreen) and similarly other applications like oracle ERP such that they will have only 1 username and password stored in LDAP directory and all other applications will search for the user name and password for authentication.
View 5 Replies
View Related
Nov 9, 2010
I'm having a problem with squidguard filter with AD authentication. I have downloaded the latest stable source package from squidguard site and I followed the instructions for the ldap(AD) authentication but it does not work at all.I have googled and tried everything but no luck. (first 30 hits on google) Anyway this is the LDAP auth part: http://www.squidguard.org/Doc/authentication.html at squidguard and this is how to build the package.
View 2 Replies
View Related
Oct 14, 2010
I am running the following on CentOS 5.5 (Final)
dovecot 1.0.7
saslauthd 2.1.22
When I send an email via TLS I see the following log entries.
Code:
Oct 14 11:53:06 ns2 postfix/smtpd[11372]: connect from unknown[172.16.1.159]
Oct 14 11:53:06 ns2 postfix/smtpd[11372]: setting up TLS connection from unknown[172.16.1.159]
[Code]....
What I'm really curious about is there is an intial TLS connection with a 256 bit cipher, but then.. The last entry states "sasl_method=PLAIN" - so surely this is not encrypted? Or am I misunderstanding how it works?
View 2 Replies
View Related
Nov 4, 2010
Situation: fresh dovecot install. I have postfix successfully accepting and delivering mail to a virtual mailbox. I'm trying to pop that mailbox, but it can't see it. I hope someone can point out where my config is wrong.
View 2 Replies
View Related
Dec 9, 2010
I installed Nconf software on a Debian server.I am trying to configure Nconf Authentication with LDAP.I edited nconf's authentication.php file accordingly and I installed php5-ldap package.When i enter user-name and password in Nconf's login screen.
View 1 Replies
View Related
Feb 9, 2011
I want to ask how many applications can we use with LDAP authentication
View 1 Replies
View Related
Jul 25, 2010
Install and configure Samba as a primary domain controller with LDAP on Linux.i setup it step by step following article without error until step 10.i want to join windows client when press user name and password for domain then display message:The following error occurred attempting to join the domain BIGTIME:
The network path was not found.
View 3 Replies
View Related
Feb 16, 2011
I'm having a pretty weird problem, and really have no idea where to begin in tracing and fixing it. But here goes.I'm running Ubuntu 10.10 on 2 machines, and have installed OpenLDAP as per the guide https://help.ubuntu.com/10.10/server...ap-server.html it all seemed to be going well having it installed and running on Server A, including authentication. So a few days later I decided to setup server B to be a slave replica. Which after a little bit of fiddling seems to working and keeping the records in sync.
Then I did an apt-get upgrade on server A. then my problem started.Basically getent passwd, only returns one entry from the LDAP and so does getent group.But a search of LDAP returns everything that's there.I've been comparing the config files between Server A and Server A for PAM etc, and everything is the same.but if I change ldap.conf on server A to point the uri ldap://server B/ and rerun getent passwd it returns all the users and getent group returns all the groups.I've compared the LDAP entries between Server A and Server B and they're staying in sync.It looks like it's more to do with ldap than the auth config if just changing the server fixes it, but as server A is the master LDAP server I'm really at a loss.
If getent was only returning local users it'd be something, but it's returning local + 1 LDAP user or 1 group. Which just seems weird.Any help would be greatly appreciated. I'm sure posting some logs would be helpful, but I have no idea which so if someone can let me know what extra info would be more helpful I'll post it back asap.
View 1 Replies
View Related
Sep 26, 2010
I want to Configure Linux LDAP Server for user authentication when my users want to connect to the internet.Also i don't want the user to get the home directory on server. i configured ldap server and ldap client without PAM & SASL.and now with perl i can search in ldap for my client's username & password in ldap.
View 1 Replies
View Related
Jan 10, 2011
I started a new job and they use LDAP here. I built a new RHEL 5.5 server and configured LDAP. Usernames are recognized but the password is not. I can chown a file to a user name but when I try to login as the user it won't accept the password.I know the password is correct because I can login to any of the old boxes and it accepts the password. I ran authconfig-tui to tell my RHEL box to authenticate to ldap.
View 1 Replies
View Related
Oct 24, 2010
Making a Samba Server with LDAP authentication. Will post as I go along. Found these sources, anything/hiccups I should know before jumping in? Figure would follow the official documentation then check the others for comparative errors.
https://help.ubuntu.com/10.04/server...ap-server.html
https://help.ubuntu.com/10.04/server...amba-ldap.html
http://tuxnetworks.blogspot.com/2010...cid-short.html
Also Do other computers that want access to server also need samba installed (or just client)?
The server is 10.04 and my proposed client is 10.10, does this create problems?
Do I need to use ACL? I see them only in certain places.
Using xfce after Ubuntu install, not sure if this matters.
View 9 Replies
View Related
Jan 18, 2010
how to make a new Ubuntu 9.10 box use our LDAP/Samba server for user authentication. Our Red Hat and Windows machines all use it just fine. I've been trying to use the auth-client-config and libnss-ldap packages for this purpose, but I must be missing something. I'm pretty green with LDAP, so this is my first time diving in... Is there a good How-To or step-by-step read on this? All of my searches lead me to setting up Ubuntu as the server, and that isn't what I want. I've also tried the steps listed in [URL] for the LDAP Authentication section.
View 1 Replies
View Related
Jun 9, 2011
Today I'm trying to configure Postfix+Dovecot to use Samba4's LDAP database for authorisation and mail delivery. As I can see from /var/log/mail.log, Dovecot tries to bind to LDAP right after reboot , but fails:
Code:
pdcadmin@PDC1:~$ cat /var/log/mail.log
Jun 9 13:06:46 PDC1 dovecot: auth(default): ldap_bind
Jun 9 13:06:46 PDC1 dovecot: auth(default): ldap_simple_bind
[code].....
Believing this to be a sign of succesfull bind, I couldn't understand the reason behind it. Why do I need to restart or reload dovecot service to make it work (though it fails on the next step with "dict_ldap_lookup: Search error 1: Operations error" and "451 4.3.0 ... Temporary lookup failure")?
View 2 Replies
View Related
Mar 16, 2009
I did useradd -g users ldaptest and tried logging in remotely but the client always says no such user. what do I have to do to update the users that LDAP sees?
View 2 Replies
View Related
Mar 24, 2010
I've installed Directory Server (LDAP). The setup has been done according to the tutorials online. Able to access the interface as well. So far so good. The issue I have is with permissions. I can assign file permissions to a user created in the Directory Server ( user not created on the local server). But the same can't be done for a group - alteast the way I currently see it. How could i assign file system rights to a group created in the directory server.
View 5 Replies
View Related
Jun 13, 2010
I've been having enormous problems with pam authentication. I use opensuse 11.1, postfix 2.5.5, dovecot 1.1.7. , ssl, dovecot-sasl. Everything works fine within local network, but I can't log in from outside (using outlook express 6). Output of dovecot -n:
protocols: imap imaps pop3 pop3s
listen(default): *:143
listen(imap): *:143
listen(pop3): *:110
[code].....
View 4 Replies
View Related
Aug 22, 2010
I am trying to setup Postfix along with dovecot on RHEL4. I have done the necessary settings in dovecot.conf, yet I am not able to log into the POP3 server. The error I can see through WireShark/Ethereal is "Err- Authentication failed" Some of the important settings in /etc/dovecot.conf are
disable_plaintext_auth = no
auth_mechanisms = plain
auth_userdb = passwd
auth_passdb = pam
auth_user = root
The users/passwords are setup on Linux file system without MQSql or any other database. SASL etc is not configured at all.
View 1 Replies
View Related
Jun 23, 2010
Im using CenOs 5 and have install a mail system(postfix+dovecot),when I trying to enable selinux for enforcing mode and i'm have some issue, the user authentication failed. How can i to fix this problem?
View 2 Replies
View Related
Feb 5, 2010
I've been busy with configuring Samba with the 389-Directory Server (former Fedora Directory Server) for the past weeks and I almost have everything working. The last thing (I hope) that I haven working are the smbldap-tools which I'd like to use for adding computers and users to the domain. The part where I'm stuck is with the security certificates. I don know how to get the client certificates out of my installation.
My smbldap.conf file contains this:
Code:
# $Source: $
# $Id: smbldap.conf,v 1.18 2005/05/27 14:28:47 jtournier Exp $
#
# smbldap-tools.conf : Q & D configuration file for smbldap-tools
# Purpose :
# . be the configuration file for all smbldap-tools scripts .....
I used the setupssl2.sh script to setup ssl for my 389-ds, which seemed to have worked fine. I however simply have no clou how to get client certificates out of this.
View 1 Replies
View Related
Nov 19, 2010
(This was posted at the end of another thread, where it probably didn't belong, so reposting here)I have Active Directory set up on one machine (and I can't really adjust the settings very much) and Ubuntu Server 10.04, which I would like to use as a client.I followed the directions at https://help.ubuntu.com/community/LD...Authentication, but when I get to
Code:
getent passwd
I don't see anything from the LDAP, and ssh'ing into the box from an LDAP/AD username certainly doesn't work.
In addition, I've attempted to use Webmin's LDAP Configuration module to configure it. I can connect to the server and can browse it with the LDAP browser with my settings, but the Webmin package doesn't recognize the users (which are organized in one of four Organizational Units (OUs) within the OU that I have as my Search Base) as users,
View 1 Replies
View Related
May 9, 2011
My slapd.conf file
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
# Allow LDAPv2 client connections. This is NOT the default.
allow bind_v2
# Do not enable referrals until AFTER you have a working directory
code....
View 19 Replies
View Related
Aug 23, 2010
I just went through a painful upgrade from 8.04 to 10 LTS. I've made a lot of progress but am still having email problems. Dovecot seems to not be able to run, the log is continually reporting:
Aug 22 23:47:34 amd64 postfix/smtpd[22298]: fatal: no SASL authentication mechanisms
Here's this section of dovecot.conf:
auth default {
mechanisms = plain login
passdb pam {
}
[Code]....
View 1 Replies
View Related
Jun 24, 2010
I'm using FC8 and have installed a mailserver(postfix+dovecot),when I trying to enable the selinux mode to enforcing and i'm have some issue, the user authentication failed.if turn the selinux mode to permissive, then it work right.How can i to fix this problem?
View 14 Replies
View Related
Apr 28, 2011
I am new to to dovecot and would like some help, so please be kind.I have one user that can send mail but not read it either by pop3 or imap.I am running Dovecot 2.0.11 on Fedora 14.
View 2 Replies
View Related
Jun 28, 2010
I am setting up Fedora-13 with "389 directory server" for authentication. I had performed the following steps.
1. Install FD-13.
2. Yum install 389-ds.
3. Run script to configure.
4. Start 389-condole and create few group and user for testing.
I can see these user with "ldapsearch" and with "phpldapadmin". It looks my server is responding. However, I am unable to see any user name with "getent passwd". also "ssh server_user@server" is not able to login. Whereas "getent passwd" shows local user and "ssh local_user@server" is able to login. Also note that I am not using ssl, so want to avoid ssl.
View 9 Replies
View Related
Sep 28, 2010
Just installed openldap server on a VM CentOS called 'ldapsrv', it works fine, ldapsearch returns all ldap information.
Installed openldap client on another VM CentOS called 'ldapclient1', configured it with most basic configuration, no ssl/tls etc. but ldapsearch returns error:
ldapsrv is pingable:
Some outputs:
PHP Code:
PHP Code:
View 20 Replies
View Related
Dec 30, 2010
I'm using squid 2.6, Win2008 AD server. Clients are using winxp, win7. how to config squid for the authentication with win2008 AD?
View 2 Replies
View Related