Topic: AD + Dovecot + Postfix + RoundCube Temporary authentication fail
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Hello,
I've install mail server with AD authentification:
I've this ERROR when test whith TELNET :
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot (Ubuntu) ready.
. login user@domaine.com <userpwd>
* OK Waiting for authentication process to respond..
. NO [UNAVAILABLE] Temporary authentication failure.
But POSTMAP TEST is OK
#postmap -q user@domaine.com ldap:/etc/postfix/ad_virtual_mailbox_maps.cf
domaine.com/user/Maildir/
#dovecot -n
auth_debug = yes
auth_debug_passwords = yes
auth_master_user_separator = +
auth_mechanisms = plain login
auth_verbose = yes
base_dir = /var/run/dovecot/
disable_plaintext_auth = no
lda_mailbox_autocreate = yes
log_path = /var/log/dovecot.log
log_timestamp = %Y-%m-%d %H:%M:%S
mail_debug = yes
mail_gid = 5000
mail_location = mbox:/var/mail/vhosts/%n/
mail_privileged_group = mail
mail_uid = 5000
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify enviro
nment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf
driver = ldap
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf
driver = ldap
}
plugin {
sieve = file:~/sieve;active=~/.dovecot.sieve
}
postmaster_address = postmaster@example.com
protocols = imap pop3
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
unix_listener auth-userdb {
group = vmail
mode = 0666
user = vmail
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
service stats {
unix_listener stats-reader {
group = vmail
mode = 0660
user = vmail
}
unix_listener stats-writer {
group = vmail
mode = 0660
user = vmail
}
}
ssl = required
ssl_cert = </etc/ssl/certs/ssl-cert-snakeoil.pem
ssl_client_ca_dir = /etc/ssl/certs
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
userdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
userdb {
args = uid=vmail gid=vmail home=/var/mail/vhosts/%u
driver = static
}
userdb {
args = uid=5000 gid=5000 home=/var/mail/vhosts/%Ld/%Lu
driver = static
}
userdb {
args = /etc/dovecot/dovecot-ldap.conf
driver = ldap
}
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
compatibility_level = 2
default_transport = smtp
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
mydestination = localhost.$mydomain, localhost
myhostname = icrd-mail
myorigin = /etc/mailname
queue_directory = /var/spool/postfix
readme_directory = no
recipient_bcc_maps =
recipient_delimiter = +
relay_domains =
relay_recipient_maps =
relayhost =
sender_bcc_maps =
sender_dependent_relayhost_maps =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = example.domaine.com
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:ldap:/etc/postfix/ad_sender_login_maps.cf
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
transport_maps = hash:/etc/postfix/transport
virtual_alias_maps = proxy:ldap:/etc/postfix/ad_virtual_group_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/mail/vhosts
virtual_mailbox_domains = example.domaine.com
virtual_mailbox_maps = proxy:ldap:/etc/postfix/ad_virtual_mailbox_maps.cf
virtual_minimum_uid = 5000
virtual_transport = dovecot
virtual_uid_maps = static:5000
###
Please anyone help me, i've wast my time to found the solution.
Help please.
Thanks
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.