[tpop3d-discuss] tpop3d + LDAP

Krivosheev Pavel pasha at mts.by
Mon, 09 Jun 2003 17:17:41 +0300


I have: Solaris 9 with tpop3d v.1.4.2 + OpenLdap v.2.1.12 (alredy working)

I do the following:
1)
# ./configure --prefix=/usr/local \
--sysconfdir=/usr/local/etc \
--localstatedir=/usr/local/var \
--mandir=/usr/local/man \
--enable-mbox-bsd \
--enable-auth-ldap \
--enable-dotfile-locking \
--enable-cclient-fcntl \
--with-openldap-root=/var/tmp/openldap-2.1.12/  - here is my dir from 
which I previously installed OpenLdap.

# make

# make install

2) in tpop3d.conf:

listen-address: 10.128.10.3
# mailbox: bsd:/var/mail/$(user)
max-children: 1024
log-facility: mail
timeout-seconds: 300
auth-ldap-enable: yes
auth-ldap-url: ldap://backup:389/dc=mts,dc=by??base?(objectClass=*)
auth-ldap-searchdn: cn=Manager,dc=mts,dc=by
auth-ldap-password: blablabla
auth-ldap-filter: (&(objectclass=MTSperson)(userPassword=*))
auth-ldap-scope: subtree
auth-ldap-mailbox: bsd:/var/mail/$(user)    - my mailboxes in /var/mail/ 
directory
# auth-ldap-mailbox-attr: mail
# auth-ldap-mboxtype-attr: bsd
auth-ldap-mail-user-attr: muser            - in LDAP directory i have
auth-ldap-mail-group-attr: mgroup
#auth-ldap-mail-user: mail
#auth-ldap-mail-group: mail

3) # /usr/local/sbin/tpop3d -f /usr/local/etc/tpop3d.conf -v

4) Example of user from my LDAP

version: 1
dn: cn=spam,dc=mts,dc=by
objectClass: MTSperson
o:: MTS
l:: Minsk
sn:: IA==
telephoneNumber: 7776020, 7576020, 2379820
title:: sysadm
ou:: IT department
muser: spam
mgroup: mail
cn: spam
userPassword: hello                             -  User Password in 
Unencrypted form (i didnt use crypted PASWD)
mail: spam@backup.inside.mts.by

!!! Question !!!

When i connect from Netscape like user spam@mts.by on server "backup" in 
/var/log/mail i saw:

Jun  9 16:15:50 backup tpop3d[15164]: [ID 702911 mail.info] net_loop: 
restarting on signal 1
Jun  9 16:15:50 backup tpop3d[15222]: [ID 702911 mail.info] listening on 
address 10.128.10.3, port 110, domain inside.mts.by
Jun  9 16:15:50 backup tpop3d[15222]: [ID 702911 mail.debug] 
auth_ldap_init: using DN dc=mts,dc=by on backup:389
Jun  9 16:15:50 backup tpop3d[15222]: [ID 702911 mail.info] 1 
authentication drivers successfully loaded
Jun  9 16:15:50 backup tpop3d[15222]: [ID 702911 mail.info] net_loop: 
tpop3d version 1.4.2 successfully started
Jun  9 16:16:11 backup tpop3d[15222]: [ID 702911 mail.debug] 
connection_sendresponse: client [5]10.128.10.113/inside.mts.by: sent 
`+OK <a23394b91acbed832515be78e9f73029@inside.mts.by>'
Jun  9 16:16:11 backup tpop3d[15222]: [ID 702911 mail.info] 
listeners_post_select: client [5]10.128.10.113/inside.mts.by: connected
Jun  9 16:16:11 backup tpop3d[15222]: [ID 702911 mail.debug] 
connection_parsecommand: client [5]10.128.10.113/inside.mts.by: received 
`USER spam'
Jun  9 16:16:11 backup tpop3d[15222]: [ID 702911 mail.debug] 
connection_sendresponse: client [5]10.128.10.113/inside.mts.by: sent 
`+OK Tell me your password.'
Jun  9 16:16:16 backup tpop3d[15222]: [ID 702911 mail.debug] 
connection_parsecommand: client [5]10.128.10.113/inside.mts.by: received 
`PASS [...]'
Jun  9 16:16:16 backup tpop3d[15222]: [ID 702911 mail.debug] 
auth_ldap_new_user_pass: LDAP search filter: 
(&(objectclass=MTSperson)(userPassword=*))
Jun  9 16:16:16 backup tpop3d[15222]: [ID 702911 mail.error] 
auth_ldap_new_user_pass: search returned 8 entries
Jun  9 16:16:16 backup tpop3d[15222]: [ID 702911 mail.debug] 
connection_sendresponse: client [5]10.128.10.113/inside.mts.by: sent 
`-ERR Lies! Try again!'
Jun  9 16:16:16 backup tpop3d[15222]: [ID 702911 mail.error] 
connection_do: client `[5]10.128.10.113/inside.mts.by': username `spam': 
1 authentication failures

!!! Why "authentication failures" IF i enter the RIGHT passwd "hello"
I have user spam with mailbox /var/mail/spam with OWN - spam:mail and 
 MOD - 660 and passwd = hello
When I connect to my LDAP like user "spam" and passwd = hello from other 
applications everything is fine !!!
!!! Please help !!!