1

Topic: Invalid credentials

==== Required information ====
- iRedMail version (check /etc/iredmail-release):
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- Related log if you're reporting an issue:
====

Dovecot config:
hosts           = 10.1.22.2:389
ldap_version    = 3
auth_bind       = yes
dn              = vmail
dnpass          = Pantufa1
base            = cn=users,dc=almoinha,dc=es
scope           = subtree
deref           = never

# Below two are required by command 'doveadm mailbox ...'
iterate_attrs   = mail=user
iterate_filter  = (&(objectClass=mailUser)(accountStatus=active)(enabledService=m$

user_filter     = (&(objectClass=mailUser)(accountStatus=active)(enabledService=m$
user_attrs      = mail=master_user,mail=user,homeDirectory=home,=mail=maildir:~/M$

# Used for dn lookup
pass_filter     = (&(objectClass=mailUser)(accountStatus=active)(enabledService=m$
pass_attrs      = mail=user,userPassword=password,allowNets=allow_nets
default_pass_scheme = CRYPT

Can some1 explain me what do i put in the dn and dnpassword?
Is the account from my AD or an account on the mail server?
I dont get it...

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Invalid credentials

If you're trying to integrate Active Directory with iRedMail, please follow our tutorial here:
http://www.iredmail.org/docs/active.directory.html

3

Re: Invalid credentials

Hello again, so i decided to recreate the server and I got it to query through ldap but its not giving me results?
What do i need to do? I want to login with any user account that i've created on my AD on the roundcube site
http://prntscr.com/9j3buf

4

Re: Invalid credentials

Aparently i have encountered erros with dovecot
Dec 27 19:50:12 auth: Debug: auth client connected (pid=2720)
Dec 27 19:50:12 auth: Debug: client in: AUTH    1       PLAIN   service=imap    secured   session=ymYof+YnTgB/AAAB        lip=127.0.0.1   rip=127.0.0.1   lport=143rport=52814      resp=AHZtYWlsQGFsbW9pbmhhLmVzAFBhbnR1ZmEx (previous base64 data may contain sensitive data)
Dec 27 19:50:12 auth: Debug: ldap(vmail@almoinha.es,127.0.0.1,<ymYof+YnTgB/AAAB>): bind search: base=cn=Users,dc=almoinha,dc=es filter=(&(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=imapsecured)(|(mail=vmail@almoinha.es)(&(enabledService=shadowaddress)(shadowAddress=vmail@almoinha.es))))
Dec 27 19:50:12 auth: Debug: ldap(vmail@almoinha.es,127.0.0.1,<ymYof+YnTgB/AAAB>): no fields returned by the server
Dec 27 19:50:12 auth: Info: ldap(vmail@almoinha.es,127.0.0.1,<ymYof+YnTgB/AAAB>): unknown user
Dec 27 19:50:14 imap-login: Info: Disconnected (auth failed, 1 attempts in 2 secs): user=<vmail@almoinha.es>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<ymYof+YnTgB/AAAB>
Dec 27 19:50:14 auth: Debug: client passdb out: FAIL    1       user=vmail@almoinha.es

5

Re: Invalid credentials

mecca995 wrote:

Dec 27 19:50:12 auth: Debug: ldap(vmail@almoinha.es,127.0.0.1,<ymYof+YnTgB/AAAB>): bind search: base=cn=Users,dc=almoinha,dc=es filter=(&(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=imapsecured)(|(mail=vmail@almoinha.es)(&(enabledService=shadowaddress)(shadowAddress=vmail@almoinha.es))))

Obviously, AD doesn't have objectClass=mailUser and enabledService attribute name.
Please follow our tutorial strictly:
http://www.iredmail.org/docs/active.directory.html

6

Re: Invalid credentials

Hello again,
thank you for replying.
I got it to work, I can auth using my AD's accounts
but Im getting this error:
Dec 28 14:25:34 imap: Debug: Loading modules from directory: /usr/lib/dovecot/modules
Dec 28 14:25:34 imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib01_acl_plugin.so
Dec 28 14:25:34 imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib02_imap_acl_plugin.so
Dec 28 14:25:34 imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so
Dec 28 14:25:34 imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib11_imap_quota_plugin.so
Dec 28 14:25:34 imap: Debug: Module loaded: /usr/lib/dovecot/modules/lib20_mailbox_alias_plugin.so
Dec 28 14:25:34 imap: Debug: Added userdb setting: mail=maildir:~/Maildir/
Dec 28 14:25:34 imap(vmail@almoinha.es): Debug: Effective uid=2000, gid=2000, home=
Dec 28 14:25:34 imap(vmail@almoinha.es): Error: user vmail@almoinha.es: Initialization failed: userdb didn't return a home directory, but plugin setting sieve_dir used it (%h): %Lh/sieve
Dec 28 14:25:34 imap(vmail@almoinha.es): Error: Invalid user settings. Refer to server log for more information

7

Re: Invalid credentials

Looks like you didn't follow our tutorial strictly. In our tutorial, /etc/dovecot/dovecot-ldap.conf has setting like below:

user_attrs      = =home=/var/vmail/vmail1/%Ld/%Ln/Maildir/,=mail=maildir:/var/vmail/vmail1/%Ld/%Ln/Maildir/

Here, we have a "home" variable.

8

Re: Invalid credentials

Woops i had nothing infront of it
thank you, it now works smile