Dovecot Active Directory Authentication
Assumes working AD server
# cd /etc/dovecot # cat > dovecot-ldap.conf.ext << __EOF__ hosts = mail.domain.tld dn = administrator@domain.tld dnpass = "adminpass" base = cn=users,dc=domain,dc=tld ldap_version = 3 auth_bind = yes iterate_attrs = userPrincipalName=user iterate_filter = (&(userPrincipalName=*)(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2))) user_filter = (&(userPrincipalName=%u)(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2))) pass_filter = (&(userPrincipalName=%u)(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2))) pass_attrs = userPassword=password default_pass_scheme = CRYPT __EOF__
Add to /etc/dovecot.conf while commenting any other passdb and userdb settings mail_location = maildir:~/Maildir/ passdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext } userdb { driver = static args = uid=89 gid=89 home=/home/vpopmail/domains/%d/%n }
# systemctl restart dovecot