IMAP/POP works fine with webclient (Horde/Roundcube) and other clients (Thunderbird, mobile phones) but when new user tries to log on to Moodle, he/she get access denied.
IMAP logs shows authentication was successfull but Moodle won't let user to log in.
User can read email with other clients fine so IMAP/POP isn't the problem I think.
Moodle version? Server operating system?
Is the moodle server on the very same machine as the imap server?
nmap -P0 -p 143 localhost
or
nmap -P0 -p 993 localhost
There are 4 options to the type of IMAP in a 2.3 version of Moodle:
imap, imapssl, imapcert, imaptls.
Which will your server 'talk'?
Do the imap accounts already exist?
In IMAP config in Moodle:
You can lock user data fields. This is useful for sites where the user data is maintained by the administrators manually by editing user records or uploading using the 'Upload users' facility. If you are locking fields that are required by Moodle, make sure that you provide that data when creating user accounts or the accounts will be unusable.
Consider setting the lock mode to 'Unlocked if empty' to avoid this problem.
'spirit of sharing', Ken
Moodle is 2.4.1. Server is Ubuntu 10.04.4 LTS with Dovecot 1.2.9. I'm trying to use plain IMAP on localhost because I know it to work (with other software even with telnet).
Imap accounts exists. /var/log says
Feb 10 20:30:11 eduwww2 dovecot-auth: pam_winbind(dovecot:auth): getting password (0x00000000)
Feb 10 20:30:11 eduwww2 dovecot-auth: pam_winbind(dovecot:auth): user 'username' granted access
Feb 10 20:30:11 eduwww2 dovecot-auth: pam_winbind(dovecot:account): user 'username' granted access
But Moodle won't let user in. All user filds are unlocked.
Thanks for information. Helps clarify the problem.
To be honest, have never attempted IMAP authentication for Moodle so most of my questions are more 'food for thought' than anything else.
However, that being said, have you turned on debugging in Moodle to see if it says anything?
Think the issue is related to pam_winbind ... ie, PAM. IMAP uses PAM but might not be able to communicate with the Moodle server. Maybe the authentication method should be PAM.
http://docs.moodle.org/22/en/PAM_%28Pluggable_Authentication_Modules%29
'spirit of sharing', Ken
pam-auth is not the answer. I tried to get it working, but I can't find php4-pam which it needs because I use php5. Link in Moodle configuration leads to 404 error page on server which hosted php4-pam.
And Moodle's pam-auth doesn't have any configuration...
In that log file pam-winbind is a module which dovecot uses for authentication.
What does php -m show on your system?
Does php5-auth-pam show in the list?
http://packages.ubuntu.com/search?keywords=php5-auth-pam
'spirit of sharing', Ken
Both command line's and apache2's php has loaded imap- and pam-auth -modules.
I finally turned Debugging on and it says that
Notice: Unknown: Certificate failure for localhost: certificate has expired: /C=XX/ST=There is no such thing outside US/L=Everywhere/O=OCOSA/OU=Office for Complication of Otherwise Simple Affairs/CN=eduwww.edu.local/emailAddress=root@eduwww.edu.local (errflg=2) in Unknown on line 0
Even with plain IMAP with no ssl nor tls! Which sertificate is expired?
And when I renewed self-signed certificates Moodle complains: "Notice: Unknown: Certificate failure for localhost: self signed certificate: /..." EVEN when not using sll nor tls connection.
I think this is a bug.
Now I succeed to make auth to work. Setting IMAP type "imapcert" uses "novalidate-cert" option in imap-authentication.
Confusing. Annoying.
Now I should try to get pam authentication to work.