[SOLVED] ldap authentication fails (added '@pmg' suffix)


Active Member
Sep 4, 2018
i have my quarantine authentication configured to use LDAP or Ticket, and setup an LDAP backend (without groups).
When I click on "Users of 'myldap'" in the Configuration/User Management, i can see all the users in a table
DNAccountPrimary Email

However, the users cannot login., and are simply given a popup that says
Login failed: Please try again

In the system logs I see:
Jun 29 09:12:54 pmgdaemon pmgdaemon[875868]: authentication failure; rhost=::ffff: user=foo@example.com@pmg msg=no such user ('foo@example.com@pmg')

Two observations:
  • why does it say 'foo@example.com@pmg'? aka: where does this '@pmg' suffix come from? if PMG is really trying to authenticate with this username, there's little wonder it doesn't work
  • is the IP address of my internal mailserver; not of the LDAP server i told it to use.

How can I allow my users to login via LDAP (e.g. because they've already deleted the ticket-email)
  • Like
Reactions: Stoiko Ivanov
yikes. indeed (and with /quarantine login also succeeds)

but... how should anybody notice the difference?
the two login-screens look identical.

iirc, a couple of years ago i have requested some possibility to adjust the login page (mostly to tell people that they have to use their email-address to login, rather than their username). This would also allow me to direct people (including myself) to the /quarantine login page from the / login page.


The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!