System administration

What is the password change error in roundcube?

Good afternoon! There is a bunch of Openldap + dovecot + postfix + roundcube on Centos7. I configured dovecot + postfix + roundcube authorization through Openldap. I log in without problems in roundcube, outlook, mail is sent and received. But now the task arose to make it so that the password was changed in roundcube. I tried to change the password in the current configuration, I got the error "I can not save the new password. Connection error."
And then began dancing with a tambourine.
The first thing that came to mind was the lack of write permissions for service accounts in openldap, added the ability to write and see passwords - the result is the same (I changed the
type of password encryption through "phpldapadmin",
changed the values ​​in the file (/usr/share/roundcubemail/plugins/password/config.inc.php ) "$config['password_ldap_encodage'] = 'ssha';" (there was both clear and md5 and crypt),
tried adding "default_pass_scheme = CRYPT" to the file "/etc/dovecot/dovecot-ldap.conf.ext"
tried adding "cram-md5" to the file "/etc/dovecot/conf. d/10-auth.conf" in the line "auth_mechanisms = plain login", but then the authorization breaks, maybe it tries to log in through cram-md5.
Nothing useful is written in the logs either (looked at /var/log/maillog)
Help me figure out what the problem is?!
some configs
connecting dovecot /etc/dovecot/dovecot-ldap.conf.ext

hosts = server.com:389
auth_bind = yes
dn = uid=dovecot,ou=services,dc=server,dc=com
dnpass = pass
ldap_version = 3
base = dc=server,dc=com
deref = never
scope = subtree
user_attrs = mailHomeDirectory=home,uidNumber=uid,gidNumber=gid
user_filter = (&(objectClass=PostfixBookMailAccount)(mail=%u))
pass_attrs = mail=user,userPassword=password
pass_filter = (&(objectClass=PostfixBookMailAccount)(mail=%u))

/usr/share/roundcubemail/plugins/password/config.inc.php

$config['password_driver'] = 'ldap';
$config['password_confirm_current'] = true;
$config['password_minimum_length'] = 6;
$config['password_require_nonalpha'] = false;
$config['password_log'] = false;
$config['password_login_exceptions'] = null;
$config['password_hosts'] = null;
$config['password_force_save'] = false;
$config['password_force_new_user'] = false;
$config['password_db_dsn'] = '';
$config['password_query'] = 'SELECT update_passwd(%c, %u)';
$config['password_crypt_hash'] = 'md5';
$config['password_idn_ascii'] = false;
$config['password_dovecotpw_method'] = '';
$config['password_dovecotpw_with_method'] = false;
$config['password_hash_algorithm'] = 'sha1';
$config['password_hash_base64'] = false;
$config['password_blowfish_cost'] = 12;
$config['password_pop_host'] = 'localhost';
$config['password_pop_port'] = 106;
$config['password_saslpasswd_args'] = '';
$config['password_ldap_host'] = 'server.com';
$config['password_ldap_port'] = '389';
$config['password_ldap_starttls'] = false;
$config['password_ldap_version'] = '3';
$config['password_ldap_basedn'] = 'dc=server,dc=com';
$config['password_ldap_method'] = 'user';
$config['password_ldap_adminDN'] = null;
$config['password_ldap_adminPW'] = null;
$config['password_ldap_userDN_mask'] = 'mail=%login';
$config['password_ldap_searchDN'] = 'uid=roundcube,ou=services,dc=server,dc=com';
$config['password_ldap_searchPW'] = 'pass';
$config['password_ldap_search_base'] = 'dc=server,dc=com';
$config['password_ldap_search_filter'] = '(mail=%login)';
$config['password_ldap_encodage'] = 'crypt';
$config['password_ldap_pwattr'] = 'userPassword';
$config['password_ldap_force_replace'] = true;
$config['password_ldap_lchattr'] = 'shadowLastChange';

write to ldap

Запись 1: cn=Олег Михайлов,ou=auto LLC,dc=server,dc=com
dn:: cn=Олег Михайлов,ou=auto LLC,dc=server,dc=com
cn:: Олег Михайлов
givenname:: Олег
mail: [email protected]
objectclass: inetOrgPerson
objectclass: top
objectclass: PostfixBookMailAccount
sn:: Михайлов
userpassword: {SSHA}iLzSGGk7PALysN+Ax+fAXxN6U2agQDje