Hello Peter,
On Fri, 17 Sep 2010 23:16:05 +0200, pete <p...@teamlupus.hu> wrote: > Hello, > > i installed finally the webui, and tried to log in, but the login failed > with ad...@local / admin. A short investigation revealed that the webui > searches this user in the ldap directory. Try also with "clapfrocks" as the password (without the quotes). > I have a built-up directory with existing strucutre and already using the > qmail-ldap schema so i can't simply drop in the file shipped with clapf. > > Examining the supplied qmail.schema, it seems to me that it contains some > additional attributes to the original. I noticed oids starting with > 1.3.6.1.4.1.7914.1.2008 which are probably clapf-specific additions. correct > Probably a typo exists in the schema as oids 1.3.6.1.4.1.7914.1.2.1.17 > (mailsizemax) and 1.3.6.1.4.1.7914.1.2008.1.1 (policygroupid) has the same > description of 'The maximum size of a single messages the user accepts.' you are right, I corrected in my source tree > I patched my schema with the required attributes manually and now i > created > a clapfadmin user (object) in ldap. After fixing permissions, login is > still not > possible. I think it would be better to ship the original qmail.schema file, and create a clapf specific schema which adds like objectClass: clapfUser > There is a short notice on the webui conf page > > "Note 2: the password field is the crypt()'ed password of the given user. > The webui encrypts the plain text password, then stores it to the backend. > " > > As explicitly not said wether it is true for all backends but seems so, > because changing the pw in the directory for clapfadmin to a crypt-ed > hash, it worked. > > As the directory is built and functioning with a lot of services > integrated, all looking for md5 hashed pw-s, now i am in a big trouble.... > Is there a chance, that clapf will support md5, at least in the ldap > backend? Actually the webui uses MD5 for passwords. To verify it, I recommend you to change a password in the webui for user xy, then try to access his other services with the new password. It should work. Best regards, Janos
