Re: [SOGo] Bind LDAP
Le 30/10/2010 à 11:27:36+0200, Bastian Kirchner a écrit Hi. > > the bindPassword is the password of the LDAP account defined in bindDN. The > bindDN is the ldap account SOGo uses for LDAP queries. > Try the following: > - create an LDAP account for sogo (for example > "uid=sogo,ou=People,dc=example,dc=com") > - assign a password to this LDAP account > - use the LDAP account mentioned above as bindDN and the assigned password > as bindPassword > I think, the bindPassword argument is mandatory, but i'm not sure. > Lots of thanks. Butit's not workin. I'm using my own account in the LDAP. And I watch a tcpdump host my_ldap_server I don't see anything packet output (or input). The se-linux is disable and iptables too. Any idea ? Thanks for answering me. Regards. -- Albert SHIH DIO batiment 15 Observatoire de Paris Meudon 5 Place Jules Janssen 92195 Meudon Cedex Téléphone : 01 45 07 76 26/06 86 69 95 71 Heure local/Local time: mar 2 nov 2010 18:05:09 CET -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Bind LDAP
That's exactly what I wanted to explain, but I did not find the right words. Thanks :-) Bastian Kirchner sent from my iPhone Am 30.10.2010 um 11:58 schrieb Martin Rabl : > Hi, > > Am 30.10.2010 um 11:27 schrieb Bastian Kirchner: >> the bindPassword is the password of the LDAP account defined in bindDN. The >> bindDN is the ldap account SOGo uses for LDAP queries. > I'm not so firm with LDAP, but got it run with SOGo ... but I will give it a > try to explain in my words: > > This account (bindUser/bindPassword) is a technical user for connecting to > LDAP. The user authentication will be managed by the technical user after > login with it; it will send the user credentials to the ldap server as a LDAP > query. > > Albert says, they use LDAP for authentication users, I think they use it > directly with bind - when a server accept the given user credentials, the > user is authenticated (a cheap ;-) way for authentication). > > SOGo prefers IMHO the "good" way by let the technical user make a LDAP query > for Auth. > > Hope, what I wrote, is not totally wrong ... ;-)) > > Greetings, > Martin-- > users@sogo.nu > https://inverse.ca/sogo/lists -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Bind LDAP
Hi, Am 30.10.2010 um 11:27 schrieb Bastian Kirchner: > the bindPassword is the password of the LDAP account defined in bindDN. The > bindDN is the ldap account SOGo uses for LDAP queries. I'm not so firm with LDAP, but got it run with SOGo ... but I will give it a try to explain in my words: This account (bindUser/bindPassword) is a technical user for connecting to LDAP. The user authentication will be managed by the technical user after login with it; it will send the user credentials to the ldap server as a LDAP query. Albert says, they use LDAP for authentication users, I think they use it directly with bind - when a server accept the given user credentials, the user is authenticated (a cheap ;-) way for authentication). SOGo prefers IMHO the "good" way by let the technical user make a LDAP query for Auth. Hope, what I wrote, is not totally wrong ... ;-)) Greetings, Martin-- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Bind LDAP
Hi Albert, the bindPassword is the password of the LDAP account defined in bindDN. The bindDN is the ldap account SOGo uses for LDAP queries. Try the following: - create an LDAP account for sogo (for example "uid=sogo,ou=People,dc=example,dc=com") - assign a password to this LDAP account - use the LDAP account mentioned above as bindDN and the assigned password as bindPassword I think, the bindPassword argument is mandatory, but i'm not sure. Regards, Bastian Kirchner Am 30.10.2010 um 11:16 schrieb Albert Shih: > Le 30/10/2010 à 01:04:51+0200, Bastian Kirchner a écrit > Hi. > >> >> I think you should set the following in your SOGoUserSources section: >> >> ... >> bindDN = "cn=,dc=,dc=fr"; >> bindPassword = >> >> >> Replace the values with the right ones depending on your ldap configuration. > > But I don't understand what's bindPassword. Our LDAP is used for > authentication (only) for all server, and the authentication don't need a > password. > > Thanks for you ansers. > > Regards. > > JAS > -- > Albert SHIH > DIO batiment 15 > Observatoire de Paris Meudon > 5 Place Jules Janssen > 92195 Meudon Cedex > Téléphone : 01 45 07 76 26/06 86 69 95 71 > Heure local/Local time: > sam 30 oct 2010 11:14:32 CEST > -- > users@sogo.nu > https://inverse.ca/sogo/lists -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Bind LDAP
Le 30/10/2010 à 01:04:51+0200, Bastian Kirchner a écrit Hi. > > I think you should set the following in your SOGoUserSources section: > > ... > bindDN = "cn=,dc=,dc=fr"; > bindPassword = > > > Replace the values with the right ones depending on your ldap configuration. But I don't understand what's bindPassword. Our LDAP is used for authentication (only) for all server, and the authentication don't need a password. Thanks for you ansers. Regards. JAS -- Albert SHIH DIO batiment 15 Observatoire de Paris Meudon 5 Place Jules Janssen 92195 Meudon Cedex Téléphone : 01 45 07 76 26/06 86 69 95 71 Heure local/Local time: sam 30 oct 2010 11:14:32 CEST -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Bind LDAP
Hi Albert, I think you should set the following in your SOGoUserSources section: ... bindDN = "cn=,dc=,dc=fr"; bindPassword = Replace the values with the right ones depending on your ldap configuration. Regards, Bastian Kirchner sent from my iPhone Am 29.10.2010 um 23:48 schrieb Albert Shih : > bindDN = "dc=,dc=fr"; -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] Bind LDAP
Hi all, I've problem with my configuration of sogo : OS : CentOS 5.5 Install method : yum Configuration file : { NSGlobalDomain = { }; sogod = { SOGoACLsSendEMailNotifications = YES; SOGoAppointmentSendEMailNotifications = YES; SOGoFoldersSendEMailNotifications = YES; OCSEMailAlarmsFolderURL = "postgresql://sogo:x...@database_server:5432/sogo/sogo_alarms_folder"; OCSFolderInfoURL = "postgresql://sogo:xx...@database_server:5432/sogo/sogo_folder_info"; SOGoProfileURL = "postgresql://sogo:xx...@database_server:5432/sogo/sogo_user_profile"; SOGoDraftsFolderName = Drafts; SOGoSentFolderName = Sent; SOGoTrashFolderName = Trash; SOGoImapServer = imap.obspm.fr; SOGoLanguage = French; SOGoMailDomain = obspm.fr; SOGoMailingMechanism = smtp; SOGoSMTPServer = "our_smtp_server"; SOGoTimeZone = Europe/Paris; GCSFolderDebugEnabled = YES; GCSFolderStoreDebugEnabled = YES; LDAPDebugEnabled = YES; OCSFolderManagerSQLDebugEnabled = YES; PGDebugEnabled = YES; SOGoDebugRequests = YES; SOGoDebuggingEnabled = YES; SOGoUIxDebugEnabled = YES; SoDebugObjectTraversal = YES; SoSecurityManagerDebugEnabled = YES; WODontZipResponse = YES; WODebugZipResponse = YES; SOGoUserSources = ( { type = ldap; CNFieldName = displayName; MailFieldName = mail; UIDFieldName = uid; baseDN = "dc=,dc=fr"; bindDN = "dc=,dc=fr"; canAuthenticate = YES; hostname = our_ldap_server_in_FQDN; port = 389; scope = sub; } ); }; } When I restart sogo everything is fine (no complain). But when I try to authenticate through the web server it's not working. I've launch a tcpdump on the sogo server, he event don't initiate a connection to our «our_ldap_server_in_FQDN». What's wrong with my configuration ? Lots of thanks. Regards. JAS NB: First time I come here, but if they are some developer of sogo here, I would like to thanks to him for there work. -- Albert SHIH DIO batiment 15 Observatoire de Paris Meudon 5 Place Jules Janssen 92195 Meudon Cedex Téléphone : 01 45 07 76 26/06 86 69 95 71 Heure local/Local time: ven 29 oct 2010 23:43:39 CEST -- users@sogo.nu https://inverse.ca/sogo/lists