Re: [SOGo] LDAP problems
nside the any of usersources array you can define the searchfileds. eg.: SearchFieldNames = ( sn, givenName, sAMAccountName, mail, displayName, title ); Thank you! I have added a modified version to my configuration and it works :) -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [SOGo] LDAP problems
What's the content of the ldaprc file? Do you have the same in /etc/ldap/ldap.conf? (wherever it is on your system) :) That solved the problem. I only had placed TLS_CACERT into /root/.ldaprc and not the system wide file. Thanks very much! -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein signature.asc Description: Message signed with OpenPGP using GPGMail
[SOGo] LDAP problems
Hi, I have a running SOGo installation under Ubuntu 12.04.3 LTS. Version 2.0.7-1 I have an external LDAP server, where we have hundreds of contacts stored and I wanted to integrate this into SOGo. Therefor I added a second LDAP instance to /etc/sogo/sogo.conf. The first block is from the main SOGo server and the second block is the external server: SOGoUserSources = ( { CNFieldName = cn; IDFieldName = uid; IMAPLoginFieldName = mail; KindFieldName = Kind; MailFieldNames = ( mail ); MultipleBookingsFieldName = Multiplebookings; UIDFieldName = mail; baseDN = ou=people,dc=deltaweb,dc=de; bindAsCurrentUser = NO; bindDN = cn=proxyuser,dc=deltaweb,dc=de; bindFields = ( mail ); bindPassword = ***; canAuthenticate = YES; displayName = Gemeinsame Adressen; hostname = localhost; id = LDAP; isAddressBook = YES; port = 389; scope = SUB; type = ldap; userPasswordAlgorithm = SSHA; }, { CNFieldName = cn; IDFieldName = uid; UIDFieldName = uid; baseDN = ou=wl,dc=deltaweb,dc=de; bindDN = cn=proxyuser,dc=deltaweb,dc=de; bindPassword = ***; canAuthenticate = NO; displayName = Privatkunden Adressen; hostname = bordergw.deltaweb.de; id = LDAP2; isAddressBook = YES; encryption = STARTTLS; port = 389; scope = SUB; type = ldap; } ); Users can login and they can see the global address book Privatkunden Adressen. But searching does not succeed. Aug 27 18:50:07 sogod [19791]: [ERROR] 0x0x7f2526818480[LDAPSource] Could not bind to the LDAP server bordergw.deltaweb.de (389) using the bind DN: cn=proxyuser,dc=deltaweb,dc=de Aug 27 18:50:07 sogod [19791]: [ERROR] 0x0x7f2526818480[LDAPSource] NSException: 0x7f252697a1d0 NAME:LDAPException REASON:operation startTLS failed: Connect error (0xFFF5) INFO:(null) Trying to contact the LDAP server directly from the command line: ldapsearch -ZZ -h bordergw.deltaweb.de -xWD cn=proxyuser,dc=deltaweb,dc=de -b ou=wl,dc=deltaweb,dc=de Works perfectly. So at the moment I do not know where to look for the mistake I did. The LDAP server certificate is brand new (CAcert). The CA is also included into /etc/ssl/certs/ca-certificates.crt, so I guess SOGo should have a chance to validate the server certificate. At least ldapsearch with a valid ldaprc works. Any suggestions here? Would be so cool, if that worked :) Kind regards -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein signature.asc Description: Message signed with OpenPGP using GPGMail
Re: [SOGo] LDAP problems
On 13-08-27 1:43 PM, Christian Rößner wrote: Aug 27 18:50:07 sogod [19791]: [ERROR] 0x0x7f2526818480[LDAPSource] Could not bind to the LDAP server bordergw.deltaweb.de (389) using the bind DN: cn=proxyuser,dc=deltaweb,dc=de Aug 27 18:50:07 sogod [19791]: [ERROR] 0x0x7f2526818480[LDAPSource] NSException: 0x7f252697a1d0 NAME:LDAPException REASON:operation startTLS failed: Connect error (0xFFF5) INFO:(null) This looks like a certificate error. Trying to contact the LDAP server directly from the command line: ldapsearch -ZZ -h bordergw.deltaweb.de -xWD cn=proxyuser,dc=deltaweb,dc=de -b ou=wl,dc=deltaweb,dc=de Works perfectly. So at the moment I do not know where to look for the mistake I did. The LDAP server certificate is brand new (CAcert). The CA is also included into /etc/ssl/certs/ca-certificates.crt, so I guess SOGo should have a chance to validate the server certificate. At least ldapsearch with a valid ldaprc works. What's the content of the ldaprc file? Do you have the same in /etc/ldap/ldap.conf? (wherever it is on your system) TLS_CACERT should be set to /etc/ssl/certs/ca-certificates.crt. Just for fun, can you set TLS_REQCERT=never in the global ldap.conf and see if the connection works? Any suggestions here? Would be so cool, if that worked -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] LDAP problems
2013-08-27 19:43 keltezéssel, Christian Rößner írta: Hi, I have a running SOGo installation under Ubuntu 12.04.3 LTS. Version 2.0.7-1 I have an external LDAP server, where we have hundreds of contacts stored and I wanted to integrate this into SOGo. Therefor I added a second LDAP instance to /etc/sogo/sogo.conf. The first block is from the main SOGo server and the second block is the external server: SOGoUserSources = ( { CNFieldName = cn; IDFieldName = uid; IMAPLoginFieldName = mail; KindFieldName = Kind; MailFieldNames = ( mail ); MultipleBookingsFieldName = Multiplebookings; UIDFieldName = mail; baseDN = ou=people,dc=deltaweb,dc=de; bindAsCurrentUser = NO; bindDN = cn=proxyuser,dc=deltaweb,dc=de; bindFields = ( mail ); bindPassword = ***; canAuthenticate = YES; displayName = Gemeinsame Adressen; hostname = localhost; id = LDAP; isAddressBook = YES; port = 389; scope = SUB; type = ldap; userPasswordAlgorithm = SSHA; }, { CNFieldName = cn; IDFieldName = uid; UIDFieldName = uid; baseDN = ou=wl,dc=deltaweb,dc=de; bindDN = cn=proxyuser,dc=deltaweb,dc=de; bindPassword = ***; canAuthenticate = NO; displayName = Privatkunden Adressen; hostname = bordergw.deltaweb.de; id = LDAP2; isAddressBook = YES; encryption = STARTTLS; port = 389; scope = SUB; type = ldap; } ); Users can login and they can see the global address book Privatkunden Adressen. But searching does not succeed. Jean answered the second part of your mail, I'll try to answer the first part. :) Inside the any of usersources array you can define the searchfileds. eg.: SearchFieldNames = ( sn, givenName, sAMAccountName, mail, displayName, title ); Could you try this? -- users@sogo.nu https://inverse.ca/sogo/lists