[SOGo] Single baseDN and scope=sub

2013-04-23 Thread Marcio Merlone 

Hi,

I have an OpenLDAP as auth server and addressbook. I have set 
ou=People,dc=foo for users authentication and ou=Aliases,dc=foo for mail 
aliases, and would like to have both as addressbook. On Thunderbird I 
used to set an LDAP addressbook with 
(|(objectClass=mailUser)(objectClass=mailGroup)) as filter, scope=sub 
and dc=foo as baseDN and it works fine.


On SOGo, if I set two usersources like below, auth works fine, but 
sogo-integrator then sets two addressbooks on Thunderbird while it can 
use only one as addressbook:


SOGoUserSources = (
{
.
baseDN = ou=People,dc=foo;
canAuthenticate = YES;
isAddressBook = YES;
..
},
{
.
baseDN = ou=Aliases,dc=foo;
canAuthenticate = YES;
isAddressBook = YES;
.
}
);

If I set only one source it tries to auth like uid=john,dc=foo instead 
of uid=john,ou=People,dc=foo even with scope = sub:


SOGoUserSources = (
{
.
baseDN = dc=foo;
canAuthenticate = YES;
isAddressBook = YES;
scope = sub;
..
}
);

Apr 23 15:38:42 sogod [24792]: 0x0x7f82981c4fe0[LDAPSource] 
NSException: 0x7f82983ab150 NAME:LDAPException REASON:operation bind 
failed: Invalid credentials (0x31) INFO:{login = uid=john,dc=foo; }


Any suggestions?

--
*Marcio Merlone*
TI - Administrador de redes

*A1 Engenharia - Unidade Corporativa*
Fone:   +55 41 3616-3797
Cel:+55 41 9689-0036

http://www.a1.ind.br/ http://www.a1.ind.br
--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Single baseDN and scope=sub

2013-04-23 Thread Jean Raby 

On 13-04-23 3:11 PM, Marcio Merlone wrote:

If I set only one source it tries to auth like uid=john,dc=foo instead of
uid=john,ou=People,dc=foo even with scope = sub:

SOGoUserSources = (
{
 .
 baseDN = dc=foo;
 canAuthenticate = YES;
 isAddressBook = YES;
 scope = sub;
 ..
}
);

Apr 23 15:38:42 sogod [24792]: 0x0x7f82981c4fe0[LDAPSource] NSException:
0x7f82983ab150 NAME:LDAPException REASON:operation bind failed: Invalid
credentials (0x31) INFO:{login = uid=john,dc=foo; }

Any suggestions?

If you want to do that, you'll have to use indirect binds.
Add this to your user source:
  bindFields = (uid);

Sogo should then bind to LDAP using the bindDN and then search the directory for 
uid=username under dc=foo.


Not sure if it will accomplish what you're trying to do, but you should at least 
be able to bind to the directory.


--
Jean Raby
jr...@inverse.ca  ::  +1.514.447.4918 (x120) ::  www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)

--
users@sogo.nu
https://inverse.ca/sogo/lists