Re: [SOGo] LDAP/SOGoPasswordChangeEnabled

2012-07-18 Thread Philipp v. Strobl-Albeg 

Hi,

the issue comes back to my desk today.

Steve is right about the openldap Version, BUT ppolicy is also available 
at openldap-servers 2.3:

http://www.openldap.org/software/man.cgi?query=slapo-ppolicyapropos=0sektion=5manpath=OpenLDAP+2.3-Releaseformat=html

The problem is that, there are some bugs in the policy changing 
password. If one don't use that, this should be possible.
As i reread my configs the account for connecting to the ldap-server of 
course needs the right to write ;-)


I don't know if someone has succeded the LDAP/Passwordchange/ppolicy 
with newer sope-ldap or the recent version

(sope49-ldap-4.9-20120601_1664).


Best regards
Philipp

Philipp v. Strobl.-Albeg
Zellerstr. 19
70180 Stuttgart
Tel.  +49 711 1215 8269
Fax.  +49 711 6583 089
Mobil +49 151 27039 710


Am 01.03.2011 20:53, schrieb Stephen Ingram:

Philipp-

Philipp v. Strobl-Albeg wrote:

For now i found an old thread talking about some related issue 
(http://www.mail-archive.com/users@sogo.nu/msg00215.html).


Could please anybody tell me, if i have also a sope-ldap Problem with 
older ldap (2.3) and password change function ?


sope49-ldap-4.9-20110127_1664.el5.1 and 
openldap-servers-2.3.43-12.el5_5.3


I believe you have use a more recent version of openldap that supports 
the ppolicy schema (I think 2.4 minimum). LDAP has to contain the 
appropriate attributes and you have to insert the necessary info in 
the SOGo config, per the manual. You also have to use a different 
sope-ldap package in the inverse repository that supports this 
functionality.


Steve

--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] LDAP/SOGoPasswordChangeEnabled

2011-03-02 Thread Philipp Strobl 

Hi Steve,

thank you very much for your reply.

I agree, but the system will be online/activ in 2 weeks, so better not 
using nightlys ...


Sadly the repo-version of  phpldapadmin (1.0.1) is not secure anymore 
(!1.2) and gossa is a little bit to big for my case.
So i have to wait for the new RC from the sogo-repo and hoping it comes 
with the next release.



Best Regards
Philipp


Am 01.03.2011 20:53, schrieb Stephen Ingram:

Philipp-

Philipp v. Strobl-Albeg wrote:

For now i found an old thread talking about some related issue 
(http://www.mail-archive.com/users@sogo.nu/msg00215.html).


Could please anybody tell me, if i have also a sope-ldap Problem with 
older ldap (2.3) and password change function ?


sope49-ldap-4.9-20110127_1664.el5.1 and 
openldap-servers-2.3.43-12.el5_5.3


I believe you have use a more recent version of openldap that supports 
the ppolicy schema (I think 2.4 minimum). LDAP has to contain the 
appropriate attributes and you have to insert the necessary info in 
the SOGo config, per the manual. You also have to use a different 
sope-ldap package in the inverse repository that supports this 
functionality.


Steve



--
Philipp v. Strobl-Albeg
- PILAKRTO NETWORKS -

Mobil +49 151 270 39710

http://www.pilarkto.net

--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] LDAP/SOGoPasswordChangeEnabled

2011-03-01 Thread Philipp v. Strobl-Albeg 

Hi,

me again.
For now i found an old thread talking about some related issue 
(http://www.mail-archive.com/users@sogo.nu/msg00215.html).


Could please anybody tell me, if i have also a sope-ldap Problem with 
older ldap (2.3) and password change function ?


sope49-ldap-4.9-20110127_1664.el5.1 and openldap-servers-2.3.43-12.el5_5.3





Best Regards and
thank you

Philipp

Am 28.02.2011 13:01, schrieb Philipp Strobl:

Hi,

for some reason, i can't change passord in sogo webui.
When successfully login in and go to preferences, changing password is 
granted as successfully, but log says:


localhost - - [28/Feb/2011:12:29:14 GMT] GET 
/SOGo/so/test/preferences HTTP/1.1 200 14981/0 0.044 61779 75% 64K
localhost - - [28/Feb/2011:12:29:39 GMT] POST /SOGo/so/changePassword 
HTTP/1.1 204 0/163 0.017 - - 8K
Feb 28 12:29:45 sogod [10422]: 0x0x199f6830[WOPasswordField] 
-[WOInput takeValuesFromRequest:inContext:]: form value is not 
settable: 0x0x199f6aa0[WOValueAssociation]: value=
Feb 28 12:29:45 sogod [10422]: 0x0x199f7360[WOPasswordField] 
-[WOInput takeValuesFromRequest:inContext:]: form value is not 
settable: 0x0x199f75d0[WOValueAssociation]: value=
Feb 28 12:29:48 sogod [10422]: [ERROR] 0x199E9920[SOGoMailAccount]:0 
failure. Attempting with a renewed password.
Feb 28 12:29:55 sogod [10422]: [ERROR] 0x199E9920[SOGoMailAccount]:0 
Could not login 't...@pilarkto.org' (blub4) on Sieve server: 
0x0x199bcdf0[NGSieveClient]: socket=NGActiveSocket[0x0x19a344f0]: 
mode=rw address=0x0x197d89a0[NGInternetSocketAddress]: host=localhost 
port=48290 connectedTo=0x0x19d6d4d0[NGInternetSocketAddress]: 
host=localhost port=4190: {RawResponse = {ok = 0; reason = 
\Authentication failed.\; }; result = 0; }
localhost - - [28/Feb/2011:12:29:55 GMT] POST 
/SOGo/so/test/preferences HTTP/1.1 200 293/2031 10.101 - - 24K

==
ldap says:

Feb 28 12:45:24 com6 slapd[27243]: conn=12102 fd=19 ACCEPT from 
IP=127.0.0.1:50444 (IP=0.0.0.0:389)
Feb 28 12:45:24 com6 slapd[27243]: conn=12102 op=0 BIND 
dn=uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net method=128
Feb 28 12:45:24 com6 slapd[27243]: conn=12102 op=0 BIND 
dn=uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net mech=SIMPLE 
ssf=0
Feb 28 12:45:24 com6 slapd[27243]: conn=12102 op=0 RESULT tag=97 err=0 
text=
Feb 28 12:45:24 com6 slapd[27243]: conn=12102 op=1 MOD 
dn=uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net

Feb 28 12:45:24 com6 slapd[27243]: conn=12102 op=1 MOD attr=userPassword
Feb 28 12:45:24 com6 slapd[27243]: conn=12102 op=1 RESULT tag=103 
err=0 text=

Feb 28 12:45:24 com6 slapd[27243]: conn=12102 op=2 UNBIND
Feb 28 12:45:24 com6 slapd[27243]: conn=12102 fd=19 closed
Feb 28 12:45:27 com6 slapd[27243]: conn=12103 fd=19 ACCEPT from 
IP=127.0.0.1:50447 (IP=0.0.0.0:389)
Feb 28 12:45:27 com6 slapd[27243]: conn=12103 op=0 BIND 
dn=uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net method=128
Feb 28 12:45:27 com6 slapd[27243]: conn=12103 op=0 BIND 
dn=uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net mech=SIMPLE 
ssf=0
Feb 28 12:45:27 com6 slapd[27243]: conn=12103 op=0 RESULT tag=97 err=0 
text=
Feb 28 12:45:27 com6 slapd[27243]: conn=12103 op=1 MOD 
dn=uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net

Feb 28 12:45:27 com6 slapd[27243]: conn=12103 op=1 MOD attr=userPassword
Feb 28 12:45:27 com6 slapd[27243]: conn=12103 op=1 RESULT tag=103 
err=0 text=

Feb 28 12:45:27 com6 slapd[27243]: conn=12103 op=2 UNBIND
Feb 28 12:45:27 com6 slapd[27243]: conn=12103 fd=19 closed
Feb 28 12:45:53 com6 slapd[27243]: conn=12104 fd=19 ACCEPT from 
IP=127.0.0.1:50450 (IP=0.0.0.0:389)
Feb 28 12:45:53 com6 slapd[27243]: conn=12104 op=0 BIND 
dn=uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net method=128
Feb 28 12:45:53 com6 slapd[27243]: conn=12104 op=0 BIND 
dn=uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net mech=SIMPLE 
ssf=0
Feb 28 12:45:53 com6 slapd[27243]: conn=12104 op=0 RESULT tag=97 err=0 
text=
Feb 28 12:45:53 com6 slapd[27243]: conn=12104 op=1 MOD 
dn=uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net

Feb 28 12:45:53 com6 slapd[27243]: conn=12104 op=1 MOD attr=userPassword
Feb 28 12:45:53 com6 slapd[27243]: conn=12104 op=1 RESULT tag=103 
err=0 text=

Feb 28 12:45:53 com6 slapd[27243]: conn=12104 op=2 UNBIND
Feb 28 12:45:53 com6 slapd[27243]: conn=12104 fd=19 closed


It seems, that the modification on ldap is working, but password 
(scheme) missmatches.

I'm using sha and  bindasuser for this SoGoSource.
The passwordpolicy is probably not what i want (!?)

Now i can log into the webui (with new password), but there is now 
mail/mailboxes, because IMAP/sieve login failed




Best Regards
Philipp




--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] LDAP/SOGoPasswordChangeEnabled

2011-03-01 Thread Stephen Ingram 

Philipp-

Philipp v. Strobl-Albeg wrote:

For now i found an old thread talking about some related issue 
(http://www.mail-archive.com/users@sogo.nu/msg00215.html).


Could please anybody tell me, if i have also a sope-ldap Problem with 
older ldap (2.3) and password change function ?


sope49-ldap-4.9-20110127_1664.el5.1 and openldap-servers-2.3.43-12.el5_5.3


I believe you have use a more recent version of openldap that supports 
the ppolicy schema (I think 2.4 minimum). LDAP has to contain the 
appropriate attributes and you have to insert the necessary info in the 
SOGo config, per the manual. You also have to use a different sope-ldap 
package in the inverse repository that supports this functionality.


Steve
--
users@sogo.nu
https://inverse.ca/sogo/lists