Re: [SOGo] Sogo nightly - LDAP authentication doesn't work
On 11/05/12 03:59, Andreas Schlager wrote: bindFields uid You configuration is incorrect. bindFields is an array of strings and must be within your SOGoUserSources' entry. -- Ludovic Marcotte +1.514.755.3630 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Sogo nightly - LDAP authentication doesn't work
Hi Ludovic, http://www.gnustep.org/plist-0_9.xml";> NSGlobalDomain sogod OCSFolderInfoURL mysql://sogo:xx@localhost:3306/sogo/sogo_folder_info OCSSessionsFolderURL mysql://sogo:xx@localhost:3306/sogo/sogo_sessions_folder SOGoACLsSendEMailNotifications YES SOGoAppointmentSendEMailNotifications YES SOGoDraftsFolderName Drafts SOGoFoldersSendEMailNotifications YES SOGoIMAPServer localhost SOGoLanguage German SOGoMailDomain daheim.at SOGoMailingMechanism smtp SOGoProfileURL mysql://sogo:xxx@localhost:3306/sogo/sogo_user_profile SOGoSMTPServer localhost SOGoSentFolderName Sent SOGoSieveServer sieve://localhost SOGoTimeZone Europe/Vienna SOGoTrashFolderName Trash SOGoUserSources CNFieldName cn IDFieldName uid IMAPHostFieldName mailHost UIDFieldName uid baseDN ou=users,dc=daheim,dc=at bindDN cn=admin,dc=daheim,dc=at bindPassword xx canAuthenticate YES displayName Shared Addresses hostname localhost id public isAddressBook YES port 389 type ldap bindFields uid Regards, -Andreas. Am 2012-05-08 22:36, schrieb Ludovic Marcotte: > Show your complete sogod configuration. signature.asc Description: OpenPGP digital signature
Re: [SOGo] Sogo nightly - LDAP authentication doesn't work
Show your complete sogod configuration. -- Ludovic Marcotte :: +1.514.755.3630 Inverse inc. :: http://inverse.ca -Original Message- From: Andreas Schlager Date: Tue, 08 May 2012 22:31:02 To: Reply-To: users@sogo.nu Subject: Re: [SOGo] Sogo nightly - LDAP authentication doesn't work I've updated to latest nightly build and inserted the key "bindFields" as described, but unfortunately still the same result: May 8 22:29:16 srv1 slapd[1699]: conn=1012 fd=21 ACCEPT from IP=127.0.0.1:59681 (IP=0.0.0.0:389) May 8 22:29:16 srv1 slapd[1699]: conn=1012 op=0 BIND dn="uid=aschlager,ou=users,dc=daheim,dc=at" method=128 May 8 22:29:16 srv1 slapd[1699]: conn=1012 op=0 RESULT tag=97 err=49 text= May 8 22:29:16 srv1 slapd[1699]: conn=1012 op=1 UNBIND May 8 22:29:16 srv1 slapd[1699]: conn=1012 fd=21 closed Am 2012-05-08 20:25, schrieb Ludovic Marcotte: > On 05/05/12 21:33, Jean Raby wrote: >> Alright, SOGo is not doing an indirect bind, it tries to bind >> directly as uid=username,baseDN. >> >> From a quick look at the code, it seem that you need to set >> 'bindFields' to tell it to do the inderect bind. >> >> Can you try adding this to you user source: >> bindFields >> >> uid >> > This is indeed the case. > > If you use an indirect bind (so you have defined bindFields), SOGo > will use the bindDN to lookup the DN of the user. If found, it'll then > try to bind using it. > > If you don't use bindFields, SOGo will generate the proper DN based on > your SOGoUserSources' entry configuration and bind using it. > > In both cases, SOGo will cache the DN of the user for subsequent > calls. It caches it internally, not in memcached. So if you want to > completely flush that data, you must restart SOGo. > -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Sogo nightly - LDAP authentication doesn't work
I've updated to latest nightly build and inserted the key "bindFields" as described, but unfortunately still the same result: May 8 22:29:16 srv1 slapd[1699]: conn=1012 fd=21 ACCEPT from IP=127.0.0.1:59681 (IP=0.0.0.0:389) May 8 22:29:16 srv1 slapd[1699]: conn=1012 op=0 BIND dn="uid=aschlager,ou=users,dc=daheim,dc=at" method=128 May 8 22:29:16 srv1 slapd[1699]: conn=1012 op=0 RESULT tag=97 err=49 text= May 8 22:29:16 srv1 slapd[1699]: conn=1012 op=1 UNBIND May 8 22:29:16 srv1 slapd[1699]: conn=1012 fd=21 closed Am 2012-05-08 20:25, schrieb Ludovic Marcotte: > On 05/05/12 21:33, Jean Raby wrote: >> Alright, SOGo is not doing an indirect bind, it tries to bind >> directly as uid=username,baseDN. >> >> From a quick look at the code, it seem that you need to set >> 'bindFields' to tell it to do the inderect bind. >> >> Can you try adding this to you user source: >> bindFields >> >> uid >> > This is indeed the case. > > If you use an indirect bind (so you have defined bindFields), SOGo > will use the bindDN to lookup the DN of the user. If found, it'll then > try to bind using it. > > If you don't use bindFields, SOGo will generate the proper DN based on > your SOGoUserSources' entry configuration and bind using it. > > In both cases, SOGo will cache the DN of the user for subsequent > calls. It caches it internally, not in memcached. So if you want to > completely flush that data, you must restart SOGo. > signature.asc Description: OpenPGP digital signature
Re: [SOGo] Sogo nightly - LDAP authentication doesn't work
Thanks all for your answers. At the moment I'm out of office - but will try this until next week. -Andreas. Am 2012-05-08 20:25, schrieb Ludovic Marcotte: > On 05/05/12 21:33, Jean Raby wrote: >> Alright, SOGo is not doing an indirect bind, it tries to bind >> directly as uid=username,baseDN. >> >> From a quick look at the code, it seem that you need to set >> 'bindFields' to tell it to do the inderect bind. >> >> Can you try adding this to you user source: >> bindFields >> >> uid >> > This is indeed the case. > > If you use an indirect bind (so you have defined bindFields), SOGo > will use the bindDN to lookup the DN of the user. If found, it'll then > try to bind using it. > > If you don't use bindFields, SOGo will generate the proper DN based on > your SOGoUserSources' entry configuration and bind using it. > > In both cases, SOGo will cache the DN of the user for subsequent > calls. It caches it internally, not in memcached. So if you want to > completely flush that data, you must restart SOGo. > signature.asc Description: OpenPGP digital signature
Re: [SOGo] Sogo nightly - LDAP authentication doesn't work
On 05/05/12 21:33, Jean Raby wrote: Alright, SOGo is not doing an indirect bind, it tries to bind directly as uid=username,baseDN. From a quick look at the code, it seem that you need to set 'bindFields' to tell it to do the inderect bind. Can you try adding this to you user source: bindFields uid This is indeed the case. If you use an indirect bind (so you have defined bindFields), SOGo will use the bindDN to lookup the DN of the user. If found, it'll then try to bind using it. If you don't use bindFields, SOGo will generate the proper DN based on your SOGoUserSources' entry configuration and bind using it. In both cases, SOGo will cache the DN of the user for subsequent calls. It caches it internally, not in memcached. So if you want to completely flush that data, you must restart SOGo. -- Ludovic Marcotte +1.514.755.3630 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Sogo nightly - LDAP authentication doesn't work
Alright, SOGo is not doing an indirect bind, it tries to bind directly as uid=username,baseDN. From a quick look at the code, it seem that you need to set 'bindFields' to tell it to do the inderect bind. Can you try adding this to you user source: bindFields uid On 12-05-05 3:08 PM, Andreas Schlager wrote: Hi Jean, I've done a restart of the cache daemons and a fresh start of sogo to see all messages in the syslog and sogo.log. Marked all slapd output in green. I cannot identify a BIND operation with the configured DN 'cn=admin,dc=daheim,dc=at'. root@srv1:/var/log# /etc/init.d/nscd restart; /etc/init.d/nslcd restart; /etc/init.d/sogo start Restarting Name Service Cache Daemon: nscd. Restarting LDAP connection daemon: nslcdMay 5 21:00:47 srv1 slapd[3039]: conn=1001 op=3 UNBIND May 5 21:00:47 srv1 nslcd[3083]: caught signal SIGTERM (15), shutting down May 5 21:00:47 srv1 slapd[3039]: conn=1001 fd=18 closed May 5 21:00:47 srv1 slapd[3039]: conn=1000 op=2 UNBIND May 5 21:00:47 srv1 nslcd[3083]: version 0.7.15 bailing out May 5 21:00:47 srv1 slapd[3039]: conn=1000 fd=13 closed . May 5 21:00:47 srv1 nslcd[3274]: version 0.7.15 starting May 5 21:00:47 srv1 nslcd[3274]: accepting connections . Starting SOGo: sogo May 5 21:00:48 srv1 slapd[3039]: conn=1002 fd=13 ACCEPT from IP=127.0.0.1:44763 (IP=0.0.0.0:389) May 5 21:00:48 srv1 slapd[3039]: conn=1002 op=0 BIND dn="" method=128 May 5 21:00:48 srv1 slapd[3039]: conn=1002 op=0 RESULT tag=97 err=0 text= May 5 21:00:48 srv1 slapd[3039]: conn=1002 op=1 SRCH base="dc=daheim,dc=at" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=sogo))" May 5 21:00:48 srv1 slapd[3039]: conn=1002 op=1 SRCH attr=userPassword cn gidNumber uidNumber loginShell objectClass gecos uid homeDirectory May 5 21:00:48 srv1 slapd[3039]: conn=1002 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= May 5 21:00:49 srv1 slapd[3039]: conn=1003 fd=18 ACCEPT from IP=127.0.0.1:44764 (IP=0.0.0.0:389) May 5 21:00:49 srv1 slapd[3039]: conn=1003 op=0 BIND dn="" method=128 May 5 21:00:49 srv1 slapd[3039]: conn=1003 op=0 RESULT tag=97 err=0 text= May 5 21:00:49 srv1 slapd[3039]: conn=1003 op=1 SRCH base="dc=daheim,dc=at" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=sogo))" May 5 21:00:49 srv1 slapd[3039]: conn=1003 op=1 SRCH attr=uid May 5 21:00:49 srv1 slapd[3039]: conn=1003 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= May 5 21:00:49 srv1 slapd[3039]: conn=1003 op=2 SRCH base="dc=daheim,dc=at" scope=2 deref=0 filter="(&(objectClass=posixGroup)(|(memberUid=sogo)(uniqueMember=cn=sogo user,ou=users,dc=daheim,dc=at)))" May 5 21:00:49 srv1 slapd[3039]: conn=1003 op=2 SRCH attr=cn userPassword memberUid gidNumber uniqueMember May 5 21:00:49 srv1 slapd[3039]: conn=1003 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= May 05 21:00:49 sogod [3351]: version 2.0.0 (build @vizzini.inverse.ca 201205050637) -- starting May 05 21:00:49 sogod [3351]: vmem size check enabled: shutting down app when vmem > 384 MB May 05 21:00:49 sogod [3351]: <0x0x14f48a0[SOGoProductLoader]> SOGo products loaded from '/usr/lib/GNUstep/SOGo': May 05 21:00:49 sogod [3351]: <0x0x14f48a0[SOGoProductLoader]> Appointments.SOGo, ContactsUI.SOGo, AdministrationUI.SOGo, CommonUI.SOGo, MailerUI.SOGo, Contacts.SOGo, MailPartViewers.SOGo, SchedulerUI.SOGo, Mailer.SOGo, MainUI.SOGo, PreferencesUI.SOGo . root@srv1:/var/log# May 05 21:00:49 sogod [3351]: <0x0x169b900[WOWatchDog]> listening on *:2 May 05 21:00:49 sogod [3351]: <0x0x169b900[WOWatchDog]> watchdog process pid: 3351 May 05 21:00:49 sogod [3351]: <0x0x7fc39f06b940[WOWatchDogChild]> watchdog request timeout set to 10 minutes May 05 21:00:49 sogod [3351]: <0x0x169b900[WOWatchDog]> preparing 1 children May 05 21:00:49 sogod [3351]: <0x0x169b900[WOWatchDog]> child spawned with pid 3357 --> now called the sogo webbage and tried to logon as user "aschlager": May 05 21:00:58 sogod [3357]: <0x0x139f580[SOGoCache]> Cache cleanup interval set every 300.00 seconds May 05 21:00:58 sogod [3357]: <0x0x139f580[SOGoCache]> Using host(s) 'localhost' as server(s) 2012-05-05 21:00:58.029 sogod[3357] Note(SoObject): SoDebugKeyLookup is enabled! 2012-05-05 21:00:58.030 sogod[3357] Note(SoObject): SoDebugBaseURL is enabled! 2012-05-05 21:00:58.030 sogod[3357] Note(SoObject): relative base URLs are enabled. 2012-05-05 21:00:58.039 sogod[3357] ERROR(-[NGBundleManager bundleWithPath:]): could not create bundle for path: '/usr/share/GNUstep/Libraries/gnustep-base/Versions/1.20/Resources/SSL.bundle' 2012-05-05 21:00:58.057 sogod[3357] WOCompoundElement: pool embedding is on. 2012-05-05 21:00:58.057 sogod[3357] WOCompoundElement: id logging is on. 2012-05-05 21:00:58.076 sogod[3357] WARNING(-[NSNull(misc) count]): called NSNull -count (returns 0) !!! localhost - - [05/May/2012:21:00:58 GMT] "GET /SOGo/ HTTP/1.1" 200 4245/0 0.076 11795 64% 3M May 5 21:01:01 srv1 slapd[3039]: conn=1004 fd=21 ACCEPT from IP=127.0.0.1:44769 (IP=
Re: [SOGo] Sogo nightly - LDAP authentication doesn't work
Hi Jean, I've done a restart of the cache daemons and a fresh start of sogo to see all messages in the syslog and sogo.log. Marked all slapd output in green. I cannot identify a BIND operation with the configured DN 'cn=admin,dc=daheim,dc=at'. root@srv1:/var/log# /etc/init.d/nscd restart; /etc/init.d/nslcd restart; /etc/init.d/sogo start Restarting Name Service Cache Daemon: nscd. Restarting LDAP connection daemon: nslcdMay 5 21:00:47 srv1 slapd[3039]: conn=1001 op=3 UNBIND May 5 21:00:47 srv1 nslcd[3083]: caught signal SIGTERM (15), shutting down May 5 21:00:47 srv1 slapd[3039]: conn=1001 fd=18 closed May 5 21:00:47 srv1 slapd[3039]: conn=1000 op=2 UNBIND May 5 21:00:47 srv1 nslcd[3083]: version 0.7.15 bailing out May 5 21:00:47 srv1 slapd[3039]: conn=1000 fd=13 closed . May 5 21:00:47 srv1 nslcd[3274]: version 0.7.15 starting May 5 21:00:47 srv1 nslcd[3274]: accepting connections . Starting SOGo: sogo May 5 21:00:48 srv1 slapd[3039]: conn=1002 fd=13 ACCEPT from IP=127.0.0.1:44763 (IP=0.0.0.0:389) May 5 21:00:48 srv1 slapd[3039]: conn=1002 op=0 BIND dn="" method=128 May 5 21:00:48 srv1 slapd[3039]: conn=1002 op=0 RESULT tag=97 err=0 text= May 5 21:00:48 srv1 slapd[3039]: conn=1002 op=1 SRCH base="dc=daheim,dc=at" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=sogo))" May 5 21:00:48 srv1 slapd[3039]: conn=1002 op=1 SRCH attr=userPassword cn gidNumber uidNumber loginShell objectClass gecos uid homeDirectory May 5 21:00:48 srv1 slapd[3039]: conn=1002 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= May 5 21:00:49 srv1 slapd[3039]: conn=1003 fd=18 ACCEPT from IP=127.0.0.1:44764 (IP=0.0.0.0:389) May 5 21:00:49 srv1 slapd[3039]: conn=1003 op=0 BIND dn="" method=128 May 5 21:00:49 srv1 slapd[3039]: conn=1003 op=0 RESULT tag=97 err=0 text= May 5 21:00:49 srv1 slapd[3039]: conn=1003 op=1 SRCH base="dc=daheim,dc=at" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=sogo))" May 5 21:00:49 srv1 slapd[3039]: conn=1003 op=1 SRCH attr=uid May 5 21:00:49 srv1 slapd[3039]: conn=1003 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= May 5 21:00:49 srv1 slapd[3039]: conn=1003 op=2 SRCH base="dc=daheim,dc=at" scope=2 deref=0 filter="(&(objectClass=posixGroup)(|(memberUid=sogo)(uniqueMember=cn=sogo user,ou=users,dc=daheim,dc=at)))" May 5 21:00:49 srv1 slapd[3039]: conn=1003 op=2 SRCH attr=cn userPassword memberUid gidNumber uniqueMember May 5 21:00:49 srv1 slapd[3039]: conn=1003 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= May 05 21:00:49 sogod [3351]: version 2.0.0 (build @vizzini.inverse.ca 201205050637) -- starting May 05 21:00:49 sogod [3351]: vmem size check enabled: shutting down app when vmem > 384 MB May 05 21:00:49 sogod [3351]: <0x0x14f48a0[SOGoProductLoader]> SOGo products loaded from '/usr/lib/GNUstep/SOGo': May 05 21:00:49 sogod [3351]: <0x0x14f48a0[SOGoProductLoader]> Appointments.SOGo, ContactsUI.SOGo, AdministrationUI.SOGo, CommonUI.SOGo, MailerUI.SOGo, Contacts.SOGo, MailPartViewers.SOGo, SchedulerUI.SOGo, Mailer.SOGo, MainUI.SOGo, PreferencesUI.SOGo . root@srv1:/var/log# May 05 21:00:49 sogod [3351]: <0x0x169b900[WOWatchDog]> listening on *:2 May 05 21:00:49 sogod [3351]: <0x0x169b900[WOWatchDog]> watchdog process pid: 3351 May 05 21:00:49 sogod [3351]: <0x0x7fc39f06b940[WOWatchDogChild]> watchdog request timeout set to 10 minutes May 05 21:00:49 sogod [3351]: <0x0x169b900[WOWatchDog]> preparing 1 children May 05 21:00:49 sogod [3351]: <0x0x169b900[WOWatchDog]> child spawned with pid 3357 --> now called the sogo webbage and tried to logon as user "aschlager": May 05 21:00:58 sogod [3357]: <0x0x139f580[SOGoCache]> Cache cleanup interval set every 300.00 seconds May 05 21:00:58 sogod [3357]: <0x0x139f580[SOGoCache]> Using host(s) 'localhost' as server(s) 2012-05-05 21:00:58.029 sogod[3357] Note(SoObject): SoDebugKeyLookup is enabled! 2012-05-05 21:00:58.030 sogod[3357] Note(SoObject): SoDebugBaseURL is enabled! 2012-05-05 21:00:58.030 sogod[3357] Note(SoObject): relative base URLs are enabled. 2012-05-05 21:00:58.039 sogod[3357] ERROR(-[NGBundleManager bundleWithPath:]): could not create bundle for path: '/usr/share/GNUstep/Libraries/gnustep-base/Versions/1.20/Resources/SSL.bundle' 2012-05-05 21:00:58.057 sogod[3357] WOCompoundElement: pool embedding is on. 2012-05-05 21:00:58.057 sogod[3357] WOCompoundElement: id logging is on. 2012-05-05 21:00:58.076 sogod[3357] WARNING(-[NSNull(misc) count]): called NSNull -count (returns 0) !!! localhost - - [05/May/2012:21:00:58 GMT] "GET /SOGo/ HTTP/1.1" 200 4245/0 0.076 11795 64% 3M May 5 21:01:01 srv1 slapd[3039]: conn=1004 fd=21 ACCEPT from IP=127.0.0.1:44769 (IP=0.0.0.0:389) May 5 21:01:01 srv1 slapd[3039]: conn=1004 op=0 BIND dn="uid=aschlager,ou=users,dc=daheim,dc=at" method=128 May 5 21:01:01 srv1 slapd[3039]: conn=1004 op=0 RESULT tag=97 err=49 text= May 5 21:01:01 srv1 slapd[3039]: conn=1004 op=1 UNBIND May 05 21:01:01 sogod [3357]: SOGoRootPage Login for user 'aschlager' might not have worked - pa
Re: [SOGo] Sogo nightly - LDAP authentication doesn't work
On 12-05-05 11:02 AM, Andreas Schlager wrote: Hi list, I've investigated a little bit and IMHO the sogo nightly build tries to uses the username which wants to login to BIND to the directory, and not the bindDN directive. Here's the sogo config: SOGoUserSources CNFieldName cn IDFieldName uid IMAPHostFieldName mailHost UIDFieldName uid baseDN ou=users,dc=daheim,dc=at bindDN cn=admin,dc=daheim,dc=at bindPassword mysecretpw canAuthenticate YES displayName Shared Addresses hostname localhost id public isAddressBook YES port 389 type ldap Any idea how to resolve this? This is strange, you don't see any ldap bind for 'cn=admin,dc=daheim,dc=at' in the slapd logs? I find it surprising that sogo tries to bind as "uid=aschlager,dc=daheim,dc=at" since the config file sets a baseDN of 'ou=users,dc=daheim,dc=at' ... something is fishy here. Regards, -Andreas. Am 2012-05-04 19:18, schrieb Andreas Schlager: Hi list, I'm trying to configure LDAP auth. with sogo - but get struggling. OS authentication works well, but login via webinterfaces gives this errors in the logs: May 4 19:15:42 srv1 slapd[4632]: conn=1014 fd=13 ACCEPT from IP=127.0.0.1:33247 (IP=0.0.0.0:389) May 4 19:15:42 srv1 slapd[4632]: conn=1014 op=0 BIND dn="uid=aschlager,dc=daheim,dc=at" method=128 May 4 19:15:42 srv1 slapd[4632]: conn=1014 op=0 RESULT tag=97 err=49 text= May 04 19:15:42 sogod [4960]: SOGoRootPage Login for user 'aschlager' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0 May 4 19:15:42 srv1 slapd[4632]: conn=1014 op=1 UNBIND May 4 19:15:42 srv1 slapd[4632]: conn=1014 fd=13 closed Any help higlhly appreciated. -Andreas. -- Jean Raby jr...@inverse.ca :: +1.514.447.4918 (x120) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Sogo nightly - LDAP authentication doesn't work
Hi list, I've investigated a little bit and IMHO the sogo nightly build tries to uses the username which wants to login to BIND to the directory, and not the bindDN directive. Here's the sogo config: SOGoUserSources CNFieldName cn IDFieldName uid IMAPHostFieldName mailHost UIDFieldName uid baseDN ou=users,dc=daheim,dc=at bindDN cn=admin,dc=daheim,dc=at bindPassword mysecretpw canAuthenticate YES displayName Shared Addresses hostname localhost id public isAddressBook YES port 389 type ldap Any idea how to resolve this? Regards, -Andreas. Am 2012-05-04 19:18, schrieb Andreas Schlager: > Hi list, > > I'm trying to configure LDAP auth. with sogo - but get struggling. > OS authentication works well, but login via webinterfaces gives this > errors in the logs: > > > May 4 19:15:42 srv1 slapd[4632]: conn=1014 fd=13 ACCEPT from > IP=127.0.0.1:33247 (IP=0.0.0.0:389) > May 4 19:15:42 srv1 slapd[4632]: conn=1014 op=0 BIND > dn="uid=aschlager,dc=daheim,dc=at" method=128 > May 4 19:15:42 srv1 slapd[4632]: conn=1014 op=0 RESULT tag=97 err=49 > text= > May 04 19:15:42 sogod [4960]: SOGoRootPage Login for user 'aschlager' > might not have worked - password policy: 65535 grace: -1 expire: -1 > bound: 0 > May 4 19:15:42 srv1 slapd[4632]: conn=1014 op=1 UNBIND > May 4 19:15:42 srv1 slapd[4632]: conn=1014 fd=13 closed > > Any help higlhly appreciated. > > -Andreas. signature.asc Description: OpenPGP digital signature
Re: [SOGo] Sogo nightly - LDAP authentication doesn't work
Hi skywalk3r, sorry - I didn't mentioned it: I'm using OpenLDAP 2.4 which is running on the same system together with sogo. Am 2012-05-04 19:50, schrieb skywalk3r: > Dne 5/4/2012 7:40 PM, skywalk3r napsal(a): >> Dne 5/4/2012 7:18 PM, Andreas Schlager napsal(a): >>> [snip] >> Hello, if you are using Active Directory (MS) you have to use >> cn=aschlager or ou=aschlager (if your users are stored in >> organization group) or use only dc=daheim,dc=at if you are using more OU > oh sorry i didnt notice BIND dn line.. cn=username, cn=Users, > dc=domain,dc=tld works for me if username is in Users container. signature.asc Description: OpenPGP digital signature
Re: [SOGo] Sogo nightly - LDAP authentication doesn't work
Dne 5/4/2012 7:40 PM, skywalk3r napsal(a): > Dne 5/4/2012 7:18 PM, Andreas Schlager napsal(a): >> Hi list, >> >> I'm trying to configure LDAP auth. with sogo - but get struggling. >> OS authentication works well, but login via webinterfaces gives this >> errors in the logs: >> >> >> May 4 19:15:42 srv1 slapd[4632]: conn=1014 fd=13 ACCEPT from >> IP=127.0.0.1:33247 (IP=0.0.0.0:389) >> May 4 19:15:42 srv1 slapd[4632]: conn=1014 op=0 BIND >> dn="uid=aschlager,dc=daheim,dc=at" method=128 >> May 4 19:15:42 srv1 slapd[4632]: conn=1014 op=0 RESULT tag=97 err=49 >> text= >> May 04 19:15:42 sogod [4960]: SOGoRootPage Login for user 'aschlager' >> might not have worked - password policy: 65535 grace: -1 expire: >> -1 bound: 0 >> May 4 19:15:42 srv1 slapd[4632]: conn=1014 op=1 UNBIND >> May 4 19:15:42 srv1 slapd[4632]: conn=1014 fd=13 closed >> >> Any help higlhly appreciated. >> >> -Andreas. > > Hello, if you are using Active Directory (MS) you have to use > cn=aschlager or ou=aschlager (if your users are stored in organization > group) or use only dc=daheim,dc=at if you are using more OU oh sorry i didnt notice BIND dn line.. cn=username, cn=Users, dc=domain,dc=tld works for me if username is in Users container. -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Sogo nightly - LDAP authentication doesn't work
Dne 5/4/2012 7:18 PM, Andreas Schlager napsal(a): > Hi list, > > I'm trying to configure LDAP auth. with sogo - but get struggling. > OS authentication works well, but login via webinterfaces gives this > errors in the logs: > > > May 4 19:15:42 srv1 slapd[4632]: conn=1014 fd=13 ACCEPT from > IP=127.0.0.1:33247 (IP=0.0.0.0:389) > May 4 19:15:42 srv1 slapd[4632]: conn=1014 op=0 BIND > dn="uid=aschlager,dc=daheim,dc=at" method=128 > May 4 19:15:42 srv1 slapd[4632]: conn=1014 op=0 RESULT tag=97 err=49 > text= > May 04 19:15:42 sogod [4960]: SOGoRootPage Login for user 'aschlager' > might not have worked - password policy: 65535 grace: -1 expire: -1 > bound: 0 > May 4 19:15:42 srv1 slapd[4632]: conn=1014 op=1 UNBIND > May 4 19:15:42 srv1 slapd[4632]: conn=1014 fd=13 closed > > Any help higlhly appreciated. > > -Andreas. Hello, if you are using Active Directory (MS) you have to use cn=aschlager or ou=aschlager (if your users are stored in organization group) or use only dc=daheim,dc=at if you are using more OU -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] Sogo nightly - LDAP authentication doesn't work
Hi list, I'm trying to configure LDAP auth. with sogo - but get struggling. OS authentication works well, but login via webinterfaces gives this errors in the logs: May 4 19:15:42 srv1 slapd[4632]: conn=1014 fd=13 ACCEPT from IP=127.0.0.1:33247 (IP=0.0.0.0:389) May 4 19:15:42 srv1 slapd[4632]: conn=1014 op=0 BIND dn="uid=aschlager,dc=daheim,dc=at" method=128 May 4 19:15:42 srv1 slapd[4632]: conn=1014 op=0 RESULT tag=97 err=49 text= May 04 19:15:42 sogod [4960]: SOGoRootPage Login for user 'aschlager' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0 May 4 19:15:42 srv1 slapd[4632]: conn=1014 op=1 UNBIND May 4 19:15:42 srv1 slapd[4632]: conn=1014 fd=13 closed Any help higlhly appreciated. -Andreas. signature.asc Description: OpenPGP digital signature