Hi,
Thank you for the tips !!!!
I found the solution !!!!!!!! Yes in the script rcabook-setup.sh there is
not the creation of single users for private addressbook !!!
So I made a script ( rc_create_user.sh) that create users in ldap server for
private addressbook. This script must run for each ldap users.
#!/bin/bash
# Parameters : USER PASSWORD
# example : rc_create_user.sh mark xxxx
#
#------------ parameters start --------------------------------
if [ $# -lt 2 ] ; then
echo "ERROR - Number of parameters is wrong. Example: rc_create_user.sh
user password"
exit 1
fi
abook_user=$1;
abook_pass=$2;
#------------ parameters end --------------------------------
#------------ configuration start --------------------------------
server="ldap://localhost:389";;
suffix="dc=localhost";
rootdn="cn=admin,$suffix";
abook_name="rcabook";
subdir_public="public";
subdir_private="private";
base_dn="ou=$subdir_private,ou=$abook_name,$suffix";
bind_dn="cn=$abook_user,$base_dn";
bind_pass="$abook_pass";
#------------ configuration end --------------------------------
echo "
dn: $bind_dn
cn: $abook_user
userPassword: `slappasswd -s $abook_pass`
objectClass: organizationalRole
objectClass: simpleSecurityObject
" | ldapadd -x -c -H $server -D $rootdn -W 2> /dev/null ||
{ echo "ERROR-unable to create user!"; exit 1; };
>----Messaggio originale----
>Da: [email protected]
>Data: 05/03/2012 20.03
>A: "[email protected]"<[email protected]>, "Roundcube Users mailing list"
<[email protected]>
>Ogg: Re: [RCU] R: Re: Ldap Addressbook : problem for credentials in private
addressbook
>
>Well. the script was written before private abooks was added... ACL is not
checked for that yet
>But have you created the user? Can you show the output of ldapsearch?
>I have not yet scanned yor slapd log... will do that at home
>
>Andreas
>
>
>
>"[email protected]" <[email protected]> schrieb:
>
>>Hi All,
>>
>> thanks for the answers !!!
>>
>>I made other tests :
>>
>>If I try this : ldapsearch -xLLL -H ldap://localhost:389 -D cn=rcuser,
>>ou=rcabook,dc=localhost -w rcpass -b ou=rcabook,dc=localhost
>>it works fine.
>>
>>If I try this : ldapsearch -xLLL -H ldap://localhost:389 -D cn=mark,
>>ou=private,ou=rcabook,dc=localhost -w xxxx
>>It answer : ldap_bind: Invalid credentials (49),
>>so I think that there is an ACL problem.
>>
>>I think that there is an error in the script rcabook-setup.sh.
>>
>>I did run and run again the script rcabook-setup.sh, it doesn't return
>>errors and it said :
>>The LDAP addressbook is ready now for using:
>> base_dn: ou=rcabook,dc=localhost
>> bind_dn: cn=rcuser,ou=rcabook,dc=localhost
>>
>>Use the following command for reading and checking your setup:
>> ldapsearch -xLLL -H ldap://localhost:389 -D cn=rcuser,ou=rcabook,
>>dc=localhost -w rcpass -b ou=rcabook,dc=localhost
>>
>>I report my ldap.log with the debug of ldap server :
>>
>>daemon: activity on:
>>slap_listener_activate(7):
>>daemon: epoll: listen=7 busy
>>daemon: epoll: listen=8 active_threads=0 tvp=zero
>>>>> slap_listener(ldap:///)
>>daemon: listen=7, new connection on 13
>>daemon: activity on 1 descriptor
>>daemon: activity on:
>>daemon: epoll: listen=7 active_threads=0 tvp=zero
>>daemon: epoll: listen=8 active_threads=0 tvp=zero
>>daemon: added 13r (active) listener=(nil)
>>daemon: activity on 1 descriptor
>>conn=21 fd=13 ACCEPT from IP=127.0.0.1:45320 (IP=0.0.0.0:389)
>>daemon: activity on: 13r
>>daemon: read active on 13
>>daemon: epoll: listen=7 active_threads=0 tvp=zero
>>connection_get(13)
>>daemon: epoll: listen=8 active_threads=0 tvp=zero
>>connection_get(13): got connid=21
>>connection_read(13): checking for input on id=21
>>ber_get_next
>>ldap_read: want=8, got=8
>>0000: 30 84 00 00 00 3e 02 01 0....>..
>>
>>ldap_read: want=60, got=60
>>0000: 01 60 84 00 00 00 35 02 01 03 04 2a 63 6e 3d 6d
>>.`....5....*cn=m
>>0010: 61 72 6b 2c 6f 75 3d 70 72 69 76 61 74 65 2c 6f
>>ark,ou=private,o
>>0020: 75 3d 72 63 61 62 6f 6f 6b 2c 64 63 3d 6c 6f 63
>>u=rcabook,dc=loc
>>0030: 61 6c 68 6f 73 74 80 04 78 78 78 78 alhost..xxxx
>>
>>ber_get_next: tag 0x30 len 62 contents:
>>ber_dump: buf=0xa0b040a8 ptr=0xa0b040a8 end=0xa0b040e6 len=62
>>0000: 02 01 01 60 84 00 00 00 35 02 01 03 04 2a 63 6e
>>...`....5....*cn
>>0010: 3d 6d 61 72 6b 2c 6f 75 3d 70 72 69 76 61 74 65
>>=mark,ou=private
>>0020: 2c 6f 75 3d 72 63 61 62 6f 6f 6b 2c 64 63 3d 6c
>>,ou=rcabook,dc=l
>>0030: 6f 63 61 6c 68 6f 73 74 80 04 78 78 78 78
>>ocalhost..xxxx
>>op tag 0x60, time 1330963449
>>ber_get_next
>>ldap_read: want=8 error=Resource temporarily unavailable
>>conn=21 op=0 do_bind
>>ber_scanf fmt ({imt) ber:
>>ber_dump: buf=0xa0b040a8 ptr=0xa0b040ab end=0xa0b040e6 len=59
>>0000: 60 84 00 00 00 35 02 01 03 04 2a 63 6e 3d 6d 61
>>`....5....*cn=ma
>>0010: 72 6b 2c 6f 75 3d 70 72 69 76 61 74 65 2c 6f 75
>>rk,ou=private,ou
>>0020: 3d 72 63 61 62 6f 6f 6b 2c 64 63 3d 6c 6f 63 61
>>=rcabook,dc=loca
>>0030: 6c 68 6f 73 74 80 04 78 78 78 78 lhost..xxxx
>>
>>ber_scanf fmt (m}) ber:
>>ber_dump: buf=0xa0b040a8 ptr=0xa0b040e0 end=0xa0b040e6 len=6
>>0000: 00 04 78 78 78 78 ..xxxx
>>
>>>>> dnPrettyNormal: <cn=mark,ou=private,ou=rcabook,dc=localhost>
>>=> ldap_bv2dn(cn=mark,ou=private,ou=rcabook,dc=localhost,0)
>><= ldap_bv2dn(cn=mark,ou=private,ou=rcabook,dc=localhost)=0
>>=> ldap_dn2bv(272)
>><= ldap_dn2bv(cn=mark,ou=private,ou=rcabook,dc=localhost)=0
>>=> ldap_dn2bv(272)
>><= ldap_dn2bv(cn=mark,ou=private,ou=rcabook,dc=localhost)=0
>><<< dnPrettyNormal: <cn=mark,ou=private,ou=rcabook,dc=localhost>,
>><cn=mark,
>>ou=private,ou=rcabook,dc=localhost>
>>conn=21 op=0 BIND dn="cn=mark,ou=private,ou=rcabook,dc=localhost"
>>method=128
>>do_bind: version=3 dn="cn=mark,ou=private,ou=rcabook,dc=localhost"
>>method=128
>>==> bdb_bind: dn: cn=mark,ou=private,ou=rcabook,dc=localhost
>>bdb_dn2entry("cn=mark,ou=private,ou=rcabook,dc=localhost")
>>=> bdb_dn2id("cn=mark,ou=private,ou=rcabook,dc=localhost")
>><= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found
>>(-30988)
>>send_ldap_result: conn=21 op=0 p=3
>>send_ldap_result: err=49 matched="" text=""
>>send_ldap_response: msgid=1 tag=97 err=49
>>ber_flush2: 22 bytes to sd 13
>>0000: 30 84 00 00 00 10 02 01 01 61 84 00 00 00 07 0a
>>0........a......
>>0010: 01 31 04 00 04 00 .1....
>>
>>ldap_write: want=22, written=22
>>0000: 30 84 00 00 00 10 02 01 01 61 84 00 00 00 07 0a
>>0........a......
>>0010: 01 31 04 00 04 00 .1....
>>
>>conn=21 op=0 RESULT tag=97 err=49 text=
>>daemon: activity on 1 descriptor
>>daemon: activity on:
>>daemon: epoll: listen=7 active_threads=0 tvp=zero
>>daemon: epoll: listen=8 active_threads=0 tvp=zero
>>daemon: activity on 1 descriptor
>>daemon: activity on: 13r
>>daemon: read active on 13
>>daemon: epoll: listen=7 active_threads=0 tvp=zero
>>connection_get(13)
>>daemon: epoll: listen=8 active_threads=0 tvp=zero
>>connection_get(13): got connid=21
>>connection_read(13): checking for input on id=21
>>ber_get_next
>>ldap_read: want=8, got=0
>>
>>ber_get_next on fd 13 failed errno=0 (Success)
>>connection_read(13): input error=-2 id=21, closing.
>>connection_closing: readying conn=21 sd=13 for close
>>connection_close: conn=21 sd=13
>>daemon: activity on 1 descriptor
>>daemon: removing 13
>>daemon: activity on:
>>conn=21 fd=13 closed (connection lost)
>>daemon: epoll: listen=7 active_threads=0 tvp=zero
>>daemon: epoll: listen=8 active_threads=0 tvp=zero
>>
>>
>>
>>Thanks a lot
>>Mark
>>
>>>----Messaggio originale----
>>>Da: [email protected]
>>>Data: 05/03/2012 14.09
>>>A: "[email protected]"<[email protected]>, <[email protected]>
>>>Ogg: Re: [RCU] Ldap Addressbook : problem for credentials in private
>>addressbook
>>>
>>>Hei
>>>I am i ski hollydays and have not my setup in front.
>>>
>>>Your setup seems ok, but can you try to connect with ldapsearch on the
>>
>>commandline?
>>>Another try could be to switch on logging in slapd.conf
>>>Ldap.conf is not used by server but by clients like ldapsearch...
>>>
>>>Andreas
>>>
>>>
>>>
>>>"[email protected]" <[email protected]> schrieb:
>>>
>>>>Hi All,
>>>>
>>>>I configured the ldap server and roundcube to manage contacts. I used
>>>>the
>>>>howto : http://trac.roundcube.net/wiki/Howto_Ldap. It work quite, I
>>>>have only
>>>>a problem for credentials in private addressbook. The public
>>>>addressbook works
>>>>fine, I can search and add contacts.
>>>>
>>>>I checked the Mark's password and it is correct. I tried to use
>>rootpw
>>>>but it
>>>>doesn't works.
>>>>
>>>>My versions are :
>>>>openldap-servers-2.4.19-6
>>>>php-5.3.3-1
>>>>roundcube 0.7.1
>>>>
>>>>I report the error in ldap log of rouncube, my slapd.conf and my
>>>>main.inc.php.
>>>>
>>>>Thanks a lot
>>>>
>>>>Mark
>>>>
>>>>--------------------------------
>>>>logs/ldap :
>>>>
>>>>[05-Mar-2012 10:09:01 +0100]: C: Connect [localhost:389]
>>>>[05-Mar-2012 10:09:01 +0100]: S: OK
>>>>[05-Mar-2012 10:09:01 +0100]: C: Bind [dn:
>>>>cn=mark,ou=private,ou=rcabook,
>>>>dc=localhost] [pass: xxxx]
>>>>[05-Mar-2012 10:09:01 +0100]: S: Invalid credentials
>>>>[05-Mar-2012 10:09:01 +0100]: C: Close
>>>>
>>>>
>>>>[05-Mar-2012 10:14:24 +0100]: C: Connect [localhost:389]
>>>>[05-Mar-2012 10:14:24 +0100]: S: OK
>>>>[05-Mar-2012 10:14:24 +0100]: C: Bind [dn:
>>>>cn=mark,ou=private,ou=rcabook,
>>>>dc=localhost] [pass: xxxx]
>>>>[05-Mar-2012 10:14:24 +0100]: S: Invalid credentials
>>>>[05-Mar-2012 10:14:24 +0100]: C: Close
>>>>[05-Mar-2012 10:27:42 +0100]: C: Connect [localhost:389]
>>>>[05-Mar-2012 10:27:42 +0100]: S: OK
>>>>[05-Mar-2012 10:27:42 +0100]: C: Bind [dn:
>>>>cn=mark,ou=private,ou=rcabook,
>>>>dc=localhost] [pass: xxxx]
>>>>[05-Mar-2012 10:27:42 +0100]: S: Invalid credentials
>>>>[05-Mar-2012 10:27:42 +0100]: C: Close
>>>>[05-Mar-2012 10:27:52 +0100]: C: Connect [localhost:389]
>>>>[05-Mar-2012 10:27:52 +0100]: S: OK
>>>>[05-Mar-2012 10:27:52 +0100]: C: Bind [dn:
>>>>cn=mark,ou=private,ou=rcabook,
>>>>dc=localhost] [pass: xxxx]
>>>>[05-Mar-2012 10:27:52 +0100]: S: Invalid credentials
>>>>[05-Mar-2012 10:27:52 +0100]: C: Add [dn:
>>[email protected],cn=mark,
>>>>ou=private,ou=rcabook,dc=localhost]: Array
>>>>(
>>>> [cn] => ssssssss sss
>>>> [sn] => sss
>>>> [givenname] => ssssssss
>>>> [mail] => [email protected]
>>>> [objectClass] => Array
>>>> (
>>>> [0] => top
>>>> [1] => inetOrgPerson
>>>> )
>>>>
>>>>)
>>>>
>>>>[05-Mar-2012 10:27:52 +0100]: S: Strong(er) authentication required
>>>>[05-Mar-2012 10:27:52 +0100]: C: Close
>>>>------------------------------------------------------------
>>>>config/main.inc.php
>>>>
>>>>$rcmail_config['ldap_public']['public'] = array(
>>>> 'name' => 'Public LDAP Addressbook',
>>>> 'hosts' => array('localhost'),
>>>> 'use_tls' =>
>_______________________________________________
>Roundcube Users mailing list
>[email protected]
>http://lists.roundcube.net/mailman/listinfo/users
>
_______________________________________________
Roundcube Users mailing list
[email protected]
http://lists.roundcube.net/mailman/listinfo/users
