|
Am 27.02.2013 11:20, schrieb Dario
Carbone:
Il 27/02/2013 11:05, Christian Mack
ha scritto:
Hello Dario Carbone
Am 2013-02-26 16:21, schrieb Dario Carbone:
Il 26/02/2013 14:59, Christian Mack ha scritto:
Am 2013-02-26 10:27, schrieb Dario Carbone:
Here my .GNUstepDefaults :
<dict>
<key>CNFieldName</key>
<string>cn</string>
<key>IDFieldName</key>
<string>uid</string>
<key>MailFieldNames</key>
<string>(mail,)</string>
<key>SOGoLDAPQueryTimeout</key>
<string>20</string>
<key>UIDFieldName</key>
<string>uid</string>
<key>baseDN</key>
<string>dc=primeur,dc=com</string>
<key>bindFields</key>
<array>
<string>uid</string>
</array>
<key>canAuthenticate</key>
<string>NO</string>
<key>displayName</key>
<string>Primeur Global</string>
<key>filter</key>
<string>
(memberOf='cn=AddressBook,ou=Groups,dc=primeur,dc=com')</string>
<key>hostname</key>
<string>192.168.20.115</string>
<key>id</key>
<string>Primeur_LDAP</string>
<key>isAddressBook</key>
<string>YES</string>
<key>passwordPolicy</key>
<string>NO</string>
<key>port</key>
<string>389</string>
<key>scope</key>
<string>SUB</string>
<key>type</key>
<string>ldap</string>
</dict>
I've created a group on OpenLDAP and addess some users, but on the slapd
log i've undefined filter. see the log :
ldapserver:/var/log # cat messages | grep conn=2843622
Feb 26 10:23:31 atlante slapd[10022]: conn=2843622 fd=65 ACCEPT from
IP=192.168.20.115:43613 (IP=0.0.0.0:389)
Feb 26 10:23:31 atlante slapd[10022]: conn=2843622 op=0 BIND dn=""
method=128t
Feb 26 10:23:31 atlante slapd[10022]: conn=2843622 op=0 RESULT tag=97
err=0 text=
Feb 26 10:23:31 atlante slapd[10022]: *conn=2843622 op=1 SRCH
base="dc=primeur,dc=com" scope=2 deref=0 filter="(&(cn=*)(?=undefined))"*
Feb 26 10:23:31 atlante slapd[10022]: conn=2843622 op=1 SRCH attr=*
Feb 26 10:23:31 atlante slapd[10022]: conn=2843622 op=1 SEARCH RESULT
tag=101 err=0 nentries=0 text=
Feb 26 10:23:31 atlante slapd[10022]: conn=2843622 op=2 UNBIND
Feb 26 10:23:31 atlante slapd[10022]: conn=2843622 fd=65 closed
What's wrong ?
The Address Book make me crazy!!!
Do you mean this bug?
http://www.sogo.nu/bugs/view.php?id=2169
I don't think, because i do the auth on Active Directory and the users
search on OpenLDAP to load the Address Book.
But I think there is something in filter parsing, but I don't know how
is the code/script to do this.
Could you provide an LDIF of an user in this group and an LDIF of your
group?
Kind regards,
Christian Mack
User :
dn: uid=user1,ou=Group1,ou=Users,dc=primeur,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSamAccount
uid: user1
uidNumber: 2424
gidNumber: 513
loginShell: /bin/bash
gecos: System User
userPassword: {SHA}wc45o+kQbuY95Gd3n9hdwdh8CAg=
userPassword: {SHA}nxXj9Ve3UtHqjdD+FGH3USCzljY=
sn: user1
homeDirectory: /home/user1
cn: user1
shadowFlag: 0
shadowMin: 0
shadowMax: 99999
shadowWarning: 0
shadowInactive: 99999
shadowLastChange: 12011
shadowExpire: 99999
sambaKickoffTime: 2147483647
sambaAcctFlags: [U]
sambaSID: S-1-5-21-3692295675-382424995-2796369013-5848
sambaDomainName: PRIMEUR
sambaPrimaryGroupSID: S-1-5-21-3692295675-382424995-2796369013-513
sambaNTPassword: B2D9FE357CC623EF3770C3ECFE0CF7FC
sambaPwdLastSet: 1361803572
This user does not have the memberOf attribute your filter is
looking for.
If the group can be the primary group you may have to extend your
filter to look for
sambaPrimaryGroupSID='S-1-5-21-3692295675-382424995-2796369013-513'
as well, if there are no warinngs in your sogo logs that those sid
attributes are not parsable. I get those warnings here with queries
against samba4 ldap.
|
