Hi,
Well, we made it through the first hurdle in the thread Installation and
Configuration.
Again, the setup:
FreeBSD 9.1
LDAP 2.4.35
PostGreSQL 9.2
SOGO 2.0.5
(All the services are on separate machines)
Here's the second one concerning LDAP authentication.
It doesn't seem to want to bind.
I can bind anonymously with the pam_ldap service and with the sogo user from
the command line to the remote ldap service. However, when trying to login
from the SOGO Web GUI, I get the 'Wrong User Name or Password" error.
The sogo log file has:
May 08 16:58:49 sogod [6909]: vmem size check enabled: shutting down app when
vmem > 384 MB
May 08 16:58:49 sogod [6909]: <0x0x8087ff908[SOGoProductLoader]> SOGo products
loaded from '/usr/local/GNUstep/Local/Library/SOGo':
May 08 16:58:49 sogod [6909]: <0x0x8087ff908[SOGoProductLoader]>
ContactsUI.SOGo, MainUI.SOGo, MailPartViewers.SOGo, Mailer.SOGo,
Appointments.SOGo, SchedulerUI.SOGo, Contacts.SOGo, MailerUI.SOGo,
PreferencesUI.SOGo, AdministrationUI.SOGo, CommonUI.SOGo
May 08 16:58:49 sogod [6909]: <0x0x808470438[WOWatchDog]> listening on *:20000
May 08 16:58:49 sogod [6909]: <0x0x808470438[WOWatchDog]> watchdog process pid:
6909
May 08 16:58:49 sogod [6909]: <0x0x801c3bb60[WOWatchDogChild]> watchdog request
timeout set to 10 minutes
May 08 16:58:49 sogod [6909]: <0x0x808470438[WOWatchDog]> preparing 1 children
May 08 16:58:49 sogod [6909]: <0x0x808470438[WOWatchDog]> child spawned with
pid 6910
2013-05-08 16:58:49.390 sogod[6910] PostgreSQL72 connection established:
<0x0x809d14528[PGConnection]: connection=0x0x809df2000>
2013-05-08 16:58:49.390 sogod[6910] PostgreSQL72 channel 0x0x8087fd7c8 opened
(connection=<0x0x809d14528[PGConnection]: connection=0x0x809df2000>)
2013-05-08 16:58:49.391 sogod[6910] PG0x0x8087fd7c8 SQL: SELECT count(*) FROM
sogo_user_profile
2013-05-08 16:58:49.597 sogod[6910] PG0x0x8087fd7c8 SQL: SELECT count(*) FROM
sogo_folder_info
2013-05-08 16:58:49.700 sogod[6910] PG0x0x8087fd7c8 SQL: SELECT count(*) FROM
sogo_sessions_folder
May 08 16:59:48 sogod [6910]: |SOGo| starting method 'POST' on uri
'/SOGo/connect'
May 08 16:59:48 sogod [6910]: <0x0x809e18e28[SOGoCache]> Cache cleanup interval
set every 300.000000 seconds
May 08 16:59:48 sogod [6910]: <0x0x809e18e28[SOGoCache]> Using host(s)
'localhost' as server(s)
2013-05-08 16:59:48.742 sogod[6910] Note(SoObject): SoDebugKeyLookup is
enabled!
2013-05-08 16:59:48.742 sogod[6910] Note(SoObject): SoDebugBaseURL is enabled!
2013-05-08 16:59:48.742 sogod[6910] Note(SoObject): relative base URLs are
enabled.
2013-05-08 16:59:48.745 sogod[6910] ERROR(-[NGBundleManager bundleWithPath:]):
could not create bundle for path:
'/usr/local/GNUstep/System/Library/Libraries/gnustep-base/Versions/1.24/Resources/SSL.bundle'
2013-05-08 16:59:48.752 sogod[6910] WOCompoundElement: pool embedding is on.
2013-05-08 16:59:48.752 sogod[6910] WOCompoundElement: id logging is on.
May 08 16:59:48 sogod [6910]: <0x0x809dd61f8[NGLdapConnection]> Using
ldap_initialize for LDAP URL: ldap://<LDAP IP>:389
May 08 16:59:48 sogod [6910]: <0x0x809ed8b88[LDAPSource]> <NSException:
0x809dd10d8> NAME:LDAPException REASON:operation bind failed: Invalid
credentials (0x31) INFO:{login = "cn=sogo,ou=people,dc=example,dc=com"; }
May 08 16:59:48 sogod [6910]: SOGoRootPage Login from '<desktop IP>' for user
'sogo' might not have worked - password policy: 65535 grace: -1 expire: -1
bound: 0
May 08 16:59:48 sogod [6910]: |SOGo| request took 0.018914 seconds to execute
<DESKTOP IP> - - [08/May/2013:16:59:48 GMT] "POST /SOGo/connect HTTP/1.1" 403
34/56 0.021 - - -
At the present time, my sogo.conf file:
(PLEASE NOTE:
The IPs are replace with a <SERVER IP> and the domain replaced with
example.com.
I have had the sogo user in the ou of both my standard ou=people,
dc=example,dc=com and ou=users,dc=example,dc=com. They both failed in the same
way. I have verified the 'sogo' password repeatedly.
I have created a local sogo user with the same UID/GID to verify that it has
some idea of the sogo user without having to query LDAP. I have verified that
its password is 'sogo' as well, although this should not matter
I have had the bind password in the sogo.conf file with and without double
quotes surrounding it. What is it supposed to be? I've seen both in people's
configuration files.
)
{
/* ********************* Main SOGo configuration file
**********************
*
*
* Since the content of this file is a dictionary in OpenStep plist format,
*
* the curly braces enclosing the body of the configuration are mandatory.
*
* See the Installation Guide for details on the format.
*
*
*
* C and C++ style comments are supported.
*
*
*
* This example configuration contains only a subset of all available
*
* configuration parameters. Please see the installation guide more details.
*
*
*
* ~sogo/GNUstep/Defaults/.GNUstepDefaults has precedence over this file,
*
* make sure to move it away to avoid unwanted parameter overrides.
*
*
*
*
**************************************************************************/
SOGoProfileURL="postgresql://sogo:thisisfun@<DB
IP>:5432/sogo/sogo_user_profile";
OCSFolderInfoURL="postgresql://sogo:thisisfun@<DB
IP>:5432/sogo/sogo_folder_info";
OCSSessionsFolderURL="postgresql://sogo:thisisfun@<DB
IP>.19:5432/sogo/sogo_sessions_folder";
SOGoDraftsFolderName = Drafts;
SOGoSentFolderName = Sent;
SOGoTrashFolderName = Trash;
SOGoIMAPServer = <MAIL IP>;
SOGoSMTPServer = <MAIL IP>;
SOGoMailDomain = example.comt;
SOGoMailingMechanism = smtp;
SOGoForceExternalLoginWithEmail = NO;
SOGoMailSpoolPath = /var/spool/mail;
SOGoAppointmentSendEMailNotifications = YES;
//NGImap4ConnectionStringSeparator = "/";
//SOGoACLsSendEMailNotifications = NO;
//SOGoSieveServer = sieve://127.0.0.1:4190;
/* Authentication */
SOGoPasswordChangeEnabled = YES;
/* LDAP authentication example */
SOGoUserSources = (
{
type=ldap;
CNFieldName=cn;
IDFieldName=cn;
UIDFieldName=cn;
baseDN="ou=people,dc=example,dc=com";
bindDN="cn=sogo,ou=users,dc=example,dc=com";
bindPassword="sogo";
canAuthenticate=YES;
displayName="Shared Addresses";
hostname=ldap://<LDAP IP>:389;
id=public;
isAddressBook=YES;
}
);
SOGoPageTitle = SOGo;
SOGoVacationEnabled = YES;
SOGoForwardEnabled = YES;
//SOGoSieveScriptsEnabled = YES;
/* General */
SOGoLanguage = English;
SOGoTimeZone = America/New_York;
SOGoCalendarDefaultRoles = (
PublicDAndTViewer,
ConfidentialDAndTViewer
);
//SOGoSuperUsernames = (sogo1, sogo2); //This is an array - keep the parens!
/* Debug */
SoDebugBaseURL = YES;
ImapDebugEnabled = YES;
LDAPDebugEnabled = YES;
SOGoDebugRequests = YES;
PGDebugEnabled = YES;
SOGoUIxDebugEnabled = YES;
WODontZipResponse = YES;
WOLogFile = /var/log/sogo/sogo.log;
}
--
[email protected]
https://inverse.ca/sogo/lists
