________________________________
From: Jean Raby <jr...@inverse.ca>
To: users@sogo.nu
Sent: Thursday, June 27, 2013 9:03 AM
Subject: Re: [SOGo] FreeBSD port - LDAP authentication
<snip>
Thanks on that the debug info being "interesting" :-)
> Jun 26 16:30:54 sogod [68616]: <0x09DF6EC8[SOGoUserFolder]:sogo> baseURL:
> name=sogo (container=SOGo)
> container: /SOGo -- http://team.atlantisservices.net/SOGo/so/sogo/Mail/view
> own: /SOGo/so/sogo
> Jun 26 16:30:54 sogod [68616]: <0x0x80c171568[NGLdapConnection]> Using
> ldap_initialize for LDAP URL: ldap://<LDAP IP>:389
> 2013-06-26 16:30:54.727 sogod[68616] -[NGLdapConnection
> _searchAtBaseDN:qualifier:attributes:scope:]: search with at base ��N filter
> ��N for attrs �OM
> 2013-06-26 16:30:54.729 sogod[68616] WARNING: IMAP4 connection pooling is
> disabled!
> Jun 26 16:31:54 sogod [68615]: [WARN] <0x0x809cc3568[WOWatchDogChild]> pid
> 68616 has been hanging in the same request for 1 minutes
> Jun 26 16:32:54 sogod [68615]: [WARN] <0x0x809cc3568[WOWatchDogChild]> pid
> 68616 has been hanging in the same request for 2 minutes
>From this, I would say that the LDAP requests worked, but that SOGo is somehow
waiting for the imap server. One thing you could do is looking at the LDAP
queries to make sure that they return the expected results. You can do this by
either dumpimg the ldap traffic using tcpdump/wireshark, or by enabling query
logging on the LDAP side (olcLogLevel: stats).
Is there any relevant information in the imap server logs? You could also try
to dump the imap traffic to see what is going on.
You could also attach to the "hanging" process using a process tracer (ktrace,
truss) and see which system call it is blocking on. If the process blocks while
doing operations on a filedescriptor, you'll need to use lsof to map the fd the
a real file (or socket).
My answer:
This was very interesting advice. It yielded some interesting stuff once I
restart all my processes. (Sogod and apache)
I tried to login on the web interface which now magically works... (*shrug*)
I'm trying to login with a uid of a record under the ldap container:
ou=people,dc=company,dc=com
The cn=John Smith,ou=people,dc=company,dc=com is not being found when I try to
enter the uid attribute of jsmith.
When I attempt that login with that uid password, it tries to login/retrieve
uid=jsmith,ou=people,dc=company,dc=com, and that fails.
However, when I attempt to login with "John Smith", it does all the proper
things with LDAP and there is activity on dovecot that says it doesn't
recognize that uid.
So, below is my relevant section of LDAP in the sogo.conf file.
I would like to know what I need to modify in the CNFieldName, IDFieldName,
UIDFieldName, to be able to login with the uid attribute of jsmith who has a cn
of:
cn=John Smith,ou=people,dc=company,dc=com (Please note that I do not have a
container of uid. Uid is attribute of the CN)
SOGoUserSources = (
{
type = ldap;
CNFieldName = "cn";
IDFieldName = "cn";
UIDFieldName = "cn";
baseDN = "ou=people,dc=company,dc=com";
bindDN = "cn=sogo,ou=people,dc=company,dc=com";
bindPassword = "qwerty";
IMAPHostFieldName = ;
canAuthenticate = YES;
displayName = "Shared Addresses";
hostname = "ldap://<LDAP Server IP>:389";
id = public;
isAddressBook = YES;
}
);
I believe this is a major step in getting this work.
P.--
users@sogo.nu
https://inverse.ca/sogo/lists
