I was having trouble logging into sogo with a valid user/password. Using a samba4 AD for authentication and had created a OU structure for holding users/groups.
*Situation 1* where user is memberOf CN=OurFamily, OU=Family,OU=U sers,OU=OurHome,DC=ourhome,DC=net ......Unable to login with valid user/password and got this message in logs 2015-04-01 19:22:48.961 sogod[2922] -[NGLdapConnection _searchAtBaseDN:qualifier:attributes:scope:]: search at base '' filter '(objectClass=*)' for attrs 'subschemaSubentry' 2015-04-01 19:22:48.962 sogod[2922] -[NGLdapConnection _searchAtBaseDN:qualifier:attributes:scope:]: search at base 'CN=Aggregate,CN=Schema,CN=Configuration,DC=ourhome,DC=net' filter '(objectClass=*)' for attrs 'objectclasses' 2015-04-01 19:22:48.982 sogod[2922] -[NGLdapConnection _searchAtBaseDN:qualifier:attributes:scope:]: search at base 'cn=users,dc=ourhome,dc=net' filter '(&(|(sAMAccountName=jqfamily)(mail=jqfamily))(&(objectClass=person)(memberOf=CN=OurFamily,OU=Family,OU=Users,OU=OurHome,DC=ourhome,DC=net)))' for attrs 'dn' Apr 01 19:22:48 sogod [2922]: SOGoRootPage Login from '10.20.30.10' for user 'jqfamily' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0 Apr 01 19:2 *Situation 2* where same user is moved and now memberOf CN=OurFamily,CN=Users,DC=ourhome,DC=net ...now able to login Does SOGo require all users & groups to be within the CN=Users container? -- [email protected] https://inverse.ca/sogo/lists
