Re: [SOGo] Change Password
On Mon, July 15, 2013 4:47 pm, Szládovics Péter wrote: 2013-07-15 22:17 keltezéssel, bly...@ameliaschools.com Ãrta: Hello everyone, We are in the process of migrating over to SOGo. I have all of my users there and everything up and running except for one thing that is giving me some issues...we are authenticating via ldap and my users are not able to change there password. In the sogo log I get a message stating Jul 15 20:15:45 sogod [29715]: 0x0x8db06cc[LDAPSource] NSException: 0x9235784 NAME:LDAPException REASON:operation modify failed: Insufficient access (0x32) INFO:{dn = uid=blynch,ou=users,dc=mydomain,dc=com; } I have SOGoPasswordChangeEnabled = YES; Im thinking this is something really simple that Im missing. Any help would be greatly appreciated. Hi, Which LDAP do you talk about? AFAIK the SOGo password change feature works only with OpenLDAP+clear text passwords. If you have other type of ldap or auth, you need to find other method to change passwords. -- users@sogo.nu https://inverse.ca/sogo/lists We are using openldap-2.3.43-25.el5_8.1. So no crypt passwords for ldap? Bummer. Does the change password work with mysql with encrypted passwords? -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Change Password
I can confirm the change password works with MySQL with encrypted passwords! On 16 July 2013 15:29, Bo Lynch bly...@ameliaschools.com wrote: On Mon, July 15, 2013 4:47 pm, Szládovics Péter wrote: 2013-07-15 22:17 keltezéssel, bly...@ameliaschools.com írta: Hello everyone, We are in the process of migrating over to SOGo. I have all of my users there and everything up and running except for one thing that is giving me some issues...we are authenticating via ldap and my users are not able to change there password. In the sogo log I get a message stating Jul 15 20:15:45 sogod [29715]: 0x0x8db06cc[LDAPSource] NSException: 0x9235784 NAME:LDAPException REASON:operation modify failed: Insufficient access (0x32) INFO:{dn = uid=blynch,ou=users,dc=mydomain,dc=com; } I have SOGoPasswordChangeEnabled = YES; Im thinking this is something really simple that Im missing. Any help would be greatly appreciated. Hi, Which LDAP do you talk about? AFAIK the SOGo password change feature works only with OpenLDAP+clear text passwords. If you have other type of ldap or auth, you need to find other method to change passwords. -- users@sogo.nu https://inverse.ca/sogo/lists We are using openldap-2.3.43-25.el5_8.1. So no crypt passwords for ldap? Bummer. Does the change password work with mysql with encrypted passwords? -- users@sogo.nu https://inverse.ca/sogo/lists -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 I can't hear you -- I'm using the scrambler. -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Change Password
2013-07-16 14:29 keltezéssel, Bo Lynch írta: We are using openldap-2.3.43-25.el5_8.1. So no crypt passwords for ldap? Bummer. Does the change password work with mysql with encrypted passwords? Corrections below from Alain Abbas: for completing my response : in slapd.conf if you use it you should have : access to * by self write Le Mardi 16 Juillet 2013 01:49 CEST, ABBAS Alain alain.ab...@libertech.fr a écrit: HEllo 1) the error 0x32 is a LDAP ACL problem you must allow the entry to be modified by itself (in openldap by the keyword self 2) To respond at the last post about clear password by default the password is generated in clear but you have got a special parameter (page 22 of the installation guide) to tell Sogo to crypt the password In case of openldap you should set userPasswordAlgorithm =SSHA; in the SogoUserSource section and Sogo will crypt the password. This parameter depends of the LDAP server software. I just tried and verified on a Sogo 2.0.6b : ) -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Change Password
On Tue, July 16, 2013 9:08 am, Szládovics Péter wrote: 2013-07-16 14:29 keltezéssel, Bo Lynch Ãrta: We are using openldap-2.3.43-25.el5_8.1. So no crypt passwords for ldap? Bummer. Does the change password work with mysql with encrypted passwords? Corrections below from Alain Abbas: for completing my response : in slapd.conf if you use it you should have : access to * by self write Le Mardi 16 Juillet 2013 01:49 CEST, ABBAS Alain alain.ab...@libertech.fr a écrit: HEllo 1) the error 0x32 is a LDAP ACL problem you must allow the entry to be modified by itself (in openldap by the keyword self 2) To respond at the last post about clear password by default the password is generated in clear but you have got a special parameter (page 22 of the installation guide) to tell Sogo to crypt the password In case of openldap you should set userPasswordAlgorithm =SSHA; in the SogoUserSource section and Sogo will crypt the password. This parameter depends of the LDAP server software. I just tried and verified on a Sogo 2.0.6b : ) -- OK my SOGoUserPasswordAlgorithm = crypt; this works fine with logging in until I add access to * by self write in slapd.conf then it complains about wrong user name and password. sogo log states Jul 16 19:49:21 sogod [7633]: 0x0x85ecfb4[LDAPSource] NSException: 0x863bbcc NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{login = uid=blynch,ou=users,dc=domain,dc=com; } Jul 16 19:49:21 sogod [7633]: SOGoRootPage Login from '69.21.x.x' for user 'blynch' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0 69.21.103.130 - - [16/Jul/2013:19:49:21 GMT] POST /SOGo/connect HTTP/1.1 403 34/44 0.005 - - 520K -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Change Password
this rule must be the last one or adaptated to your environmentI gave a way not necessary the solution, it depends on your acl that you have already in your ldap and yourcustomizationThe error that you have in the Sogos log is the result of the LDAP operation (here 0x31 invalid credantial)did you chech how is crypted the password on an entry that run?i think by default openldap crypt in SSHA and not with the old crypt methodregardLe Mardi 16 Juillet 2013 21:51 CEST, Bo Lynch bly...@ameliaschools.com a crit:On Tue, July 16, 2013 9:08 am, Szldovics Pter wrote: 2013-07-16 14:29 keltezssel, Bo Lynch rta: We are using openldap-2.3.43-25.el5_8.1. So no crypt passwords for ldap? Bummer. Does the change password work with mysql with encrypted& gt; passwords? Corrections below from Alain Abbas: for completing my response : in slapd.conf if you use it you should have : access to * by self write Le Mardi 16 Juillet 2013 01:49 CEST, ABBAS Alain a crit: HEllo 1) the error 0x32 is a LDAP ACL problem you must allow the entry to be modified by itself (in openldap by the keyword self 2) To respond at the last post about clear password by default the password is generated in clear but you have got a special parameter (page 22 of the installation guide) to tell Sogo to crypt the password In case of openldap you should set userPasswordAlgorithm =SSHA; in the SogoUserSource section and Sogo will crypt the password. This parameter depends of the LDAP se rver software. I just tried and verified on a Sogo 2.0.6b : ) --OKmy SOGoUserPasswordAlgorithm = crypt;this works fine with logging in until I addaccess to *by self writein slapd.conf then it complains about wrong user name and password.sogo log statesJul 16 19:49:21 sogod [7633]: 0x0x85ecfb4[LDAPSource] 0x863bbcc NAME:LDAPException REASON:operation bind failed: Invalidcredentials (0x31) INFO:{login = uid=blynch,ou=users,dc=domain,dc=com; }Jul 16 19:49:21 sogod [7633]: SOGoRootPage Login from 69.21.x.x for userblynch might not have worked - password policy: 65535 grace: -1expire: -1 bound: 069.21.103.130 - - [16/Jul/2013:19:49:21 GMT] POST /SOGo/connect HTTP/1.1403 34/44 0.005 - - 520K--users@sogo.nuhttps://inverse.ca/sogo/lists--Alain AbbasDirecteur03 83 18 02 70
[SOGo] HTML mail
Dear All, When I create an HTML mail in the webmail, the encoding is always quoted printable. Usually it isn't problem, the most of mail clients are handle it correctly. But some clients (e.g. iOS/Android default activesync capable mailer) show these mails as incorrectly: they don't resolve the acute;-style characters, but shows the code instead. So, some mails become really ugly... :( Can I set this encoding anywhere? I want to 8bit or base64 instead of quoted-printable. Can I do it? Again: problem exists only, when I write the HTML mail in SOGo webmail, use non-ascii characters, and read the mail on iOS/Android default activesync capable client. Thanks your help. PS: I read google/docs, but they didn't help me... -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] BTS activities for Tuesday, July 16 2013
Title: BTS activities for Tuesday, July 16 2013 BTS Activities Home page: http://www.sogo.nu/bugs Project: SOGo For the period covering: Tuesday, July 16 2013 idlast updatestatus (resolution)categorysummary 2370 2013-07-16 11:34:24 updated (open) Backend Mail Authenticated DOS is sogo, via imap injection (OWASP-DV-011) 2007 2013-07-16 09:36:01 assigned (open) sogo-tool can't add webcalendar 2369 2013-07-16 11:32:51 closed (fixed) Web Calendar Persistant XSS via calendar invitation. 2368 2013-07-16 11:33:05 closed (fixed) Web Mail Persistant XSS in sender field.