subject:"\[SOGo\] password"

Re: [SOGo] Password management

2023-08-19 Thread smizr...@alinto.eu


Dear Michele,

We have implemented a password change at login mechanism 
(https://github.com/Alinto/sogo/blob/master/Documentation/SOGoInstallationGuide.asciidoc#password--force-user-password-change-at-login)
 
It will be available on next release and from now on nightly build.

Sebastien

Le Vendredi, Août 18, 2023 19:20 CEST, "mcianchi" (m.cian...@securcrea.com) 
 a écrit:
 We have installed iRedMail with the SOGo interface and have used Mail Store 
for email archiving. There is the possibility to integrate a script into the 
SOGo password change procedure in order to automate the password change for 
Mail Store through APIs.

Otherwise, users are required to change their password in SOGo and then connect 
to Mail Store to perform the same password change.

Michele Cianchi

[SOGo] Password management

2023-08-18 Thread mcianchi

We have installed iRedMail with the SOGo interface and have used Mail Store for 
email archiving. There is the possibility to integrate a script into the SOGo 
password change procedure in order to automate the password change for Mail 
Store through APIs.

Otherwise, users are required to change their password in SOGo and then connect 
to Mail Store to perform the same password change.


Michele Cianchi

Re: [SOGo] Password change date with the SQL back-end

2023-07-03 Thread vilius.bau...@gmail.com

On Sun, Jul 2, 2023 at 7:38 PM Vilius Baušys 
wrote:

> Hi Sogo users,
>
> I'm trying to configure Iredmail plugin sql_force_change_password
> 
> to force users to change their passwords. The plugin itself works fine, but
> it seems that Sogo does not record password change timestamp:
>
> Jul 02 19:25:20 sogod [3128203]: |SOGo| starting method 'POST' on uri
> '/SOGo/so/changePassword'
> Jul 02 19:25:20 sogod [3128203]: |SOGo| request took 0.495773 seconds to
> execute
> Jul 02 19:25:20 sogod [3128203]: 78.57.31.125 "POST
> /SOGo/so/changePassword HTTP/1.0" 204 0/73 0.505 - - 532K - 14
>
> I also do not see any related column in the users table:
> MariaDB [sogo]> desc users;
> ++--+--+-+-+---+
> | Field  | Type | Null | Key | Default | Extra |
> ++--+--+-+-+---+
> | c_uid  | varchar(255) | NO   | | |   |
> | c_name | varchar(255) | NO   | | |   |
> | c_password | varchar(255) | NO   | | |   |
> | c_cn   | varchar(255) | NO   | | |   |
> | mail   | varchar(255) | NO   | | |   |
> | domain | varchar(255) | NO   | | |   |
> ++--+--+-+-+---+
> 6 rows in set (0.001 sec)
>
> Maybe I missed some of the configurable option to capture the password
> change timestamp?
>
> Sogo v 5.8.2 (@sogo-build.alinto.int 202305201843)
>

I found an easy workaround by creating a trigger that updates the
corresponding Iredmail column.
Not ideal, but it works.

-- 
Vilius

[SOGo] Password change date with the SQL back-end

2023-07-02 Thread vilius.bau...@gmail.com

Hi Sogo users,

I'm trying to configure Iredmail plugin sql_force_change_password

to force users to change their passwords. The plugin itself works fine, but
it seems that Sogo does not record password change timestamp:

Jul 02 19:25:20 sogod [3128203]: |SOGo| starting method 'POST' on uri
'/SOGo/so/changePassword'
Jul 02 19:25:20 sogod [3128203]: |SOGo| request took 0.495773 seconds to
execute
Jul 02 19:25:20 sogod [3128203]: 78.57.31.125 "POST /SOGo/so/changePassword
HTTP/1.0" 204 0/73 0.505 - - 532K - 14

I also do not see any related column in the users table:
MariaDB [sogo]> desc users;
++--+--+-+-+---+
| Field  | Type | Null | Key | Default | Extra |
++--+--+-+-+---+
| c_uid  | varchar(255) | NO   | | |   |
| c_name | varchar(255) | NO   | | |   |
| c_password | varchar(255) | NO   | | |   |
| c_cn   | varchar(255) | NO   | | |   |
| mail   | varchar(255) | NO   | | |   |
| domain | varchar(255) | NO   | | |   |
++--+--+-+-+---+
6 rows in set (0.001 sec)

Maybe I missed some of the configurable option to capture the password
change timestamp?

Sogo v 5.8.2 (@sogo-build.alinto.int 202305201843)

-- 
Vilius

Re: [SOGo] password

2023-04-15 Thread Odhiambo Washington

On Sat, Apr 15, 2023 at 1:48 AM "news...@gmx.de"  wrote:

> Hello, I suppose that was a human answer to my question? If so, here is
> my reply: I cannot find the menu item "sogo.conf" under preferences.
> Where is it?
>
> cheers
> neff
>
>
It was a clue, that you need to check your /etc/sogo.conf and you could
refer to
https://www.sogo.nu/files/docs/SOGoInstallationGuide.html#_configuration

-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)
[How to ask smart questions:
http://www.catb.org/~esr/faqs/smart-questions.html]

Re: [SOGo] password

2023-04-14 Thread "Peter Beck"

>Hello, I suppose that was a human answer to my question? If so, here is my 
>reply: I cannot find the menu item "sogo.conf" under preferences.
> Where is it?@mail.gmail.com>@sogo.nu>

He meant /etc/sogo/sogo.conf with the parameter "SOGoPasswordChangeEnabled" 
which defaults to "no" if unset.
See documentation at https://www.sogo.nu/files/docs/SOGoInstallationGuide.html

Re: [SOGo] password

2023-04-14 Thread "news...@gmx.de"


Hello, I suppose that was a human answer to my question? If so, here is
my reply: I cannot find the menu item "sogo.conf" under preferences.
Where is it?

cheers
neff


On 14.04.23 17:24, Odhiambo Washington (odhia...@gmail.com) wrote:

On Fri, Apr 14, 2023 at 4:26 PM "neff"  wrote:


One of the recent updates must have removed the ability to change the
password
in the General settings. Where do I find that now? Thanks



sogo.conf


--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)
[How to ask smart questions:
http://www.catb.org/~esr/faqs/smart-questions.html]

Re: [SOGo] password

2023-04-14 Thread Odhiambo Washington

On Fri, Apr 14, 2023 at 4:26 PM "neff"  wrote:

> One of the recent updates must have removed the ability to change the
> password
> in the General settings. Where do I find that now? Thanks
>

sogo.conf


-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)
[How to ask smart questions:
http://www.catb.org/~esr/faqs/smart-questions.html]

[SOGo] password

2023-04-14 Thread "neff"

One of the recent updates must have removed the ability to change the password
in the General settings. Where do I find that now? Thanks

Re: [SOGo] Password change on another database

2019-10-11 Thread Christian Mack

Hello

Am 10.10.19 um 15:05 schrieb David Reis (david.r...@netoxygen.ch):
> Dear All,
> 
> I use IredMail with SOGo but I can not make password change working.
> 
> I configure Mysql backend Auth and everything is working fine except
> password change from SOGo.
> 
> My SOGo users are authentified on a MySQL view based on some tables on
> IredMail database.
> 
> So I can not make the password change working on this view.
> 
> My question is : "Is there a way to customize the MySQL query used to
> update password?"
> 

no, you would need to replace that view with a table, or modify SOGo
and/or SOPE code.


Kind regards,
Christian Mack

-- 
Christian Mack
Universität Konstanz
Kommunikations-, Informations-, Medienzentrum (KIM)
Abteilung Basisdienste
78457 Konstanz
+49 7531 88-4416



smime.p7s
Description: S/MIME Cryptographic Signature

[SOGo] Password change on another database

2019-10-10 Thread David Reis


Dear All,

I use IredMail with SOGo but I can not make password change working.

I configure Mysql backend Auth and everything is working fine except 
password change from SOGo.


My SOGo users are authentified on a MySQL view based on some tables on 
IredMail database.


So I can not make the password change working on this view.

My question is : "Is there a way to customize the MySQL query used to 
update password?"


Best regards,

David

--
users@sogo.nu
https://inverse.ca/sogo/lists

[SOGo] SOGo password expiration

2018-12-10 Thread "Miguel Mucio Santos Moreira"


Hi everybody!

I wasn't able to find a way where SOGo checks if an user has his password 
expired and if so, force this user change it after login screen.
Anybody has already implement this feature or functionality?

One more time thanks.

Best Regards



--
Miguel Moreira
Gerente
DPR/SRE/GSR - Gerência de Serviços de Rede
+55(31)3339-1401
PRODEMGE - Companhia de Tecnologia da Informação do Estado de Minas Gerais

Aviso: Esta mensagem é destinada exclusivamente para a(s) pessoa(s) a quem é 
dirigida, podendo conter informação sigilosa e legalmente protegida. O uso 
impróprio será tratado conforme as normas da empresa e a legislação em vigor. 
Caso não seja o destinatário, favor notificar o remetente, ficando proibidas a 
utilização, divulgação, cópia e distribuição.
 
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] password change with samba4 AD

2016-10-04 Thread "Sean M. Pappalardo"

On 10/04/2016 01:37 AM, lists (li...@merit.unu.edu) wrote:
> We are there specific requirements on the SOGo server, to accomodate AD
> password changes..?

You might need to check the encryption settings. I know my SOGo couldn't
authenticate users at all after Samba 4.2 until they were adjusted. (I
don't remember which ones now, but likely ones mentioned in the page I
linked before.)

Sincerely,
Sean M. Pappalardo
Sr. Networks Engineer
Renegade Technologies

smime.p7s
Description: S/MIME Cryptographic Signature

Re: [SOGo] password change with samba4 AD

2016-10-04 Thread lists


Hi Sean,

On 3-10-2016 21:30, "Sean M. Pappalardo" (spappala...@renegadetech.com) 
wrote:

What version of Samba? Do you run Samba from Debian packages?
On the DCs we're on 4.4, and yes: changing passwords from windows works, 
otherwise we would obviously have bigger problems. :-)


We are there specific requirements on the SOGo server, to accomodate AD 
password changes..?


On the server running SOGo, we installed nothing samba-related, only the 
regular SOGo dependancies... (we are NOT running openchange)


MJ
--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] password change with samba4 AD

2016-10-03 Thread "Sean M. Pappalardo"

What version of Samba? Do you run Samba from Debian packages?

I do (v4.2) and have found that there is a problem with users changing
their passwords in general even from Windows clients. I think it has to
do with the increased default security settings Samba 4.2 now uses,
outlined here:
https://anonscm.debian.org/cgit/pkg-samba/samba.git/commit/?h=stable-update&id=cbcad2a543a28926ee712cf299dbdc03da351cb0

Have you tried having a user change their password from a Windows machine?

Sincerely,
Sean M. Pappalardo
Sr. Networks Engineer
Renegade Technologies



smime.p7s
Description: S/MIME Cryptographic Signature

[SOGo] password change with samba4 AD

2016-10-03 Thread lists


Hi,

We've had some complaints of users that changed their Active Directory 
passwords using /SOGo -> Preferences -> Change password


Afterwards they were unable to logon using their new password. Looking 
at the logs, nothing in particular is logged, except the fact that they 
opened the preferences.


Supid enough, I did not ask them if they WERE able to logon using their 
OLD password... but sure enough: the password change itself did not work.


Is there anything in particular required to use this fuctionality? Note, 
perhaps relevant: we're a samba4 AD environment, no real microsoft AD 
servers.


Any tips or requirements that we might have missed?

Thanks!

MJ
--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Password change not possible

2016-02-10 Thread Christian Mack

Hello

Am 10.02.2016 um 23:47 schrieb Michael Grimbichler:
> 
> New to SOGo and can’t change user passwords in the settings.
> Is this a known bug? Cant see anything in /var/log/messages or 
> /var/log/maillog when hitting the „change“ button.
> Also the fact that there is a „save" button and „change" button is a bit 
> confusing.
> I am running Sogo on CentOS 7 with OpenLDAP and Dovecot.
> Password change is set in the Sogo config and following is my LDAP config.
> 
> 
> olcAccess: {0}to attrs=userPassword,shadowLastChange
>  by dn=„cn=admin,dc=domain,dc=com“ write
>  by dn="uid=dovecot,ou=ServiceAccounts,dc=domain,dc=co,dc=uk“ read
>  by dn="uid=saslauthd,ou=ServiceAccounts,dc=domain,dc=co,dc=uk“ read
>  by anonymous auth
>  by self write
>  by * none
> 
> Do I also need to grant write permission to the SOGo Service account or 
> should it be covered by the „self“ permission?
> 

See:
http://sogo.nu/bugs/view.php?id=3496


Kind regards,
Christian Mack

-- 
Christian Mack
Universität Konstanz
Kommunikations-, Informations-, Medienzentrum (KIM)
Abteilung Basisdienste
78457 Konstanz
+49 7531 88-4416



smime.p7s
Description: S/MIME Cryptographic Signature

[SOGo] Password change not possible

2016-02-10 Thread Michael Grimbichler

Hi all

New to SOGo and can’t change user passwords in the settings.
Is this a known bug? Cant see anything in /var/log/messages or /var/log/maillog 
when hitting the „change“ button.
Also the fact that there is a „save" button and „change" button is a bit 
confusing.
I am running Sogo on CentOS 7 with OpenLDAP and Dovecot.
Password change is set in the Sogo config and following is my LDAP config.


olcAccess: {0}to attrs=userPassword,shadowLastChange

 by dn=„cn=admin,dc=domain,dc=com“ write

 by dn="uid=dovecot,ou=ServiceAccounts,dc=domain,dc=co,dc=uk“ read

 by dn="uid=saslauthd,ou=ServiceAccounts,dc=domain,dc=co,dc=uk“ read

 by anonymous auth

 by self write

 by * none

Do I also need to grant write permission to the SOGo Service account or should 
it be covered by the „self“ permission?

Thanks,
Michael
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

[SOGo] Password scheme for Web changed Passwords differ from settings

2015-10-10 Thread Bastian Bleker

I’ve switched on the SOGoPasswordChangeEnabled option to allow my users a 
password change.
I’m using SSHA512 for my passwords but if I change the password via sogo it 
seems to use another scheme (there is no ending = sign and the saved hash is a 
little bit longer than SSHA512 hashes).
Non the less it seems to work anyway (tested web login and imap login from 
thunderbird) so why do the hashes differ and can i configure Sogo to create 
SSHA512 hashes via the web interface?

Kind regards,
Bastian Bleker-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Keep SOGo Password on Firefox, ...

2015-09-24 Thread Maxime RUBINO


Thanks, with this : http://nhfiles.com/sogo/ ; work great !

Le 24/09/2015 08:35, Christian Mack a écrit :

Hello

Am 24.09.2015 um 01:01 schrieb Maxime RUBINO:

Hi all,

File : /usr/lib/GNUstep/SOGo/Templates/MainUI/SOGoRootPage.wox ; line 65

it's possible to change http://alibou.sogo.lala/SOGo/so"; to show
calendar/mail/...

Someone would have an idea ?


See bug #659
http://www.sogo.nu/bugs/view.php?id=659

Kind regards,
Christian Mack



--
Cordialement,
Maxime RUBINO

--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Keep SOGo Password on Firefox, ...

2015-09-23 Thread Christian Mack

Hello

Am 24.09.2015 um 01:01 schrieb Maxime RUBINO:
> 
> Hi all,
> 
> File : /usr/lib/GNUstep/SOGo/Templates/MainUI/SOGoRootPage.wox ; line 65
> 
> it's possible to change  password on firefox when you try to logon. Google Chrome keep the
> password whether  
> But when you are connected you got : grace -1 period -1 and no
> autoredirection to "http://alibou.sogo.lala/SOGo/so"; to show
> calendar/mail/...
> 
> Someone would have an idea ?
> 

See bug #659
http://www.sogo.nu/bugs/view.php?id=659

Kind regards,
Christian Mack

-- 
Christian Mack
Universität Konstanz
Kommunikations-, Informations-, Medienzentrum (KIM)
Abteilung Basisdienste
78457 Konstanz
+49 7531 88-4416



smime.p7s
Description: S/MIME Cryptographic Signature

[SOGo] Keep SOGo Password on Firefox, ...

2015-09-23 Thread Maxime RUBINO



Hi all,

File : /usr/lib/GNUstep/SOGo/Templates/MainUI/SOGoRootPage.wox ; line 65

it's possible to change http://alibou.sogo.lala/SOGo/so"; to show
calendar/mail/...

Someone would have an idea ?

--
Cordialement,
Maxime RUBINO - Informaticien Professionnel

RUBIMAX
SASU au capital de 1000€
SIRET 804 010 734 R.C.S Orléans

47 FBG DU PUYRAULT
45230 STE GENEVIEVE DES BOIS

Tél  : 0 972 46 39 87 (appel gratuit depuis une ligne fixe)
Courriel : cont...@rubimax.fr




--
Cordialement,
Maxime RUBINO

--
users@sogo.nu
https://inverse.ca/sogo/lists

[SOGo] Password expiry with Samba4/AD

2015-04-29 Thread Ian McMichael

I have a 2.2.17a system using Samba 4's AD back-end for its 
authentication.  Over the past few days a number of user account 
passwords have expired.  Where these are also Windows users they are 
prompted to change their password at logon to their PC.  However, for 
web-only users, the SOGo logon just denies access now rather than 
prompting for a change.


Is this the expected behaviour?  I have tried with passwordPolicy = YES 
(it was originally set to NO) and this does not seem to make any 
difference.  The following is logged in sogo.log when a user with an 
expired password tries to connect:


Apr 29 10:56:37 sogod [860]: SOGoRootPage Login from '192.168.x.x' for 
user 'username' might not have worked - password policy: 65535 grace: 
-1  expire: -1  bound: 0


Users with unexpired passwords can log in fine with passwordPolicy set 
to either YES or NO.  SOGoPasswordChangeEnabled = YES is also set on the 
server and works fine when the password is still within its lifetime.


Any assistance much appreciated,


Ian.
--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Password truncated before validation

2014-10-06 Thread Max


Le 06/10/2014 11:19, Max a écrit :

Hello,

It seems that SOGo is ignoring password value after 8th char.
I'm using LDAP UserSource on SOGo 2.2.9a-1:amd64 debian package.

I wonder if it's a config problem or a bug.
Are you able to reproduce?


Finally not a SOGo issue.
Some users had an old crypt password encryption in ldap db.

Problem solved, thanks guys
--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Password truncated before validation

2014-10-06 Thread Sven Schwedas

On 2014-10-06 11:19, Max wrote:
> Hello,
> 
> It seems that SOGo is ignoring password value after 8th char.
> I'm using LDAP UserSource on SOGo 2.2.9a-1:amd64 debian package.
> 
> I wonder if it's a config problem or a bug.
> Are you able to reproduce?

Using LDAP (/AD) backend as well here, can't confirm the issue even with
32 character passwords. Seems like a configuration issue.

-- 
Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas
Systemadministrator
TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz
Mail/XMPP: sven.schwe...@tao.at | +43 (0)680 301 7167
http://software.tao.at



signature.asc
Description: OpenPGP digital signature

Re: [SOGo] Password truncated before validation

2014-10-06 Thread Louis-Philippe

Hello,

I have a password longer than ten characters for many weeks. I have no
problem at all.

We use SOGo 2.2.9a on Debian (Squeeze) with OpenLdap.

I use SOGo webmail and Thunderbird with plugins...

Good luck!


2014-10-06 5:19 GMT-04:00 Max :

> Hello,
>
> It seems that SOGo is ignoring password value after 8th char.
> I'm using LDAP UserSource on SOGo 2.2.9a-1:amd64 debian package.
>
> I wonder if it's a config problem or a bug.
> Are you able to reproduce?
> --
> users@sogo.nu
> https://inverse.ca/sogo/lists
>



-- 
Louis-Philippe Gauthier
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

[SOGo] Password truncated before validation

2014-10-06 Thread Max


Hello,

It seems that SOGo is ignoring password value after 8th char.
I'm using LDAP UserSource on SOGo 2.2.9a-1:amd64 debian package.

I wonder if it's a config problem or a bug.
Are you able to reproduce?
--
users@sogo.nu
https://inverse.ca/sogo/lists

[SOGo] SOGo, password change, ldap and posix/nt passwords

2014-05-08 Thread Götz Reinicke - IT Koordinator

Hi,

we have SOGo with an ldap user backend up and running. Now we'd like to
enable the passwordchange feature in SOGo, but for now it only changes
the posix password.

How can we get the NT password also changed at the same time from SOGo?

Is there an option or an other password change command we shall use?

Thanks regards . Götz
-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
E-Mail goetz.reini...@filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Geschäftsführer: Prof. Thomas Schadt



smime.p7s
Description: S/MIME Cryptographic Signature

[SOGo] Password change via Poppassd

2014-03-25 Thread Alessio Cecchi


Hi,

we are running Sogo with MySQL backend for users authentication. We 
would like to enable passowrd change in Sogo but our SOGoUserSources is 
a VIEW in read only.


Others webmail software support Poppassd for password change, so why 
not provide this support also for Sogo?


There are many Poppassd implementation for the most used email server 
and the protocol is realy simple to implement.


Are there others interested in this feature?

--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Password change behavior

2013-11-25 Thread Laz C. Peterson

Jean~

I cannot seem to figure this out for my life ... (Let's hope it doesn't kill 
me! Ha ha ha.)

I know you are a busy man, but if you could point me in the right direction I 
would greatly appreciate it.  Let me break down the summary of the issue.

-- No other services are running on the server except for SOGo.  Nothing aside 
from my config has been modified.
-- User changes password, and password is immediately updated in the LDAP 
database as well as the Kerberos database.  User can authenticate immediately 
to any Kerberos services as well as LDAP services using the new password.
-- After closing "Preferences" window, about 70-80% of the time, clicking 
anywhere brings up the login page.
-- If the login page does not show when clicking on any other SOGo link, all is 
well.
-- If the login page does show, most of the time the user will still be unable 
to log on, even if the user goes to another computer and tries a new session.  
The only way I can describe the behavior here is that if the "usual" URL after 
a successful login is 
https://sogo.paravis.net/SOGo/so/lpeter...@mydomain.com/Mail/view, the URL 
after an unsuccessful login is simply 
https://sogo.paravis.net/SOGo/so/lpeterson.
-- User must wait an undefined period of time, after which everything works 
again with the new password.

I am going to try rebuilding a new server for testing purposes, but I can 
confirm that all LDAP and Kerberos authentication is working great.  The 
password changes perfectly through SOGo.  It seems though that SOGo has 
something cached in its memory that is not being renewed when the password 
changes.  Or maybe it is receiving a response from the LDAP server that makes 
it confused.

Which debug information should I focus my efforts on?  Or how would you suggest 
troubleshooting?  I am truly baffled.  Thank you so much Jean.
~Laz

On Thursday, November 21, 2013 06:45 AM PST, Jean Raby  wrote:
 On 13-11-21 6:45 AM, Jean Raby wrote:
> On 13-11-21 12:09 AM, Laz C. Peterson wrote:
>> Yikes.
>>
>> Then if it shouldn’t matter, I’m sure there’s something else going on here.
> I'll test it. But why are you running with a 10 seconds cache expiration? 
> that's
> really low.
>
I think you're running with passwordpolicy enable in sogo, but the
passowrdpolicy overlay is not enabled in openldap.

Just disable password policy in your sogo user source and it will work properly.

Also, you didn't provide your config file, it would have saved us time and
trouble if you had...

(finally, unless you have a good reason to set the cache cleanup interval so
low, you're probably better off keeping it at its default value)
--
users@sogo.nu
https://inverse.ca/sogo/lists
 -- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Password change behavior

2013-11-25 Thread Laz C. Peterson

Also, maybe this will help.  I get messages like this, when trying to open up 
other windows ...

"object not found: lpeter...@mydomain.com => Mail => 0 => folderINBOX => 1 => 
popupview"
"object not found: lpeter...@mydomain.com => preferences"
"object not found: lpeter...@mydomain.com => logoff"

Sometimes it works flawlessly without any logging off or on.  Most of the time 
the problem is taken care of within 1 minute.  Rarely, but sometimes, the issue 
takes over 3 minutes until the user can log back in again.

No cookies or cache on the user's side are impacting this issue.  
Authentication and mail servers seem to work fine without any issue.  I can 
only think there might be an issue within the SOGo database or cache?

Thank you.
~Laz

On Thursday, November 21, 2013 06:45 AM PST, Jean Raby  wrote:
 On 13-11-21 6:45 AM, Jean Raby wrote:
> On 13-11-21 12:09 AM, Laz C. Peterson wrote:
>> Yikes.
>>
>> Then if it shouldn’t matter, I’m sure there’s something else going on here.
> I'll test it. But why are you running with a 10 seconds cache expiration? 
> that's
> really low.
>
I think you're running with passwordpolicy enable in sogo, but the
passowrdpolicy overlay is not enabled in openldap.

Just disable password policy in your sogo user source and it will work properly.

Also, you didn't provide your config file, it would have saved us time and
trouble if you had...

(finally, unless you have a good reason to set the cache cleanup interval so
low, you're probably better off keeping it at its default value)
--
users@sogo.nu
https://inverse.ca/sogo/lists
 -- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Password change behavior

2013-11-21 Thread Jean Raby


On 13-11-21 6:45 AM, Jean Raby wrote:

On 13-11-21 12:09 AM, Laz C. Peterson wrote:

Yikes.

Then if it shouldn’t matter, I’m sure there’s something else going on here.

I'll test it. But why are you running with a 10 seconds cache expiration? that's
really low.

I think you're running with passwordpolicy enable in sogo, but the 
passowrdpolicy overlay is not enabled in openldap.


Just disable password policy in your sogo user source and it will work properly.

Also, you didn't provide your config file, it would have saved us time and 
trouble if you had...


(finally, unless you have a good reason to set the cache cleanup interval so 
low, you're probably better off keeping it at its default value)

--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Password change behavior

2013-11-21 Thread Laz C. Peterson

Jean,

My apologies for no config file (now attached).  I do have ppolicy enabled in 
the LDAP server, though I am also running another module called "smbkrb5pwd" 
which synchronizes/updates the user's Kerberos password as well.  I am not sure 
if this has any effect, though it may.  I can confirm that user changing 
password through SOGo preferences immediately updates both Kerberos and LDAP 
passwords successfully, and user can authenticate through Kerberos or LDAP with 
no issues using their new password with other services.

As you can see, I have now disabled the manual setting of 
SOGoCacheCleanupInterval.  I only had that set due to another post I had read, 
not because I felt I needed it.  (Bad idea on my part.)

The most interesting thing I have found is that when the "issue" happens, I am 
not able to log in using any browser for a period of time.  I feel that 
changing SOGoCacheCleanupInterval to default affects this even more, though I 
really have no idea.  SOGo authenticates successfully, but never makes it past 
the login screen.  The URL that shows after attempted (successful?) login is 
https://sogo.myemaildomain.com/SOGo/lpeterson ... Not the usual 
https://sogo.myemaildomain.com/SOGo/so/lpeter...@myemaildomain.com/Mail/view.  
And if I type a bad password (for example, the old password), it does respond 
with incorrect password

I am thinking there must be the old password cached somewhere between SOGo, 
LDAP, KDC, or IMAP, but the updated password works quickly for LDAP, KDC, and 
IMAP services.  Relevant services along with SOGo 2.1.1 (Ubuntu 12.04.3) are 
OpenLDAP v2.4.28 (Ubuntu 12.04.3) and Dovecot v2.1.7 (Ubuntu 13.04).

Today is a really bad day for me, but as soon as I get a chance, I am going to 
look into the smbkrb5pwd module that is running alongside ppolicy.  I will 
gladly take any other suggestions, too.

I do appreciate your help very much.  If there is anything I can do to help 
provide more information, please let me know how I can do that.  Thanks again 
Jean.  This is a wonderful piece of software and I am very grateful for your 
efforts.
~Laz

On Thursday, November 21, 2013 06:45 AM PST, Jean Raby  wrote:
 On 13-11-21 6:45 AM, Jean Raby wrote:
> On 13-11-21 12:09 AM, Laz C. Peterson wrote:
>> Yikes.
>>
>> Then if it shouldn’t matter, I’m sure there’s something else going on here.
> I'll test it. But why are you running with a 10 seconds cache expiration? 
> that's
> really low.
>
I think you're running with passwordpolicy enable in sogo, but the
passowrdpolicy overlay is not enabled in openldap.

Just disable password policy in your sogo user source and it will work properly.

Also, you didn't provide your config file, it would have saved us time and
trouble if you had...

(finally, unless you have a good reason to set the cache cleanup interval so
low, you're probably better off keeping it at its default value)
--
users@sogo.nu
https://inverse.ca/sogo/lists

sogo.conf
Description: Binary data

Re: [SOGo] Password change behavior

2013-11-21 Thread Jean Raby


On 13-11-21 12:09 AM, Laz C. Peterson wrote:

Yikes.

Then if it shouldn’t matter, I’m sure there’s something else going on here.
I'll test it. But why are you running with a 10 seconds cache expiration? that's 
really low.


--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Password change behavior

2013-11-21 Thread Laz C. Peterson

Yikes.

Then if it shouldn’t matter, I’m sure there’s something else going on here.

Any suggestions for how I can investigate?  If I leave it sitting long enough 
before I click something, maybe 10-15 seconds, then it seems to work as 
designed.

If I click slightly too fast, here are a couple things that happen (if using 
the same browser/computer) …
1- Any page or link I click to shows up in its frame or window as the login 
screen.
2- Next time I log in, after putting in correct username and password, SOGo 
“logs in” but does not actually get past the login page.  I have copied and 
pasted passwords to make sure that it is exact.  Same result.

I have tested this on 3 computers with similar results (all Mac, diff 
versions), and for right now on my workstation, I’m unable to change the 
password and wait any period of time at all for it to work correctly.  On my 
wife’s laptop, I can still do it, but I have to wait at least 10-15 seconds.

Please give me a step-by-step on how I can get some valuable information.  
Hopefully I can get you back some good information that might help the future 
releases.  I really don’t think anything on my side is out of the ordinary.  If 
so, please help me prove it. =]

I appreciate all of your time and efforts.  Thanks again.
~Laz

On Nov 20, 2013, at 7:29 PM, Jean Raby  wrote:

> On 13-11-20 7:55 PM, Laz C. Peterson wrote:
>> I do have “SOGoCacheCleanupInterval” set to 10, if that makes any difference.
> Why is the cleanup interval set so low?
> 
> It should work anyway, but I'm curious. Also, for the record, I was testing 
> with chrome. (with the default cache cleanup interval: 300)
> -- 
> users@sogo.nu
> https://inverse.ca/sogo/lists

-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Password change behavior

2013-11-20 Thread Jean Raby


On 13-11-20 7:55 PM, Laz C. Peterson wrote:

I do have “SOGoCacheCleanupInterval” set to 10, if that makes any difference.

Why is the cleanup interval set so low?

It should work anyway, but I'm curious. Also, for the record, I was testing with 
chrome. (with the default cache cleanup interval: 300)

--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Password change behavior

2013-11-20 Thread Laz C. Peterson

Jean, hello.

You are correct, it does work just fine as you have designed.  Which browser 
are you using?

There was nothing abnormal in the logs, neither on the LDAP server nor the SOGo 
server.  All looks good.  This is not debug logging, however.

Maybe you can try reproducing the problem.  I have been primarily using FireFox 
lately, which is the browser that is not acting properly.  After I sent my 
initial message, I decided to try Safari just for fun, and that worked 
*perfectly*.

If you don’t use FireFox, would you mind trying that out and see if you get the 
same result?

I’m a little confused as to why it would act that way.  Possibly it is an issue 
on my specific workstation’s install of FireFox?

Thanks for your response.  Please let me know if there is any more information 
I can get for you.
~Laz

On Nov 20, 2013, at 2:14 PM, Jean Raby  wrote:

> On 13-11-20 4:16 PM, Laz C. Peterson wrote:
>> Can someone please fill me in on the expected behavior of SOGo after the 
>> user changes their password through preferences?
>> 
>> My users, who can change their passwords just fine through the preferences, 
>> get stuck in SOGo after changing the password.  It appears as if they are 
>> still logged in, but if they go to write a new message or click on a 
>> different feature (such as Calendar), they are presented with a login box.  
>> (At this point, they can log in fine using their new password.)
>> 
>> I want to confirm that this is by design, or if there is something I need to 
>> look into.  It seems that either the user should not have to relog in at 
>> all, or that the user should immediately be logged off and presented with a 
>> new login screen.
> Can you explain or post your sogo configuration?
> Anything relevant in the logs?
> 
> I just tested this with sogo using openldap as its auth backend and it works 
> as designed. That is:  when I change my password, I can still use sogo 
> without having to log back in.
> 
>> 
>> Thanks for any help.
>> ~Laz--
> 
> 
> -- 
> users@sogo.nu
> https://inverse.ca/sogo/lists

-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Password change behavior

2013-11-20 Thread Laz C . Peterson

Jean,

So I went to another computer of mine and tried both FireFox and Safari (sorry, 
no Windows systems here!) and neither worked properly.  On my workstation, 
FireFox does not work, and in further testing, I noticed that Safari did not 
actually work every time.  So I tried a little troubleshooting ...

I changed my password and stayed in the “Preferences” screen for a little while 
before clicking out.  If I stay for a little while without clicking, it seems 
to work!  If I close out almost immediately after and try doing other things, I 
get an error message something like "object not found: 
lpeter...@myemaildomain.com => Mail => 0 => compose”.

I do have “SOGoCacheCleanupInterval” set to 10, if that makes any difference.

Attached is the SOGo debug log when it does not work and the SOGo debug log 
when it does.  I honestly don’t know the difference of what we’re looking at 
there.  Maybe I can try and get some better-looking logs for you, just let me 
know how.

Also, the latency and connection between all of the servers is great (<0.3ms 
average) …

Thanks again Jean.
~Laz

-- 
users@sogo.nu
https://inverse.ca/sogo/lists

sogo.log-broken
Description: Binary data

sogo.log-working
Description: Binary data

On Nov 20, 2013, at 2:14 PM, Jean Raby  wrote:

> On 13-11-20 4:16 PM, Laz C. Peterson wrote:
>> Can someone please fill me in on the expected behavior of SOGo after the 
>> user changes their password through preferences?
>> 
>> My users, who can change their passwords just fine through the preferences, 
>> get stuck in SOGo after changing the password.  It appears as if they are 
>> still logged in, but if they go to write a new message or click on a 
>> different feature (such as Calendar), they are presented with a login box.  
>> (At this point, they can log in fine using their new password.)
>> 
>> I want to confirm that this is by design, or if there is something I need to 
>> look into.  It seems that either the user should not have to relog in at 
>> all, or that the user should immediately be logged off and presented with a 
>> new login screen.
> Can you explain or post your sogo configuration?
> Anything relevant in the logs?
> 
> I just tested this with sogo using openldap as its auth backend and it works 
> as designed. That is:  when I change my password, I can still use sogo 
> without having to log back in.
> 
>> 
>> Thanks for any help.
>> ~Laz--
> 
> 
> -- 
> users@sogo.nu
> https://inverse.ca/sogo/lists

Re: [SOGo] Password change behavior

2013-11-20 Thread Laz C. Peterson

I might add that the behavior I see in Safari works as I would expect — 
changing password simply changes password and leaves all other functions 
working as they were, including SOGo, email and calendar.

FireFox, on the other hand, exhibits the behavior where the authentication gets 
broken and the website does not display or operate properly until user logs 
back in.

Thanks for any help.
~Laz


On Nov 20, 2013, at 1:16 PM, Laz C. Peterson  wrote:

> Can someone please fill me in on the expected behavior of SOGo after the user 
> changes their password through preferences?
> 
> My users, who can change their passwords just fine through the preferences, 
> get stuck in SOGo after changing the password.  It appears as if they are 
> still logged in, but if they go to write a new message or click on a 
> different feature (such as Calendar), they are presented with a login box.  
> (At this point, they can log in fine using their new password.)
> 
> I want to confirm that this is by design, or if there is something I need to 
> look into.  It seems that either the user should not have to relog in at all, 
> or that the user should immediately be logged off and presented with a new 
> login screen.
> 
> Thanks for any help.
> ~Laz-- 
> users@sogo.nu
> https://inverse.ca/sogo/lists

-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Password change behavior

2013-11-20 Thread Jean Raby


On 13-11-20 4:16 PM, Laz C. Peterson wrote:

Can someone please fill me in on the expected behavior of SOGo after the user 
changes their password through preferences?

My users, who can change their passwords just fine through the preferences, get 
stuck in SOGo after changing the password.  It appears as if they are still 
logged in, but if they go to write a new message or click on a different 
feature (such as Calendar), they are presented with a login box.  (At this 
point, they can log in fine using their new password.)

I want to confirm that this is by design, or if there is something I need to 
look into.  It seems that either the user should not have to relog in at all, 
or that the user should immediately be logged off and presented with a new 
login screen.

Can you explain or post your sogo configuration?
Anything relevant in the logs?

I just tested this with sogo using openldap as its auth backend and it works as 
designed. That is:  when I change my password, I can still use sogo without 
having to log back in.




Thanks for any help.
~Laz--



--
users@sogo.nu
https://inverse.ca/sogo/lists

[SOGo] Password change behavior

2013-11-20 Thread Laz C. Peterson

Can someone please fill me in on the expected behavior of SOGo after the user 
changes their password through preferences?

My users, who can change their passwords just fine through the preferences, get 
stuck in SOGo after changing the password.  It appears as if they are still 
logged in, but if they go to write a new message or click on a different 
feature (such as Calendar), they are presented with a login box.  (At this 
point, they can log in fine using their new password.)

I want to confirm that this is by design, or if there is something I need to 
look into.  It seems that either the user should not have to relog in at all, 
or that the user should immediately be logged off and presented with a new 
login screen.

Thanks for any help.
~Laz-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Password Encryption for SOGo with Dovecot and Postfix

2013-08-06 Thread SOGo Noob

Hi and thanks for taking the time to respond.

After reviewing your advice I have begun the process of swapping from MySQL
auth back over to LDAP auth, and can see that functionality via LDAP seems
much greater.

I have a quick question though, does SOGo have any user administration
methods without falling back to an LDAP management system? For example, our
clients normally have one user that would like the ability to create new
mailboxes and distribution groups etc - is there an easy way to accommodate
such control or do we need to look at another approach for this?

Cheers again


On 5 August 2013 08:59, Jan-Frode Myklebust  wrote:

> On Fri, Aug 02, 2013 at 05:33:15PM +0100, SOGo Noob wrote:
> >
> > My plan is this:
> > We have a new cleanly installed Ubuntu 12.04 server for mail, and we've
> > opted to use MySQL for authentication and for basic storage. We will be
> > using Postfix and Dovecot for mail transport and imap/pop respectively.
> All
> > of which seems to make sense so far, and much of this is configured
> already.
> >
> > My issue is with choosing the correct password encryption. We need it to
> be
> > compatible with SOGo, Dovecot and Postfix, and we need mail client
> support
> > for all major platforms.
>
> I'm working for an ISP, running SOGo for webmail, postfix for SMTP and
> dovecot for LMTP/POP/IMAP -- for a little under 100
> maildomains/1M-accounts. Earlier (before SOGo) we used MySQL for
> user-database, but have moved over to a LDAP (389ds) for holding the
> user-database. And I would strongly advice you to consider doing the
> same.
>
> All services are speaking directly to the ldap-servers. When users
> needs to authenticate, this is handled trough the ldap bind() operation,
> so that none of the services need to know anything about encryption
> schemes,
> and also they don't have access to read the users' hashes.
>
> LDAP/389ds gives you proper multi-master setup, so that you can easily
> configure a highly available environment, and also scale out if needed.
>
> > Obviously we need to administer the server too,
> > some clean cli commands to generate new passwords would be great. What
> > would the list recommend as an adopted password encryption that is simple
> > to deploy but at the same time secure?
>
> Lots of options for editing LDAP data.. ldapvi, ldapsearch, ldapmodify,
> apache directory studio and probably several web-based options exists.
>
>
>   -jf
>
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Password Encryption for SOGo with Dovecot and Postfix

2013-08-06 Thread SOGo Noob

That was the approach I was planning to take if there was nothing with
SOGo, self-developed secure web admin pages for clients that can handle
changes to LDAP. It's really handy to chat with someone who has deployed
the system in the same way that we plan to - thanks again for your time!


On 6 August 2013 10:12, Jan-Frode Myklebust  wrote:

> On Tue, Aug 06, 2013 at 09:52:46AM +0100, SOGo Noob wrote:
> >
> > After reviewing your advice I have begun the process of swapping from
> MySQL
> > auth back over to LDAP auth, and can see that functionality via LDAP
> seems
> > much greater.
>
> Cool.
>
> >
> > I have a quick question though, does SOGo have any user administration
> > methods without falling back to an LDAP management system? For example,
> our
> > clients normally have one user that would like the ability to create new
> > mailboxes and distribution groups etc - is there an easy way to
> accommodate
> > such control or do we need to look at another approach for this?
>
> I don't think SOGo has any user administration features. We do our user
> administration by internally developed self-care webpages for our
> customers. These just add/delete/modify ldap-users by talking "directly"
> with the directory server. (maybe not really directly, but by submitting a
> job to a queueing system that then talks with the directory server)
>
> All our mail provisioning is handled trough LDAP. If a new domain gets
> added to o=$domainname.com,o=ISP,o=example,c=com, this will
> automatically be used by postfix/dovecot/sogo, and users created there
> can immediately receive email and use the webmail.
>
>
>   -jf
>
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Password Encryption for SOGo with Dovecot and Postfix

2013-08-06 Thread Jan-Frode Myklebust

On Tue, Aug 06, 2013 at 09:52:46AM +0100, SOGo Noob wrote:
> 
> After reviewing your advice I have begun the process of swapping from MySQL
> auth back over to LDAP auth, and can see that functionality via LDAP seems
> much greater.

Cool. 

> 
> I have a quick question though, does SOGo have any user administration
> methods without falling back to an LDAP management system? For example, our
> clients normally have one user that would like the ability to create new
> mailboxes and distribution groups etc - is there an easy way to accommodate
> such control or do we need to look at another approach for this?

I don't think SOGo has any user administration features. We do our user
administration by internally developed self-care webpages for our
customers. These just add/delete/modify ldap-users by talking "directly"
with the directory server. (maybe not really directly, but by submitting a
job to a queueing system that then talks with the directory server)

All our mail provisioning is handled trough LDAP. If a new domain gets
added to o=$domainname.com,o=ISP,o=example,c=com, this will
automatically be used by postfix/dovecot/sogo, and users created there
can immediately receive email and use the webmail.

  -jf
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Password Encryption for SOGo with Dovecot and Postfix

2013-08-05 Thread Jan-Frode Myklebust

On Fri, Aug 02, 2013 at 05:33:15PM +0100, SOGo Noob wrote:
> 
> My plan is this:
> We have a new cleanly installed Ubuntu 12.04 server for mail, and we've
> opted to use MySQL for authentication and for basic storage. We will be
> using Postfix and Dovecot for mail transport and imap/pop respectively. All
> of which seems to make sense so far, and much of this is configured already.
> 
> My issue is with choosing the correct password encryption. We need it to be
> compatible with SOGo, Dovecot and Postfix, and we need mail client support
> for all major platforms.

I'm working for an ISP, running SOGo for webmail, postfix for SMTP and
dovecot for LMTP/POP/IMAP -- for a little under 100
maildomains/1M-accounts. Earlier (before SOGo) we used MySQL for 
user-database, but have moved over to a LDAP (389ds) for holding the 
user-database. And I would strongly advice you to consider doing the
same.

All services are speaking directly to the ldap-servers. When users
needs to authenticate, this is handled trough the ldap bind() operation,
so that none of the services need to know anything about encryption schemes,
and also they don't have access to read the users' hashes.

LDAP/389ds gives you proper multi-master setup, so that you can easily
configure a highly available environment, and also scale out if needed.

> Obviously we need to administer the server too,
> some clean cli commands to generate new passwords would be great. What
> would the list recommend as an adopted password encryption that is simple
> to deploy but at the same time secure?

Lots of options for editing LDAP data.. ldapvi, ldapsearch, ldapmodify, 
apache directory studio and probably several web-based options exists.

  -jf
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

[SOGo] Password Encryption for SOGo with Dovecot and Postfix

2013-08-02 Thread SOGo Noob

Hi All

I'm in the process of designing and configuring a new SOGo groupware server
and I'm just trying to decide on the best and most compatible solution for
our setup. Hopefully some of you lovely people might have come across this
config before and have some tips or advice for me.

We will be running a service provider setup, whereby our clients will need
to access contacts and calendars for others in their organisation but not
from other organisations. We will be configuring a new DB table for each
new client, and so will be using a new UserSource definition to identify
this to SOGo.

My plan is this:
We have a new cleanly installed Ubuntu 12.04 server for mail, and we've
opted to use MySQL for authentication and for basic storage. We will be
using Postfix and Dovecot for mail transport and imap/pop respectively. All
of which seems to make sense so far, and much of this is configured already.

My issue is with choosing the correct password encryption. We need it to be
compatible with SOGo, Dovecot and Postfix, and we need mail client support
for all major platforms. Obviously we need to administer the server too,
some clean cli commands to generate new passwords would be great. What
would the list recommend as an adopted password encryption that is simple
to deploy but at the same time secure?

Thanks, SOGoNoob
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] password virtual appliance admin ldap

2013-04-04 Thread Francis Lachapelle

Hi
On 2013-04-03, at 5:45 AM, pva...@parcdesalutmar.cat wrote:

> I downloaded and imported the virtual appliance to virtual box.
> 
> The machine it's running.
> 
> but i don't find  the password of the ldap admin and i'll like create a new
> user.
> 
> Does anyone know please ?

Make a guess. It's "sogo".

:)

The DN is cn=admin,dc=example,dc=com.

Francis

--
flachape...@inverse.ca :: +1.514.755.3640 :: http://www.inverse.ca
Inverse :: Leaders behind SOGo (http://sogo.nu) and PacketFence 
(http://packetfence.org)

-- 
users@sogo.nu
https://inverse.ca/sogo/lists

[SOGo] password virtual appliance admin ldap

2013-04-03 Thread pvalls

hello,

I downloaded and imported the virtual appliance to virtual box.

The machine it's running.

but i don't find  the password of the ldap admin and i'll like create a new
user.

Does anyone know please ?
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

[SOGo] SOGo & Password Change in IMAP

2012-08-01 Thread Dominique


Hi,

SOGo password change options works nicely for SOGo and is easy to manage 
for the end user but creates problems with the IMAP mail account 
associated with it.


In our setting (SOGo/Postfix/Cyrus) mail accounts and their passwords 
are stored in a mysql database sitting next to the SOGo one.


When we change the password in SOGo, the mail part remains unchanged, 
creating a problem when trying to access the mail after the change (same 
user name / different password).


I know all setups are not the same (especially the ones with LDAP), but 
for simpler setups, how can we have the IMAP password changed at the 
same time in a simple manner for the user ? The SOGo interface is simple 
enough for a user to perform and it would be nice if SOGo could take 
care of the entire process.


Thanks for any clue how to solve that one.

Dominique
--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] password hashes w crypt-md5 + salt in (My)SQL db in sogo 2.0 (SOLVED)

2012-06-14 Thread Andreas Balg


Great ! This did the trick - It works without problems now to authenticate directly against ISPConfig 3
Database - just v^created a view for SOGo

Thanks al lot!

Am Donnerstag, 14. Juni 2012 13:05 CEST, "Hans de Groot"  schrieb:


	
	Hi,
	
	I do know one thing, the documentation states to use crypt-md5 but it should be md5-crypt as authentication method. ie:
	
	    userPasswordAlgorithm
	    md5-crypt
	
	I made a view to my own user table in an other database and that works. So I gues that a view to an ISPConfig database should work too.
	
	Hans de Groot
	
	
	
	On Thursday, June 14, 2012 13:00 CEST, "Andreas Balg"  wrote:
	
	
		
		Oncew more trying to integrate SOGo with ISPConfig 3 managed accounts and mailboxes.
		
		I've found various mails regarding the support of crypt-md5 password hashes in SQL databases
		(as used by ISPConfig 3 for mail users)  so what is the current status of crypt-md with SQLdb's in  sogo 2.0 ?
		
		Did anybody figure out how to automate a synchronisation or configure sogo to use an SQL-View
		directly with the database from ISPConfig 3 to authenticate users?
		
		How may we authenticate users against that DB?
		
		cheers
		Andreas Balg

Re: [SOGo] password hashes w crypt-md5 + salt in (My)SQL db in sogo 2.0?

2012-06-14 Thread Hans de Groot


Hi,

I do know one thing, the documentation states to use crypt-md5 but it should be md5-crypt as authentication method. ie:

    userPasswordAlgorithm
    md5-crypt

I made a view to my own user table in an other database and that works. So I gues that a view to an ISPConfig database should work too.

Hans de Groot



On Thursday, June 14, 2012 13:00 CEST, "Andreas Balg"  wrote:


	
	Oncew more trying to integrate SOGo with ISPConfig 3 managed accounts and mailboxes.
	
	I've found various mails regarding the support of crypt-md5 password hashes in SQL databases
	(as used by ISPConfig 3 for mail users)  so what is the current status of crypt-md with SQLdb's in  sogo 2.0 ?
	
	Did anybody figure out how to automate a synchronisation or configure sogo to use an SQL-View
	directly with the database from ISPConfig 3 to authenticate users?
	
	How may we authenticate users against that DB?
	
	cheers
	Andreas Balg

[SOGo] password hashes w crypt-md5 + salt in (My)SQL db in sogo 2.0?

2012-06-14 Thread Andreas Balg


Oncew more trying to integrate SOGo with ISPConfig 3 managed accounts and mailboxes.

I've found various mails regarding the support of crypt-md5 password hashes in SQL databases
(as used by ISPConfig 3 for mail users)  so what is the current status of crypt-md with SQLdb's in  sogo 2.0 ?

Did anybody figure out how to automate a synchronisation or configure sogo to use an SQL-View
directly with the database from ISPConfig 3 to authenticate users?

How may we authenticate users against that DB?

cheers
Andreas Balg

[SOGo] Password change using LDAP EXOP

2011-11-10 Thread Ian McMichael

I have recently completed a migration from Lotus Notes to SOGo, using 
OpenLDAP, Dovecot and MySQL as the backends. Notes was Windows based and 
I wanted to take the opportunity to migrate to SAMBA and integrate it to 
the LDAP DIT at the same time.


Now the migration is complete, I would like users to be able to change 
their passwords. I enabled SOGoPasswordChangeEnabled and tested a 
password change via preferences in the SOGo web interface. It would 
appear this does an LDAP MODIFY operation on the userPassword attribute.


To keep the SAMBA and Linux passwords in sync, I have found this great 
overlay for OpenLDAP:


http://www.opinsys.fi/en/smbkrb5pwd-password-syncing-for-openldap-mit-kerberos-and-samba

However, it relies on the password being changed by an LDAP EXOP 
operation. PAM can do this for Linux and SAMBA can be configured to 
change both its password attributes and userPassword. So, now I am just 
stuck with the SOGo web interface breaking the synchronisation.


Is there a way to get SOGo to issue an EXOP to change the password so 
that the overlay can be called in OpenLDAP? Are there any other hooks 
into the password change process I could use to execute something like 
smbldap-passwd to do the job instead?


Does anyone else synchronise SOGo and SAMBA passwords via their LDAP 
directory? If so, how have you achieved this?


Thanks in advance,

--

Ian McMichael

• E-Mail: ian.mcmich...@gmail.com
• Phone: +44-(0)7703-192837


--
users@sogo.nu
https://inverse.ca/sogo/lists

[SOGo] Password setting in SOGo WebUI

2011-02-28 Thread Philipp Strobl


Hi,

for some reason, i can't change passord in sogo webui.
When successfully login in and go to preferences, changing password is 
granted as "successfully", but log says:


localhost - - [28/Feb/2011:12:29:14 GMT] "GET /SOGo/so/test/preferences 
HTTP/1.1" 200 14981/0 0.044 61779 75% 64K
localhost - - [28/Feb/2011:12:29:39 GMT] "POST /SOGo/so/changePassword 
HTTP/1.1" 204 0/163 0.017 - - 8K
Feb 28 12:29:45 sogod [10422]: <0x0x199f6830[WOPasswordField]> -[WOInput 
takeValuesFromRequest:inContext:]: form value is not settable: 
<0x0x199f6aa0[WOValueAssociation]: value="">
Feb 28 12:29:45 sogod [10422]: <0x0x199f7360[WOPasswordField]> -[WOInput 
takeValuesFromRequest:inContext:]: form value is not settable: 
<0x0x199f75d0[WOValueAssociation]: value="">
Feb 28 12:29:48 sogod [10422]: [ERROR] <0x199E9920[SOGoMailAccount]:0> 
failure. Attempting with a renewed password.
Feb 28 12:29:55 sogod [10422]: [ERROR] <0x199E9920[SOGoMailAccount]:0> 
Could not login 't...@pilarkto.org' (blub4) on Sieve server: 
<0x0x199bcdf0[NGSieveClient]: socket=mode=rw address=<0x0x197d89a0[NGInternetSocketAddress]: host=localhost 
port=48290> connectedTo=<0x0x19d6d4d0[NGInternetSocketAddress]: 
host=localhost port=4190>>>: {RawResponse = "{ok = 0; reason = 
\"Authentication failed.\"; }"; result = 0; }
localhost - - [28/Feb/2011:12:29:55 GMT] "POST /SOGo/so/test/preferences 
HTTP/1.1" 200 293/2031 10.101 - - 24K

==
ldap says:

Feb 28 12:45:24 com6 slapd[27243]: conn=12102 fd=19 ACCEPT from 
IP=127.0.0.1:50444 (IP=0.0.0.0:389)
Feb 28 12:45:24 com6 slapd[27243]: conn=12102 op=0 BIND 
dn="uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net" method=128
Feb 28 12:45:24 com6 slapd[27243]: conn=12102 op=0 BIND 
dn="uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net" mech=SIMPLE ssf=0
Feb 28 12:45:24 com6 slapd[27243]: conn=12102 op=0 RESULT tag=97 err=0 
text=
Feb 28 12:45:24 com6 slapd[27243]: conn=12102 op=1 MOD 
dn="uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net"

Feb 28 12:45:24 com6 slapd[27243]: conn=12102 op=1 MOD attr=userPassword
Feb 28 12:45:24 com6 slapd[27243]: conn=12102 op=1 RESULT tag=103 err=0 
text=

Feb 28 12:45:24 com6 slapd[27243]: conn=12102 op=2 UNBIND
Feb 28 12:45:24 com6 slapd[27243]: conn=12102 fd=19 closed
Feb 28 12:45:27 com6 slapd[27243]: conn=12103 fd=19 ACCEPT from 
IP=127.0.0.1:50447 (IP=0.0.0.0:389)
Feb 28 12:45:27 com6 slapd[27243]: conn=12103 op=0 BIND 
dn="uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net" method=128
Feb 28 12:45:27 com6 slapd[27243]: conn=12103 op=0 BIND 
dn="uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net" mech=SIMPLE ssf=0
Feb 28 12:45:27 com6 slapd[27243]: conn=12103 op=0 RESULT tag=97 err=0 
text=
Feb 28 12:45:27 com6 slapd[27243]: conn=12103 op=1 MOD 
dn="uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net"

Feb 28 12:45:27 com6 slapd[27243]: conn=12103 op=1 MOD attr=userPassword
Feb 28 12:45:27 com6 slapd[27243]: conn=12103 op=1 RESULT tag=103 err=0 
text=

Feb 28 12:45:27 com6 slapd[27243]: conn=12103 op=2 UNBIND
Feb 28 12:45:27 com6 slapd[27243]: conn=12103 fd=19 closed
Feb 28 12:45:53 com6 slapd[27243]: conn=12104 fd=19 ACCEPT from 
IP=127.0.0.1:50450 (IP=0.0.0.0:389)
Feb 28 12:45:53 com6 slapd[27243]: conn=12104 op=0 BIND 
dn="uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net" method=128
Feb 28 12:45:53 com6 slapd[27243]: conn=12104 op=0 BIND 
dn="uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net" mech=SIMPLE ssf=0
Feb 28 12:45:53 com6 slapd[27243]: conn=12104 op=0 RESULT tag=97 err=0 
text=
Feb 28 12:45:53 com6 slapd[27243]: conn=12104 op=1 MOD 
dn="uid=test,o=pilarkto.org,ou=users,dc=pilarkto,dc=net"

Feb 28 12:45:53 com6 slapd[27243]: conn=12104 op=1 MOD attr=userPassword
Feb 28 12:45:53 com6 slapd[27243]: conn=12104 op=1 RESULT tag=103 err=0 
text=

Feb 28 12:45:53 com6 slapd[27243]: conn=12104 op=2 UNBIND
Feb 28 12:45:53 com6 slapd[27243]: conn=12104 fd=19 closed


It seems, that the modification on ldap is working, but password 
(scheme) missmatches.

I'm using "sha" and  "bindasuser" for this SoGoSource.
The passwordpolicy is probably not what i want (!?)

Now i can log into the webui (with new password), but there is now 
mail/mailboxes, because IMAP/sieve login failed




Best Regards
Philipp

--
Philipp v. Strobl-Albeg
- PILAKRTO NETWORKS -

Mobil +49 151 270 39710

http://www.pilarkto.net

--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] SOGo password change, plain text only ?

2010-10-12 Thread Mohit Chawla

Hi,

Thanks a lot for those, Jason !

On Tue, Oct 12, 2010 at 9:13 PM, Jason Oster wrote:

> On 10/12/2010 04:54 AM, Mohit Chawla wrote:
>
>>If anyone else runs into this, its as simple as enabling the
>>passwordPolicy option in the user sources configuration. (
>>passwordPolicy = YES )
>>
>>
>>
>> Ok, not that easy.
>>
>> That adds a bunch of things that need to be configured for LDAP, mainly
>> figuring out how to use the ppolicy schema or the module, the slapd.conf
>> directives et al. If somebody has pointers for a minimal setup for this,
>> it would be nice to know.
>>
>
> I've been doing some research on the OpenLDAP ppolicy overlay.  While I
> haven't implemented it yet, I do have some resources to suggest:
>
> * http://www.symas.com/blog/?page_id=66
> * http://www.openldap.org/doc/admin24/overlays.html#Password%20Policies
> *
> http://www.openldap.org/software/man.cgi?query=slapo-ppolicy&apropos=0&sektion=5&manpath=OpenLDAP+2.3-Release&format=html
> --
> users@sogo.nu
> https://inverse.ca/sogo/lists
>
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] SOGo password change, plain text only ?

2010-10-12 Thread Cesare Visentin


 Il 12/10/2010 17:43, Jason Oster ha scritto:

On 10/12/2010 04:54 AM, Mohit Chawla wrote:

If anyone else runs into this, its as simple as enabling the
passwordPolicy option in the user sources configuration. (
passwordPolicy = YES )



Ok, not that easy.

That adds a bunch of things that need to be configured for LDAP, mainly
figuring out how to use the ppolicy schema or the module, the slapd.conf
directives et al. If somebody has pointers for a minimal setup for this,
it would be nice to know.


I've been doing some research on the OpenLDAP ppolicy overlay.  While 
I haven't implemented it yet, I do have some resources to suggest:


* http://www.symas.com/blog/?page_id=66
* http://www.openldap.org/doc/admin24/overlays.html#Password%20Policies
* 
http://www.openldap.org/software/man.cgi?query=slapo-ppolicy&apropos=0&sektion=5&manpath=OpenLDAP+2.3-Release&format=html


hi,

I tried both (1.3.2&  1.3.1) with virtualbox 3.2.10 not-ose but it's impossible
to import.
I created a machine with the same specifications as the OVF file with vmdk HD
but does not recognize the network adapter eth0 (with bridge) and if I change
the system it's reset after reboot.

1. VirtulaBox - witch one?
2. I can permanently change ZEG? or it's only a demo...

Cesare

--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] SOGo password change, plain text only ?

2010-10-12 Thread Jason Oster


On 10/12/2010 04:54 AM, Mohit Chawla wrote:

If anyone else runs into this, its as simple as enabling the
passwordPolicy option in the user sources configuration. (
passwordPolicy = YES )



Ok, not that easy.

That adds a bunch of things that need to be configured for LDAP, mainly
figuring out how to use the ppolicy schema or the module, the slapd.conf
directives et al. If somebody has pointers for a minimal setup for this,
it would be nice to know.


I've been doing some research on the OpenLDAP ppolicy overlay.  While I 
haven't implemented it yet, I do have some resources to suggest:


* http://www.symas.com/blog/?page_id=66
* http://www.openldap.org/doc/admin24/overlays.html#Password%20Policies
* 
http://www.openldap.org/software/man.cgi?query=slapo-ppolicy&apropos=0&sektion=5&manpath=OpenLDAP+2.3-Release&format=html

--
users@sogo.nu
https://inverse.ca/sogo/lists<>

Re: [SOGo] SOGo password change, plain text only ?

2010-10-12 Thread Mohit Chawla

On Tue, Oct 12, 2010 at 6:30 PM, Francis Lachapelle
wrote:

>
> On Oct 12, 2010, at 7:54 AM, Mohit Chawla wrote:
>
> > Ok, not that easy.
> >
> > That adds a bunch of things that need to be configured for LDAP, mainly
> figuring out how to use the ppolicy schema or the module, the slapd.conf
> directives et al. If somebody has pointers for a minimal setup for this, it
> would be nice to know.
>
> I suggest reading this following page :
>
> http://www.zytrax.com/books/ldap/ch6/ppolicy.html
>
>
> Francis
>
> --
> flachape...@inverse.ca :: +1.514.755.3640 :: http://www.inverse.ca
> Inverse :: Leaders behind SOGo (http://sogo.nu) and PacketFence (
> http://packetfence.org)
>
> --
> users@sogo.nu
> https://inverse.ca/sogo/lists
>

Yes, that and the man pages are nicely written. But some validation still
will be helpful !

This is what I am doing:

*slapd.conf* (relevant snippet)

include /etc/ldap/schema/ppolicy.schema

database bdb
overlayppolicy
ppolicy_default "cn=defaultpolicy,dc=foo,dc=com"

*defaultpolicy*

# defaultpolicy, foo.com
dn: cn=defaultpolicy,dc=foo,dc=com
cn: defaultpolicy
sn: defaultpolicy
objectClass: pwdPolicy
objectClass: person
pwdAttribute: userPassword

This seems to make SOGo work fine (otherwise a user requires two logins
initially for successful authentication ) and no errors are present in the
slapd logs ( if this is not in place then slapd complains about a
slapd_control not being available, related to ppolicy).

If anyone has any tips regarding this minimal configuration, that would be
nice !

Thanks.
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] SOGo password change, plain text only ?

2010-10-12 Thread Francis Lachapelle


On Oct 12, 2010, at 7:54 AM, Mohit Chawla wrote:

> Ok, not that easy.
> 
> That adds a bunch of things that need to be configured for LDAP, mainly 
> figuring out how to use the ppolicy schema or the module, the slapd.conf 
> directives et al. If somebody has pointers for a minimal setup for this, it 
> would be nice to know. 

I suggest reading this following page :

http://www.zytrax.com/books/ldap/ch6/ppolicy.html


Francis

--
flachape...@inverse.ca :: +1.514.755.3640 :: http://www.inverse.ca
Inverse :: Leaders behind SOGo (http://sogo.nu) and PacketFence 
(http://packetfence.org)

-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] SOGo password change, plain text only ?

2010-10-12 Thread Mohit Chawla

On Tue, Oct 12, 2010 at 3:08 PM, Mohit Chawla  wrote:

>
>
> On Tue, Oct 12, 2010 at 2:25 PM, Mohit Chawla <
> mohit.chawla.bin...@gmail.com> wrote:
>
>> Ok seems like there's a problem with the way SOGo performs the extended
>> operation for changing the password. By default anyway, the password-hash
>> directive for slapd.conf is {SSHA}, but I anyway explicitly mentioned it.
>> Still the user password is being stored in clear text.
>>
>>
>> On Tue, Oct 12, 2010 at 1:41 PM, Mohit Chawla <
>> mohit.chawla.bin...@gmail.com> wrote:
>>
>>> Hi,
>>>
>>> Thanks for the pointer James ! Will look into this.
>>>
>>>
>>>
>>> On Tue, Oct 12, 2010 at 12:55 PM, James Andrewartha 
>>> wrote:
>>>
 On 09/10/10 19:35, Mohit Chawla wrote:
 > Hi,
 >
 > Is there a way to make SOGo store a changed password in an encrypted
 > format rather than plain text ? The thought of having plain text
 > passwords in ldap is sort of intriguing, no ?
 >
 > Is it on the road map ?

 SOGo [1] uses the LDAP change password extended operation, so it's a
 matter of configuring your LDAP server to hash the password.

 [1] Well, the SOGo patch to SOPE. The function is changePasswordAtDn in
 sope-ldap/NGLdap/NGLdapConnection.m

 --
 James Andrewartha
 --
 users@sogo.nu
 https://inverse.ca/sogo/lists

>>>
>>>
>>
> If anyone else runs into this, its as simple as enabling the passwordPolicy
> option in the user sources configuration. ( passwordPolicy = YES )
>


Ok, not that easy.

That adds a bunch of things that need to be configured for LDAP, mainly
figuring out how to use the ppolicy schema or the module, the slapd.conf
directives et al. If somebody has pointers for a minimal setup for this, it
would be nice to know.
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] SOGo password change, plain text only ?

2010-10-12 Thread Mohit Chawla

On Tue, Oct 12, 2010 at 2:25 PM, Mohit Chawla  wrote:

> Ok seems like there's a problem with the way SOGo performs the extended
> operation for changing the password. By default anyway, the password-hash
> directive for slapd.conf is {SSHA}, but I anyway explicitly mentioned it.
> Still the user password is being stored in clear text.
>
>
> On Tue, Oct 12, 2010 at 1:41 PM, Mohit Chawla <
> mohit.chawla.bin...@gmail.com> wrote:
>
>> Hi,
>>
>> Thanks for the pointer James ! Will look into this.
>>
>>
>>
>> On Tue, Oct 12, 2010 at 12:55 PM, James Andrewartha wrote:
>>
>>> On 09/10/10 19:35, Mohit Chawla wrote:
>>> > Hi,
>>> >
>>> > Is there a way to make SOGo store a changed password in an encrypted
>>> > format rather than plain text ? The thought of having plain text
>>> > passwords in ldap is sort of intriguing, no ?
>>> >
>>> > Is it on the road map ?
>>>
>>> SOGo [1] uses the LDAP change password extended operation, so it's a
>>> matter of configuring your LDAP server to hash the password.
>>>
>>> [1] Well, the SOGo patch to SOPE. The function is changePasswordAtDn in
>>> sope-ldap/NGLdap/NGLdapConnection.m
>>>
>>> --
>>> James Andrewartha
>>> --
>>> users@sogo.nu
>>> https://inverse.ca/sogo/lists
>>>
>>
>>
>
If anyone else runs into this, its as simple as enabling the passwordPolicy
option in the user sources configuration. ( passwordPolicy = YES )
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] SOGo password change, plain text only ?

2010-10-12 Thread Mohit Chawla

Ok seems like there's a problem with the way SOGo performs the extended
operation for changing the password. By default anyway, the password-hash
directive for slapd.conf is {SSHA}, but I anyway explicitly mentioned it.
Still the user password is being stored in clear text.


On Tue, Oct 12, 2010 at 1:41 PM, Mohit Chawla  wrote:

> Hi,
>
> Thanks for the pointer James ! Will look into this.
>
>
>
> On Tue, Oct 12, 2010 at 12:55 PM, James Andrewartha wrote:
>
>> On 09/10/10 19:35, Mohit Chawla wrote:
>> > Hi,
>> >
>> > Is there a way to make SOGo store a changed password in an encrypted
>> > format rather than plain text ? The thought of having plain text
>> > passwords in ldap is sort of intriguing, no ?
>> >
>> > Is it on the road map ?
>>
>> SOGo [1] uses the LDAP change password extended operation, so it's a
>> matter of configuring your LDAP server to hash the password.
>>
>> [1] Well, the SOGo patch to SOPE. The function is changePasswordAtDn in
>> sope-ldap/NGLdap/NGLdapConnection.m
>>
>> --
>> James Andrewartha
>> --
>> users@sogo.nu
>> https://inverse.ca/sogo/lists
>>
>
>
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] SOGo password change, plain text only ?

2010-10-12 Thread Mohit Chawla

Hi,

Thanks for the pointer James ! Will look into this.



On Tue, Oct 12, 2010 at 12:55 PM, James Andrewartha wrote:

> On 09/10/10 19:35, Mohit Chawla wrote:
> > Hi,
> >
> > Is there a way to make SOGo store a changed password in an encrypted
> > format rather than plain text ? The thought of having plain text
> > passwords in ldap is sort of intriguing, no ?
> >
> > Is it on the road map ?
>
> SOGo [1] uses the LDAP change password extended operation, so it's a
> matter of configuring your LDAP server to hash the password.
>
> [1] Well, the SOGo patch to SOPE. The function is changePasswordAtDn in
> sope-ldap/NGLdap/NGLdapConnection.m
>
> --
> James Andrewartha
> --
> users@sogo.nu
> https://inverse.ca/sogo/lists
>
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] SOGo password change, plain text only ?

2010-10-12 Thread James Andrewartha

On 09/10/10 19:35, Mohit Chawla wrote:
> Hi,
> 
> Is there a way to make SOGo store a changed password in an encrypted
> format rather than plain text ? The thought of having plain text
> passwords in ldap is sort of intriguing, no ? 
> 
> Is it on the road map ?

SOGo [1] uses the LDAP change password extended operation, so it's a
matter of configuring your LDAP server to hash the password.

[1] Well, the SOGo patch to SOPE. The function is changePasswordAtDn in
sope-ldap/NGLdap/NGLdapConnection.m

-- 
James Andrewartha
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

[SOGo] Re: SOGo password change, plain text only ?

2010-10-11 Thread Mohit Chawla

Any one ?

On Sat, Oct 9, 2010 at 5:05 PM, Mohit Chawla
wrote:

> Hi,
>
> Is there a way to make SOGo store a changed password in an encrypted format
> rather than plain text ? The thought of having plain text passwords in ldap
> is sort of intriguing, no ?
>
> Is it on the road map ?
>
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

[SOGo] SOGo password change, plain text only ?

2010-10-09 Thread Mohit Chawla

Hi,

Is there a way to make SOGo store a changed password in an encrypted format
rather than plain text ? The thought of having plain text passwords in ldap
is sort of intriguing, no ?

Is it on the road map ?
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

66 matches

Mail list logo