Fellow SOGo users, I'm having trouble with authentication. Help would greatly be appreciated.
When I login with a new user, this error displays in the web interface:
Login failed due to unhandled error case: -1
The logs show this error:
Jul 25 12:08:10 sogod [24233]: <0x0x2bd8010[NGLdapConnection]> bind -
ldap_result call result: 97
Jul 25 12:08:10 sogod [24233]: <0x0x2bd8010[NGLdapConnection]> bind -
ldap_parse_result - ctrls is NULL
Jul 25 12:08:10 sogod [24233]: SOGoRootPage Login for user 'j...@wohlford.org'
might not have worked - password policy: -1 grace: -1 expire: -1 bound: 1
166.248.70.150 - - [25/Jul/2011:12:08:10 GMT] "POST /SOGo/connect HTTP/1.1"
403 31/53 0.006 - - 0
An immediate second try using the exact same username and password, will then
let me in. As also can be seen in the logs:
Jul 25 12:08:51 sogod [24233]: SOGoRootPage successful login for user
'j...@wohlford.org' - expire = -1 grace = -1
166.248.70.150 - - [25/Jul/2011:12:08:51 GMT] "POST /SOGo/connect HTTP/1.1"
200 27/53 0.049 - - 4K
166.248.70.150 - - [25/Jul/2011:12:08:51 GMT] "GET /SOGo/so/; @wohlford.org
HTTP/1.1" 302 0/0 0.003 - - 0
166.248.70.150 - - [25/Jul/2011:12:08:51 GMT] "GET /SOGo/so/;
@wohlford.org/view HTTP/1.1" 302 0/0 0.004 - - 0
2011-07-25 12:08:51.753 sogod[24233] <0x0x256c0e0[PostgreSQL72Channel]:
connection=<0x0x258ee20[PGConnection]: connection=0x0x26f1560>>: message:
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index
"sogojbwohlfo00141b94556_pkey" for table "sogojbwohlfo00141b94556"
I'm guessing there is some issue between SOGo and ldap on my server. It's as if
SOGo does an ldap query, but doesn't actually wait for the ldap response. Once
the second login attempt comes, the ldap query is cached with SOGo and then
authentication is sucessful. This error occurs again if the user hasn't logged
in for a time. How much time I have been unable to determine.
On what I believe is a related note, Mac OS X iCal (10.6 & 10.7) will fail
authentication on CalDAV periodically. It will behave fine, but after a time
iCal with complain about an invalid password. The password is valid and was
valid before, but all of the sudden it isn't. I believe this is related because
if SOGo does cache ldap queries, then once the cache expires it would produce a
similar issue in the iCal as in the web interface. However, I could be
completely wrong on this.
localhost - - [25/Jul/2011:11:43:32 GMT] "PROPFIND
/SOGo/dav/j...@wohlford.org/Calendar/ HTTP/1.1" 401 0/1868 0.008 - - 0
Jul 25 11:43:33 sogod [12444]: <0x0x106f660[NGLdapConnection]> bind -
ldap_result call result: 97
Jul 25 11:43:33 sogod [12444]: <0x0x106f660[NGLdapConnection]> bind -
ldap_parse_result - ctrls is NULL
Jul 25 11:43:33 sogod [12444]: <0x0x9ae850[SOGoDAVAuthenticator]> tried wrong
password for user 'j...@wohlford.org'!
localhost - - [25/Jul/2011:11:43:33 GMT] "PROPFIND
/SOGo/dav/j...@wohlford.org/Calendar/ HTTP/1.1" 401 12/1868 0.004 - - 0
Also, does anyone know what this 'bind - ldap_parse_result - ctrls is NULL'
message is all about? It looks disconcerting. It could also be related.
Any help is greatly appreciated.
Best Regards,
Jason
SOGoUserSources:
(
{ type = ldap;
id = directory;
CNFieldName = cn;
IDFieldName = uid;
UIDFieldName = mail;
bindFields = ( mail );
IMAPLoginFieldName = mail;
bindAsCurrentUser = YES;
hostname = localhost;
port = 389;
canAuthenticate = YES;
passwordPolicy = YES;
isAddressBook = NO;
}
)
--
Jason Wohlford
<ja...@wohlfordcompany.com>
<http://www.wohlfordcompany.com/>
334.322.1491
smime.p7s
Description: S/MIME cryptographic signature
