[SOGo] LDAP BIND seems not to use bindDN

Tue, 27 Mar 2012 13:39:49 -0700 

Hi there,

I'm using sogo nightly build with openLDAP on Debian squeeze and have a
problem with LDAP authentication.
When trying to logon via WEB frontend I cannot login.

The logs shows following entries (with LDAP status trace enabled):
2012-03-27 19:10:30.353 sogod[4666] ERROR(-[NGBundleManager
bundleWithPath:]): could not create bundle for path:
'/usr/share/GNUstep/Libraries/gnustep-base/Versions/1.20/Resources/SSL.bundle'
2012-03-27 19:10:30.373 sogod[4666] WOCompoundElement: pool embedding is on.
2012-03-27 19:10:30.374 sogod[4666] WOCompoundElement: id logging is on.
Mar 27 19:10:30 srv1 slapd[1743]: conn=1010 fd=25 ACCEPT from
IP=127.0.0.1:33707 (IP=0.0.0.0:389)
Mar 27 19:10:30 srv1 slapd[1743]: conn=1010 op=0 BIND
dn="uid=aschlager,ou=users,dc=daheim,dc=at" method=128
Mar 27 19:10:30 srv1 slapd[1743]: conn=1010 op=0 RESULT tag=97 err=49 text=
Mar 27 19:10:30 srv1 slapd[1743]: conn=1010 op=1 UNBIND
Mar 27 19:10:30 sogod [4666]: SOGoRootPage Login for user 'aschlager'
might not have worked - password policy: 65535  grace: -1  expire: -1 
bound: 0
Mar 27 19:10:30 srv1 slapd[1743]: conn=1010 fd=25 closed

Here it seems that SOGo tries to bind with the users credentials and not
with bindDN given in the configuration.
When trying this with the ldapsearch command the query works (with
cn=admin,dc=daheim,dc=at as binddn).
I have to say that I'm not very firm with LDAP and so it surely could be
tha't I'm completely wrong with this assumption 

Here's the relevant part of the SOGo configuration:

    <key>SOGoUserSources</key>
    <array>
        <dict>
        <key>CNFieldName</key>
        <string>cn</string>
        <key>IDFieldName</key>
        <string>uid</string>
        <key>UIDFieldName</key>
        <string>uid</string>
        <key>baseDN</key>
        <string>ou=users,dc=daheim,dc=at</string>
        <key>bindDN</key>
        <string>cn=admin,dc=daheim,dc=at</string>
        <key>bindPassword</key>
        <string>secret</string>
        <key>canAuthenticate</key>
        <string>YES</string>
        <key>displayName</key>
        <string>Shared Addresses</string>
        <key>hostname</key>
        <string>localhost</string>
        <key>id</key>
        <string>public</string>
        <key>isAddressBook</key>
        <string>YES</string>
        <key>port</key>
        <string>389</string>
        <key>type</key>
        <string>ldap</string>
        </dict>
    </array>

I hope anyone can help me out of this.

Many thanks in advance!

-Andreas.
--

Mit freundlichen Grüßen / Kind regards

Andreas Schlager

andreas.schla...@ict-visions.at

ICT-Visions GmbH.

ICT-Visions GmbH., Erlfeld 28, A-5441 Abtenau

UID: ATU 64878029, FN 321420b, Ges. Geschäftsführer: Andreas Schlager

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to