> I did some further testing. If croessners account is working as expected, > then eroessners is broken. If I do log in to eroessner over the webinterface, > both accounts seem to work for some minutes (less than 5 mins I guess). I > then can add entries on both iPads and it works. But then after some moments, > one session seems to die and that user, who did the last changes, i.e. > deleting or removing something, wins. > > I attach my sogo.log. Maybe somebody can see the problem there. This log > includes also sogo restart and both situations. the first, where both users > can work for just a few moments and the second, which kills one users session. > > If somebody does have ANY idea on that, I really would be extremely happy :)
I found the problem :-) It is SOGoBindAsCurrentUser that does not work as expected. I enabled this and the SOGoChangePasswordEnabled feature to give users the chance to change their password over the web interface. I have a LDAP proxyuser that should find the correct DN in LDAP and rebind as this user. And this does work wrong! User croessner in LDAP is: uid=de10000,ou=people,ou=it,dc=roesner-net,dc=de User eroessner in LDAP is: uid=de10008,ou=people,ou=it,dc=roessner-net,dc=de If croessner is working, then you find de10000 entries in LDAP log, if stats are enabled. If I open the iPad calendar of user eroessner, I see this in the logs: Apr 9 12:10:12 roessner1 slapd[7641]: conn=15961 fd=37 ACCEPT from IP=[2a01:4f8:131:1081:88:198:80:229]:53774 (IP=[::]:389) Apr 9 12:10:12 roessner1 slapd[7641]: conn=15961 op=0 EXT oid=1.3.6.1.4.1.1466.20037 Apr 9 12:10:12 roessner1 slapd[7641]: conn=15961 op=0 STARTTLS Apr 9 12:10:12 roessner1 slapd[7641]: conn=15961 op=0 RESULT oid= err=0 text= Apr 9 12:10:12 roessner1 slapd[7641]: conn=15961 fd=37 TLS established tls_ssf=128 ssf=128 Apr 9 12:10:12 roessner1 slapd[7641]: conn=15961 op=1 BIND dn="uid=de10000,ou=people,ou=it,dc=roessner-net,dc=de" method=128 Apr 9 12:10:12 roessner1 slapd[7641]: conn=15961 op=1 BIND dn="uid=de10000,ou=people,ou=it,dc=roessner-net,dc=de" mech=SIMPLE ssf=0 Apr 9 12:10:12 roessner1 slapd[7641]: conn=15961 op=1 RESULT tag=97 err=0 text= Apr 9 12:10:12 roessner1 slapd[7641]: conn=15961 op=2 SRCH base="ou=it,dc=roessner-net,dc=de" scope=2 deref=0 filter="(|(uniqueIdentifier=eroessner)(mail=eroessner)(cn=eroessner))" Apr 9 12:10:12 roessner1 slapd[7641]: conn=15961 op=2 SRCH attr=* Apr 9 12:10:12 roessner1 slapd[7641]: conn=15961 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text= Apr 9 12:10:12 roessner1 slapd[7641]: conn=15961 op=3 UNBIND Apr 9 12:10:12 roessner1 slapd[7641]: conn=15961 fd=37 closed And this is the bug. SOGo uses the wrong DN from user croessner and not the one for eroessner and therefor does not get read access to foreign objects. Temporary workaround is to disable BindAsCurrentUser. Do I need to open a bug ticket for this? -Christian Rößner --- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gießen F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com
smime.p7s
Description: S/MIME cryptographic signature
