[RCU] R: Re: Ldap Addressbook : problem for credentials in private addressbook

Andreas Dick andudi at gmx.ch
Mon Mar 5 20:03:05 CET 2012


Well. the script was written before private abooks was added... ACL is not checked for that yet
But have you created the user? Can you show the output of ldapsearch?
I have not yet scanned yor slapd log... will do that at home

Andreas



"kaifamm at libero.it" <kaifamm at libero.it> schrieb:

>Hi All,
>
>   thanks for the answers !!!
>
>I made other tests :
>
>If I try this :  ldapsearch -xLLL -H ldap://localhost:389 -D cn=rcuser,
>ou=rcabook,dc=localhost -w rcpass -b ou=rcabook,dc=localhost
>it works fine.
>
>If I try this : ldapsearch -xLLL -H ldap://localhost:389 -D  cn=mark,
>ou=private,ou=rcabook,dc=localhost  -w xxxx
>It answer : ldap_bind: Invalid credentials (49),
>so I think that there is an ACL problem.
>
>I think that there is an error in the script rcabook-setup.sh.
>
>I did run and run again  the script rcabook-setup.sh, it doesn't return
>errors  and it said :
>The LDAP addressbook is ready now for using:
>  base_dn: ou=rcabook,dc=localhost
>  bind_dn: cn=rcuser,ou=rcabook,dc=localhost
> 
>Use the following command for reading and checking your setup:
>  ldapsearch -xLLL -H ldap://localhost:389 -D cn=rcuser,ou=rcabook,
>dc=localhost -w rcpass -b ou=rcabook,dc=localhost
>
>I report my ldap.log with the debug of ldap server :
>
>daemon: activity on:
>slap_listener_activate(7):
>daemon: epoll: listen=7 busy
>daemon: epoll: listen=8 active_threads=0 tvp=zero
>>>> slap_listener(ldap:///)
>daemon: listen=7, new connection on 13
>daemon: activity on 1 descriptor
>daemon: activity on:
>daemon: epoll: listen=7 active_threads=0 tvp=zero
>daemon: epoll: listen=8 active_threads=0 tvp=zero
>daemon: added 13r (active) listener=(nil)
>daemon: activity on 1 descriptor
>conn=21 fd=13 ACCEPT from IP=127.0.0.1:45320 (IP=0.0.0.0:389)
>daemon: activity on: 13r
>daemon: read active on 13
>daemon: epoll: listen=7 active_threads=0 tvp=zero
>connection_get(13)
>daemon: epoll: listen=8 active_threads=0 tvp=zero
>connection_get(13): got connid=21
>connection_read(13): checking for input on id=21
>ber_get_next
>ldap_read: want=8, got=8
>0000:  30 84 00 00 00 3e 02 01                            0....>..     
>   
>ldap_read: want=60, got=60
>0000:  01 60 84 00 00 00 35 02  01 03 04 2a 63 6e 3d 6d  
>.`....5....*cn=m 
>0010:  61 72 6b 2c 6f 75 3d 70  72 69 76 61 74 65 2c 6f  
>ark,ou=private,o 
>0020:  75 3d 72 63 61 62 6f 6f  6b 2c 64 63 3d 6c 6f 63  
>u=rcabook,dc=loc 
>0030:  61 6c 68 6f 73 74 80 04  78 78 78 78               alhost..xxxx 
>   
>ber_get_next: tag 0x30 len 62 contents:
>ber_dump: buf=0xa0b040a8 ptr=0xa0b040a8 end=0xa0b040e6 len=62
>0000:  02 01 01 60 84 00 00 00  35 02 01 03 04 2a 63 6e  
>...`....5....*cn 
>0010:  3d 6d 61 72 6b 2c 6f 75  3d 70 72 69 76 61 74 65  
>=mark,ou=private 
>0020:  2c 6f 75 3d 72 63 61 62  6f 6f 6b 2c 64 63 3d 6c  
>,ou=rcabook,dc=l 
>0030:  6f 63 61 6c 68 6f 73 74  80 04 78 78 78 78        
>ocalhost..xxxx   
>op tag 0x60, time 1330963449
>ber_get_next
>ldap_read: want=8 error=Resource temporarily unavailable
>conn=21 op=0 do_bind
>ber_scanf fmt ({imt) ber:
>ber_dump: buf=0xa0b040a8 ptr=0xa0b040ab end=0xa0b040e6 len=59
>0000:  60 84 00 00 00 35 02 01  03 04 2a 63 6e 3d 6d 61  
>`....5....*cn=ma 
>0010:  72 6b 2c 6f 75 3d 70 72  69 76 61 74 65 2c 6f 75  
>rk,ou=private,ou 
>0020:  3d 72 63 61 62 6f 6f 6b  2c 64 63 3d 6c 6f 63 61  
>=rcabook,dc=loca 
>0030:  6c 68 6f 73 74 80 04 78  78 78 78                  lhost..xxxx  
>   
>ber_scanf fmt (m}) ber:
>ber_dump: buf=0xa0b040a8 ptr=0xa0b040e0 end=0xa0b040e6 len=6
>0000:  00 04 78 78 78 78                                  ..xxxx       
>   
>>>> dnPrettyNormal: <cn=mark,ou=private,ou=rcabook,dc=localhost>
>=> ldap_bv2dn(cn=mark,ou=private,ou=rcabook,dc=localhost,0)
><= ldap_bv2dn(cn=mark,ou=private,ou=rcabook,dc=localhost)=0
>=> ldap_dn2bv(272)
><= ldap_dn2bv(cn=mark,ou=private,ou=rcabook,dc=localhost)=0
>=> ldap_dn2bv(272)
><= ldap_dn2bv(cn=mark,ou=private,ou=rcabook,dc=localhost)=0
><<< dnPrettyNormal: <cn=mark,ou=private,ou=rcabook,dc=localhost>,
><cn=mark,
>ou=private,ou=rcabook,dc=localhost>
>conn=21 op=0 BIND dn="cn=mark,ou=private,ou=rcabook,dc=localhost"
>method=128
>do_bind: version=3 dn="cn=mark,ou=private,ou=rcabook,dc=localhost"
>method=128
>==> bdb_bind: dn: cn=mark,ou=private,ou=rcabook,dc=localhost
>bdb_dn2entry("cn=mark,ou=private,ou=rcabook,dc=localhost")
>=> bdb_dn2id("cn=mark,ou=private,ou=rcabook,dc=localhost")
><= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found
>(-30988)
>send_ldap_result: conn=21 op=0 p=3
>send_ldap_result: err=49 matched="" text=""
>send_ldap_response: msgid=1 tag=97 err=49
>ber_flush2: 22 bytes to sd 13
>0000:  30 84 00 00 00 10 02 01  01 61 84 00 00 00 07 0a  
>0........a...... 
>0010:  01 31 04 00 04 00                                  .1....       
>   
>ldap_write: want=22, written=22
>0000:  30 84 00 00 00 10 02 01  01 61 84 00 00 00 07 0a  
>0........a...... 
>0010:  01 31 04 00 04 00                                  .1....       
>   
>conn=21 op=0 RESULT tag=97 err=49 text=
>daemon: activity on 1 descriptor
>daemon: activity on:
>daemon: epoll: listen=7 active_threads=0 tvp=zero
>daemon: epoll: listen=8 active_threads=0 tvp=zero
>daemon: activity on 1 descriptor
>daemon: activity on: 13r
>daemon: read active on 13
>daemon: epoll: listen=7 active_threads=0 tvp=zero
>connection_get(13)
>daemon: epoll: listen=8 active_threads=0 tvp=zero
>connection_get(13): got connid=21
>connection_read(13): checking for input on id=21
>ber_get_next
>ldap_read: want=8, got=0
>
>ber_get_next on fd 13 failed errno=0 (Success)
>connection_read(13): input error=-2 id=21, closing.
>connection_closing: readying conn=21 sd=13 for close
>connection_close: conn=21 sd=13
>daemon: activity on 1 descriptor
>daemon: removing 13
>daemon: activity on:
>conn=21 fd=13 closed (connection lost)
>daemon: epoll: listen=7 active_threads=0 tvp=zero
>daemon: epoll: listen=8 active_threads=0 tvp=zero
>
>
>                                                                       
>Thanks a lot
>Mark
>
>>----Messaggio originale----
>>Da: andudi at gmx.ch
>>Data: 05/03/2012 14.09
>>A: "kaifamm at libero.it"<kaifamm at libero.it>, <users at lists.roundcube.net>
>>Ogg: Re: [RCU]	Ldap Addressbook : problem for credentials in private	
>addressbook
>>
>>Hei
>>I am i ski hollydays and have not my setup in front.
>>
>>Your setup seems ok, but can you try to connect with ldapsearch on the
>
>commandline?
>>Another try could be to switch on logging in slapd.conf
>>Ldap.conf is not used by server but by clients like ldapsearch...
>>
>>Andreas
>>
>>
>>
>>"kaifamm at libero.it" <kaifamm at libero.it> schrieb:
>>
>>>Hi All,
>>>
>>>I configured the ldap server and roundcube to manage contacts. I used
>>>the 
>>>howto : http://trac.roundcube.net/wiki/Howto_Ldap. It work quite, I
>>>have only  
>>>a problem for credentials in private addressbook. The public
>>>addressbook works 
>>>fine, I can search and add contacts. 
>>>
>>>I checked the Mark's password and it is correct. I tried to use
>rootpw
>>>but it 
>>>doesn't works.
>>>
>>>My versions are :
>>>openldap-servers-2.4.19-6
>>>php-5.3.3-1
>>>roundcube  0.7.1
>>>
>>>I report the error in ldap log of rouncube, my slapd.conf and my
>>>main.inc.php.
>>>
>>>Thanks a lot 
>>>
>>>Mark
>>>
>>>--------------------------------
>>>logs/ldap :
>>>
>>>[05-Mar-2012 10:09:01 +0100]: C: Connect [localhost:389]
>>>[05-Mar-2012 10:09:01 +0100]: S: OK
>>>[05-Mar-2012 10:09:01 +0100]: C: Bind [dn:
>>>cn=mark,ou=private,ou=rcabook,
>>>dc=localhost] [pass: xxxx]
>>>[05-Mar-2012 10:09:01 +0100]: S: Invalid credentials
>>>[05-Mar-2012 10:09:01 +0100]: C: Close
>>>
>>>
>>>[05-Mar-2012 10:14:24 +0100]: C: Connect [localhost:389]
>>>[05-Mar-2012 10:14:24 +0100]: S: OK
>>>[05-Mar-2012 10:14:24 +0100]: C: Bind [dn:
>>>cn=mark,ou=private,ou=rcabook,
>>>dc=localhost] [pass: xxxx]
>>>[05-Mar-2012 10:14:24 +0100]: S: Invalid credentials
>>>[05-Mar-2012 10:14:24 +0100]: C: Close
>>>[05-Mar-2012 10:27:42 +0100]: C: Connect [localhost:389]
>>>[05-Mar-2012 10:27:42 +0100]: S: OK
>>>[05-Mar-2012 10:27:42 +0100]: C: Bind [dn:
>>>cn=mark,ou=private,ou=rcabook,
>>>dc=localhost] [pass: xxxx]
>>>[05-Mar-2012 10:27:42 +0100]: S: Invalid credentials
>>>[05-Mar-2012 10:27:42 +0100]: C: Close
>>>[05-Mar-2012 10:27:52 +0100]: C: Connect [localhost:389]
>>>[05-Mar-2012 10:27:52 +0100]: S: OK
>>>[05-Mar-2012 10:27:52 +0100]: C: Bind [dn:
>>>cn=mark,ou=private,ou=rcabook,
>>>dc=localhost] [pass: xxxx]
>>>[05-Mar-2012 10:27:52 +0100]: S: Invalid credentials
>>>[05-Mar-2012 10:27:52 +0100]: C: Add [dn:
>mail=ssssss at iiii.uu,cn=mark,
>>>ou=private,ou=rcabook,dc=localhost]: Array
>>>(
>>>    [cn] => ssssssss sss
>>>    [sn] => sss
>>>    [givenname] => ssssssss
>>>    [mail] => ssssss at iiii.uu
>>>    [objectClass] => Array
>>>        (
>>>            [0] => top
>>>            [1] => inetOrgPerson
>>>        )
>>>
>>>)
>>>
>>>[05-Mar-2012 10:27:52 +0100]: S: Strong(er) authentication required
>>>[05-Mar-2012 10:27:52 +0100]: C: Close
>>>------------------------------------------------------------
>>>config/main.inc.php
>>>
>>>$rcmail_config['ldap_public']['public'] = array(
>>>    'name'              => 'Public LDAP Addressbook',
>>>    'hosts'              => array('localhost'),
>>>    'use_tls'         =>


More information about the users mailing list