- Users - Roundcube mailing lists

main.inc.php settings in database table
by Ismail YENIGUL 08 Mar '12

08 Mar '12

Hello, Is there plugin or feature to store main.inc.php configuration to store on sql table for easy management? I see that "Admin interface for managing users and settings" feature in the roadmap "milestone:Later" Does this feature will cover this request? Thanks -- Ismail YENIGUL Team Leader / Takım Lideri SurGATE Labs Phone :+90 216-4709423 | Mobile:+90 533 747 36 65 SurGATE: West Coast Labs Premium Anti-Spam Certificated Twitter: http://www.twitter.com/surgate Blog: http://www.surgate.com/blog

1 0

R: R: R: autologin from other php page
by kaifamm＠libero.it 07 Mar '12

07 Mar '12

Hi, I found also this : /roundcube/config/main.inc.php $rcmail_config['plugins'] = array('autologon'); /roundcube/plugins/autologon/autologon.php <?php /** * Sample plugin to try out some hooks. * This performs an automatic login if accessed from localhost */ class autologon extends rcube_plugin { public $task = 'login'; function init() { $this->add_hook('startup', array($this, 'startup')); $this->add_hook('authenticate', array($this, 'authenticate')); } function startup($args) { $rcmail = rcmail::get_instance(); // change action to login if (empty($_SESSION['user_id']) && !empty($_POST['_autologin'])) $args['action'] = 'login'; return $args; } function authenticate($args) { if (!empty($_POST['_autologin'])) { $args['user'] = $_POST['_user']; $args['pass'] = $_POST['_pass']; $args['cookiecheck'] = false; $args['valid'] = true; } return $args; } } HTML: <form name="form" action="roundcube/index.php" method="post"> <input type="hidden" name="_action" value="login" /> <input type="hidden" name="_task" value="login" /> <input type="hidden" name="_autologin" value="1" /> <table border="0"> <tr> <td>username:</td> <td> <input name="_user" id="rcmloginuser" size="28" type="text" /></td> </tr> <tr> <td>Password:</td> <td> <input name="_pass" id="rcmloginpwd" size="28" type="password"/></td> </tr> <tr> <td> <input class="Button" type="submit" size="28" value="Webmail Login"/></td> </tr> </table> </form> >----Messaggio originale---- >Da: kaifamm(a)libero.it >Data: 07/03/2012 15.38 >A: <users(a)lists.roundcube.net> >Ogg: [RCU] R: R: autologin from other php page > >Hi, > > the plugin "autologin" with version 0.7.1 doesn't work !!! The logical it's >all different !! > >I made a little script in php to make autologin and it works : > ><? >require_once 'program/include/iniset.php'; >$RCMAIL = rcmail::get_instance(); >$auth= $RCMAIL->get_request_token(); >?> > ><form method="post" action="index.php" name="form"> ><input type="hidden" value="<?php echo $auth ?>" name="_token"> ><input type="hidden" value="login" name="_action"> ><input id="timezone" type="hidden" value="_default_" name="_timezone"> ><input id="url" type="hidden" name="_url"> ><input id="domain" type="hidden" value="xxxxxx.xx" name="_domainname"> ><input id="redirectdomain" type="hidden" value="xxxxxx.xx" name=" >_redirect_domain"> > ><input id="loginuser" type="text" value="" name="_user"> ><input id="loginpwd" type="password" value="" name="_pass"> ><input type="submit" value="SUBMIT"> ></form> > > > >>----Messaggio originale---- >>Da: kaifamm(a)libero.it >>Data: 06/03/2012 18.21 >>A: <users(a)lists.roundcube.net> >>Ogg: [RCU] R: autologin from other php page >> >>Hi, >> >>in my previous email I was wrong to write : the autologin plugin does NOT >>work !!! >> >>Thank you >>Mark >> >> >> >>>----Messaggio originale---- >>>Da: kaifamm(a)libero.it >>>Data: 06/03/2012 17.01 >>>A: <users(a)lists.roundcube.net> >>>Ogg: [RCU] autologin from other php page >>> >>>Hi All, >>> >>> it's me again :-) !!!!!!! >>> >>>I would use roundcube with autologin from another php script. I found the >>>plugin "autologin" but it seems to work. >>>This is my php script : >>> >>><!DOCTYPE html> >>><html> >>><head> >>></head> >>><body> >>><? >>>$_POST['password'] = 'password in clear and in plain text'; >>>$_SESSION['userpassword'] = strrev(base64_encode('*yourkey*'.$_POST >>>['password'])); >>>?> >>><form name="roundcubelogin" action="http://192.168.254.201/roundcube/? >>>_task=mail" method="post" target="roundcube"> >>><input type="hidden" name="_timezone" value="_default_" /> >>><input type="hidden" name="_task" value="mail" /> >>><input type="hidden" name="_autologin" value="1" /> >>><input type="hidden" name="_user" value="mark" /> >>><input type="hidden" name="_host" value="192.168.254.201:143" /> >>><input type="hidden" name="_pass" value="<?echo $_SESSION['userpassword']? >>" >>>/> >>><input type="submit" name="submit" value="SUBMIT" /> >>></form> >>></body> >>></html> >>> >>>The plugin autologin.php : >>> >>><?php >>> >>>/** >>> * This plugin performs an automatic login if accessed >>> * with post Data from other Site an Portal or CMS >>> * Based on sample autologon PlugIn >>> * >>> * @version 0.2 >>> * @author Eric Appelt (lacri) >>> * >>> * show into README to install and config >>> * >>> * changes >>> * 0.2 make a little bit secure with base64_encode strrev >>> * and a key thats replace after submitting encoded pass data >>> * >>> */ >>> >>>class autologin extends rcube_plugin >>>{ >>> >>> function init() >>> { >>> $this->add_hook('startup', array($this, 'startup')); >>> $this->add_hook('authenticate', array($this, 'authenticate')); >>> } >>> >>> function startup($args) >>> { >>> $rcmail = rcmail::get_instance(); >>> >>> $autologin = get_input_value('_autologin', RCUBE_INPUT_POST); >>> >>> // change action to login >>> if ($args['task'] == 'mail' && empty($args['action']) && empty ($_SESSION >>>['user_id']) && !empty($autologin)) { >>> $args['action'] = 'login'; >>> >>> // decode pass, revert and replace key >>> $_POST['_pass'] = str_replace('*yourkey*','',base64_decode(strrev >>>(get_input_value('_pass', RCUBE_INPUT_POST, true, 'ISO-8859-1')))); >>> >>> // set initial cookie without this cookie login is not possible >>> $_COOKIE['roundcube_sessid'] = session_id(); >>> } >>> return $args; >>> } >>> >>> function authenticate($args) >>> { >>> $autologin = get_input_value('_autologin', RCUBE_INPUT_POST); >>> >>> if (!empty($autologin)) { >>> $args['user'] = get_input_value('_user', RCUBE_INPUT_POST); >>> $args['pass'] = get_input_value('_pass', RCUBE_INPUT_POST); >>> $args['host'] = get_input_value('_host', RCUBE_INPUT_POST); >>> } >>> return $args; >>> } >>>} >>>_______________________________________________ >>>Roundcube Users mailing list >>>users(a)lists.roundcube.net >>>http://lists.roundcube.net/mailman/listinfo/users >>> >> >> >>_______________________________________________ >>Roundcube Users mailing list >>users(a)lists.roundcube.net >>http://lists.roundcube.net/mailman/listinfo/users >> > > >_______________________________________________ >Roundcube Users mailing list >users(a)lists.roundcube.net >http://lists.roundcube.net/mailman/listinfo/users >

1 0

R: R: autologin from other php page
by kaifamm＠libero.it 07 Mar '12

07 Mar '12

Hi, the plugin "autologin" with version 0.7.1 doesn't work !!! The logical it's all different !! I made a little script in php to make autologin and it works : <? require_once 'program/include/iniset.php'; $RCMAIL = rcmail::get_instance(); $auth= $RCMAIL->get_request_token(); ?> <form method="post" action="index.php" name="form"> <input type="hidden" value="<?php echo $auth ?>" name="_token"> <input type="hidden" value="login" name="_action"> <input id="timezone" type="hidden" value="_default_" name="_timezone"> <input id="url" type="hidden" name="_url"> <input id="domain" type="hidden" value="xxxxxx.xx" name="_domainname"> <input id="redirectdomain" type="hidden" value="xxxxxx.xx" name=" _redirect_domain"> <input id="loginuser" type="text" value="" name="_user"> <input id="loginpwd" type="password" value="" name="_pass"> <input type="submit" value="SUBMIT"> </form> >----Messaggio originale---- >Da: kaifamm(a)libero.it >Data: 06/03/2012 18.21 >A: <users(a)lists.roundcube.net> >Ogg: [RCU] R: autologin from other php page > >Hi, > >in my previous email I was wrong to write : the autologin plugin does NOT >work !!! > >Thank you >Mark > > > >>----Messaggio originale---- >>Da: kaifamm(a)libero.it >>Data: 06/03/2012 17.01 >>A: <users(a)lists.roundcube.net> >>Ogg: [RCU] autologin from other php page >> >>Hi All, >> >> it's me again :-) !!!!!!! >> >>I would use roundcube with autologin from another php script. I found the >>plugin "autologin" but it seems to work. >>This is my php script : >> >><!DOCTYPE html> >><html> >><head> >></head> >><body> >><? >>$_POST['password'] = 'password in clear and in plain text'; >>$_SESSION['userpassword'] = strrev(base64_encode('*yourkey*'.$_POST >>['password'])); >>?> >><form name="roundcubelogin" action="http://192.168.254.201/roundcube/? >>_task=mail" method="post" target="roundcube"> >><input type="hidden" name="_timezone" value="_default_" /> >><input type="hidden" name="_task" value="mail" /> >><input type="hidden" name="_autologin" value="1" /> >><input type="hidden" name="_user" value="mark" /> >><input type="hidden" name="_host" value="192.168.254.201:143" /> >><input type="hidden" name="_pass" value="<?echo $_SESSION['userpassword']? >" >>/> >><input type="submit" name="submit" value="SUBMIT" /> >></form> >></body> >></html> >> >>The plugin autologin.php : >> >><?php >> >>/** >> * This plugin performs an automatic login if accessed >> * with post Data from other Site an Portal or CMS >> * Based on sample autologon PlugIn >> * >> * @version 0.2 >> * @author Eric Appelt (lacri) >> * >> * show into README to install and config >> * >> * changes >> * 0.2 make a little bit secure with base64_encode strrev >> * and a key thats replace after submitting encoded pass data >> * >> */ >> >>class autologin extends rcube_plugin >>{ >> >> function init() >> { >> $this->add_hook('startup', array($this, 'startup')); >> $this->add_hook('authenticate', array($this, 'authenticate')); >> } >> >> function startup($args) >> { >> $rcmail = rcmail::get_instance(); >> >> $autologin = get_input_value('_autologin', RCUBE_INPUT_POST); >> >> // change action to login >> if ($args['task'] == 'mail' && empty($args['action']) && empty($_SESSION >>['user_id']) && !empty($autologin)) { >> $args['action'] = 'login'; >> >> // decode pass, revert and replace key >> $_POST['_pass'] = str_replace('*yourkey*','',base64_decode(strrev >>(get_input_value('_pass', RCUBE_INPUT_POST, true, 'ISO-8859-1')))); >> >> // set initial cookie without this cookie login is not possible >> $_COOKIE['roundcube_sessid'] = session_id(); >> } >> return $args; >> } >> >> function authenticate($args) >> { >> $autologin = get_input_value('_autologin', RCUBE_INPUT_POST); >> >> if (!empty($autologin)) { >> $args['user'] = get_input_value('_user', RCUBE_INPUT_POST); >> $args['pass'] = get_input_value('_pass', RCUBE_INPUT_POST); >> $args['host'] = get_input_value('_host', RCUBE_INPUT_POST); >> } >> return $args; >> } >>} >>_______________________________________________ >>Roundcube Users mailing list >>users(a)lists.roundcube.net >>http://lists.roundcube.net/mailman/listinfo/users >> > > >_______________________________________________ >Roundcube Users mailing list >users(a)lists.roundcube.net >http://lists.roundcube.net/mailman/listinfo/users >

1 0

R: Re: plugin to set forwarding in a roundcube-exim configuration
by kaifamm＠libero.it 07 Mar '12

07 Mar '12

Hi, yes it works, i'm using procmail that call sieve and also the file .forward in home directory of user. I in the .forward file call sieve so : | /usr/libexec/dovecot/deliver Bye ----Messaggio originale---- Da: gedeon007(a)gmail.com Data: 07/03/2012 11.05 A: "Roundcube Users mailing list"<users(a)lists.roundcube.net> Ogg: Re: [RCU] plugin to set forwarding in a roundcube-exim configuration Hello, Thank you for your answer. Actually we don't use sieve (I haven't heard about it yet). We are using a multi tenanted environment. We configure forwarders in the following way: we have a folder for each domains in the /etc/virtual folder and each folder contains a file called aliases. All of the forwarders for domain example.com are configured in /etc/virtual/example.com/aliases file. If I add a new alias then I only run newaliases and it's working. Do you have experiences such configuration and do you know whether this method and sieve works together? Thank you once more. Best regards, Chris 2012/3/6 Benny Pedersen <me(a)junc.org> Den 2012-03-05 16:04, Krisztián Gulyás skrev: I would like to install a plugin (or any solution) next to my roundcube-exim configuration to let my users set forwarding on their own. managesieve, if you got exim sieve working aswell from that on make a forward sieve rule in roundcube _______________________________________________ Roundcube Users mailing list users(a)lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users

2 1

plugin to set forwarding in a roundcube-exim configuration
by Krisztián Gulyás 07 Mar '12

07 Mar '12

Hi all, I would like to install a plugin (or any solution) next to my roundcube-exim configuration to let my users set forwarding on their own. Has anyone experienced something similar or could anyone help me? Thank you very much. Best regards, Chris -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

2 2

R: autologin from other php page
by kaifamm＠libero.it 06 Mar '12

06 Mar '12

Hi, in my previous email I was wrong to write : the autologin plugin does NOT work !!! Thank you Mark >----Messaggio originale---- >Da: kaifamm(a)libero.it >Data: 06/03/2012 17.01 >A: <users(a)lists.roundcube.net> >Ogg: [RCU] autologin from other php page > >Hi All, > > it's me again :-) !!!!!!! > >I would use roundcube with autologin from another php script. I found the >plugin "autologin" but it seems to work. >This is my php script : > ><!DOCTYPE html> ><html> ><head> ></head> ><body> ><? >$_POST['password'] = 'password in clear and in plain text'; >$_SESSION['userpassword'] = strrev(base64_encode('*yourkey*'.$_POST >['password'])); >?> ><form name="roundcubelogin" action="http://192.168.254.201/roundcube/? >_task=mail" method="post" target="roundcube"> ><input type="hidden" name="_timezone" value="_default_" /> ><input type="hidden" name="_task" value="mail" /> ><input type="hidden" name="_autologin" value="1" /> ><input type="hidden" name="_user" value="mark" /> ><input type="hidden" name="_host" value="192.168.254.201:143" /> ><input type="hidden" name="_pass" value="<?echo $_SESSION['userpassword']?>" >/> ><input type="submit" name="submit" value="SUBMIT" /> ></form> ></body> ></html> > >The plugin autologin.php : > ><?php > >/** > * This plugin performs an automatic login if accessed > * with post Data from other Site an Portal or CMS > * Based on sample autologon PlugIn > * > * @version 0.2 > * @author Eric Appelt (lacri) > * > * show into README to install and config > * > * changes > * 0.2 make a little bit secure with base64_encode strrev > * and a key thats replace after submitting encoded pass data > * > */ > >class autologin extends rcube_plugin >{ > > function init() > { > $this->add_hook('startup', array($this, 'startup')); > $this->add_hook('authenticate', array($this, 'authenticate')); > } > > function startup($args) > { > $rcmail = rcmail::get_instance(); > > $autologin = get_input_value('_autologin', RCUBE_INPUT_POST); > > // change action to login > if ($args['task'] == 'mail' && empty($args['action']) && empty($_SESSION >['user_id']) && !empty($autologin)) { > $args['action'] = 'login'; > > // decode pass, revert and replace key > $_POST['_pass'] = str_replace('*yourkey*','',base64_decode(strrev >(get_input_value('_pass', RCUBE_INPUT_POST, true, 'ISO-8859-1')))); > > // set initial cookie without this cookie login is not possible > $_COOKIE['roundcube_sessid'] = session_id(); > } > return $args; > } > > function authenticate($args) > { > $autologin = get_input_value('_autologin', RCUBE_INPUT_POST); > > if (!empty($autologin)) { > $args['user'] = get_input_value('_user', RCUBE_INPUT_POST); > $args['pass'] = get_input_value('_pass', RCUBE_INPUT_POST); > $args['host'] = get_input_value('_host', RCUBE_INPUT_POST); > } > return $args; > } >} >_______________________________________________ >Roundcube Users mailing list >users(a)lists.roundcube.net >http://lists.roundcube.net/mailman/listinfo/users >

1 0

autologin from other php page
by kaifamm＠libero.it 06 Mar '12

06 Mar '12

Hi All, it's me again :-) !!!!!!! I would use roundcube with autologin from another php script. I found the plugin "autologin" but it seems to work. This is my php script : <!DOCTYPE html> <html> <head> </head> <body> <? $_POST['password'] = 'password in clear and in plain text'; $_SESSION['userpassword'] = strrev(base64_encode('*yourkey*'.$_POST ['password'])); ?> <form name="roundcubelogin" action="http://192.168.254.201/roundcube/? _task=mail" method="post" target="roundcube"> <input type="hidden" name="_timezone" value="_default_" /> <input type="hidden" name="_task" value="mail" /> <input type="hidden" name="_autologin" value="1" /> <input type="hidden" name="_user" value="mark" /> <input type="hidden" name="_host" value="192.168.254.201:143" /> <input type="hidden" name="_pass" value="<?echo $_SESSION['userpassword']?>" /> <input type="submit" name="submit" value="SUBMIT" /> </form> </body> </html> The plugin autologin.php : <?php /** * This plugin performs an automatic login if accessed * with post Data from other Site an Portal or CMS * Based on sample autologon PlugIn * * @version 0.2 * @author Eric Appelt (lacri) * * show into README to install and config * * changes * 0.2 make a little bit secure with base64_encode strrev * and a key thats replace after submitting encoded pass data * */ class autologin extends rcube_plugin { function init() { $this->add_hook('startup', array($this, 'startup')); $this->add_hook('authenticate', array($this, 'authenticate')); } function startup($args) { $rcmail = rcmail::get_instance(); $autologin = get_input_value('_autologin', RCUBE_INPUT_POST); // change action to login if ($args['task'] == 'mail' && empty($args['action']) && empty($_SESSION ['user_id']) && !empty($autologin)) { $args['action'] = 'login'; // decode pass, revert and replace key $_POST['_pass'] = str_replace('*yourkey*','',base64_decode(strrev (get_input_value('_pass', RCUBE_INPUT_POST, true, 'ISO-8859-1')))); // set initial cookie without this cookie login is not possible $_COOKIE['roundcube_sessid'] = session_id(); } return $args; } function authenticate($args) { $autologin = get_input_value('_autologin', RCUBE_INPUT_POST); if (!empty($autologin)) { $args['user'] = get_input_value('_user', RCUBE_INPUT_POST); $args['pass'] = get_input_value('_pass', RCUBE_INPUT_POST); $args['host'] = get_input_value('_host', RCUBE_INPUT_POST); } return $args; } }

1 0

R: Re: R: Re: Ldap Addressbook : problem for credentials in private addressbook
by kaifamm＠libero.it 06 Mar '12

06 Mar '12

Hi, Thank you for the tips !!!! I found the solution !!!!!!!! Yes in the script rcabook-setup.sh there is not the creation of single users for private addressbook !!! So I made a script ( rc_create_user.sh) that create users in ldap server for private addressbook. This script must run for each ldap users. #!/bin/bash # Parameters : USER PASSWORD # example : rc_create_user.sh mark xxxx # #------------ parameters start -------------------------------- if [ $# -lt 2 ] ; then echo "ERROR - Number of parameters is wrong. Example: rc_create_user.sh user password" exit 1 fi abook_user=$1; abook_pass=$2; #------------ parameters end -------------------------------- #------------ configuration start -------------------------------- server="ldap://localhost:389"; suffix="dc=localhost"; rootdn="cn=admin,$suffix"; abook_name="rcabook"; subdir_public="public"; subdir_private="private"; base_dn="ou=$subdir_private,ou=$abook_name,$suffix"; bind_dn="cn=$abook_user,$base_dn"; bind_pass="$abook_pass"; #------------ configuration end -------------------------------- echo " dn: $bind_dn cn: $abook_user userPassword: `slappasswd -s $abook_pass` objectClass: organizationalRole objectClass: simpleSecurityObject " | ldapadd -x -c -H $server -D $rootdn -W 2> /dev/null || { echo "ERROR-unable to create user!"; exit 1; }; >----Messaggio originale---- >Da: andudi(a)gmx.ch >Data: 05/03/2012 20.03 >A: "kaifamm(a)libero.it"<kaifamm(a)libero.it>, "Roundcube Users mailing list" <users(a)lists.roundcube.net> >Ogg: Re: [RCU] R: Re: Ldap Addressbook : problem for credentials in private addressbook > >Well. the script was written before private abooks was added... ACL is not checked for that yet >But have you created the user? Can you show the output of ldapsearch? >I have not yet scanned yor slapd log... will do that at home > >Andreas > > > >"kaifamm(a)libero.it" <kaifamm(a)libero.it> schrieb: > >>Hi All, >> >> thanks for the answers !!! >> >>I made other tests : >> >>If I try this : ldapsearch -xLLL -H ldap://localhost:389 -D cn=rcuser, >>ou=rcabook,dc=localhost -w rcpass -b ou=rcabook,dc=localhost >>it works fine. >> >>If I try this : ldapsearch -xLLL -H ldap://localhost:389 -D cn=mark, >>ou=private,ou=rcabook,dc=localhost -w xxxx >>It answer : ldap_bind: Invalid credentials (49), >>so I think that there is an ACL problem. >> >>I think that there is an error in the script rcabook-setup.sh. >> >>I did run and run again the script rcabook-setup.sh, it doesn't return >>errors and it said : >>The LDAP addressbook is ready now for using: >> base_dn: ou=rcabook,dc=localhost >> bind_dn: cn=rcuser,ou=rcabook,dc=localhost >> >>Use the following command for reading and checking your setup: >> ldapsearch -xLLL -H ldap://localhost:389 -D cn=rcuser,ou=rcabook, >>dc=localhost -w rcpass -b ou=rcabook,dc=localhost >> >>I report my ldap.log with the debug of ldap server : >> >>daemon: activity on: >>slap_listener_activate(7): >>daemon: epoll: listen=7 busy >>daemon: epoll: listen=8 active_threads=0 tvp=zero >>>>> slap_listener(ldap:///) >>daemon: listen=7, new connection on 13 >>daemon: activity on 1 descriptor >>daemon: activity on: >>daemon: epoll: listen=7 active_threads=0 tvp=zero >>daemon: epoll: listen=8 active_threads=0 tvp=zero >>daemon: added 13r (active) listener=(nil) >>daemon: activity on 1 descriptor >>conn=21 fd=13 ACCEPT from IP=127.0.0.1:45320 (IP=0.0.0.0:389) >>daemon: activity on: 13r >>daemon: read active on 13 >>daemon: epoll: listen=7 active_threads=0 tvp=zero >>connection_get(13) >>daemon: epoll: listen=8 active_threads=0 tvp=zero >>connection_get(13): got connid=21 >>connection_read(13): checking for input on id=21 >>ber_get_next >>ldap_read: want=8, got=8 >>0000: 30 84 00 00 00 3e 02 01 0....>.. >> >>ldap_read: want=60, got=60 >>0000: 01 60 84 00 00 00 35 02 01 03 04 2a 63 6e 3d 6d >>.`....5....*cn=m >>0010: 61 72 6b 2c 6f 75 3d 70 72 69 76 61 74 65 2c 6f >>ark,ou=private,o >>0020: 75 3d 72 63 61 62 6f 6f 6b 2c 64 63 3d 6c 6f 63 >>u=rcabook,dc=loc >>0030: 61 6c 68 6f 73 74 80 04 78 78 78 78 alhost..xxxx >> >>ber_get_next: tag 0x30 len 62 contents: >>ber_dump: buf=0xa0b040a8 ptr=0xa0b040a8 end=0xa0b040e6 len=62 >>0000: 02 01 01 60 84 00 00 00 35 02 01 03 04 2a 63 6e >>...`....5....*cn >>0010: 3d 6d 61 72 6b 2c 6f 75 3d 70 72 69 76 61 74 65 >>=mark,ou=private >>0020: 2c 6f 75 3d 72 63 61 62 6f 6f 6b 2c 64 63 3d 6c >>,ou=rcabook,dc=l >>0030: 6f 63 61 6c 68 6f 73 74 80 04 78 78 78 78 >>ocalhost..xxxx >>op tag 0x60, time 1330963449 >>ber_get_next >>ldap_read: want=8 error=Resource temporarily unavailable >>conn=21 op=0 do_bind >>ber_scanf fmt ({imt) ber: >>ber_dump: buf=0xa0b040a8 ptr=0xa0b040ab end=0xa0b040e6 len=59 >>0000: 60 84 00 00 00 35 02 01 03 04 2a 63 6e 3d 6d 61 >>`....5....*cn=ma >>0010: 72 6b 2c 6f 75 3d 70 72 69 76 61 74 65 2c 6f 75 >>rk,ou=private,ou >>0020: 3d 72 63 61 62 6f 6f 6b 2c 64 63 3d 6c 6f 63 61 >>=rcabook,dc=loca >>0030: 6c 68 6f 73 74 80 04 78 78 78 78 lhost..xxxx >> >>ber_scanf fmt (m}) ber: >>ber_dump: buf=0xa0b040a8 ptr=0xa0b040e0 end=0xa0b040e6 len=6 >>0000: 00 04 78 78 78 78 ..xxxx >> >>>>> dnPrettyNormal: <cn=mark,ou=private,ou=rcabook,dc=localhost> >>=> ldap_bv2dn(cn=mark,ou=private,ou=rcabook,dc=localhost,0) >><= ldap_bv2dn(cn=mark,ou=private,ou=rcabook,dc=localhost)=0 >>=> ldap_dn2bv(272) >><= ldap_dn2bv(cn=mark,ou=private,ou=rcabook,dc=localhost)=0 >>=> ldap_dn2bv(272) >><= ldap_dn2bv(cn=mark,ou=private,ou=rcabook,dc=localhost)=0 >><<< dnPrettyNormal: <cn=mark,ou=private,ou=rcabook,dc=localhost>, >><cn=mark, >>ou=private,ou=rcabook,dc=localhost> >>conn=21 op=0 BIND dn="cn=mark,ou=private,ou=rcabook,dc=localhost" >>method=128 >>do_bind: version=3 dn="cn=mark,ou=private,ou=rcabook,dc=localhost" >>method=128 >>==> bdb_bind: dn: cn=mark,ou=private,ou=rcabook,dc=localhost >>bdb_dn2entry("cn=mark,ou=private,ou=rcabook,dc=localhost") >>=> bdb_dn2id("cn=mark,ou=private,ou=rcabook,dc=localhost") >><= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found >>(-30988) >>send_ldap_result: conn=21 op=0 p=3 >>send_ldap_result: err=49 matched="" text="" >>send_ldap_response: msgid=1 tag=97 err=49 >>ber_flush2: 22 bytes to sd 13 >>0000: 30 84 00 00 00 10 02 01 01 61 84 00 00 00 07 0a >>0........a...... >>0010: 01 31 04 00 04 00 .1.... >> >>ldap_write: want=22, written=22 >>0000: 30 84 00 00 00 10 02 01 01 61 84 00 00 00 07 0a >>0........a...... >>0010: 01 31 04 00 04 00 .1.... >> >>conn=21 op=0 RESULT tag=97 err=49 text= >>daemon: activity on 1 descriptor >>daemon: activity on: >>daemon: epoll: listen=7 active_threads=0 tvp=zero >>daemon: epoll: listen=8 active_threads=0 tvp=zero >>daemon: activity on 1 descriptor >>daemon: activity on: 13r >>daemon: read active on 13 >>daemon: epoll: listen=7 active_threads=0 tvp=zero >>connection_get(13) >>daemon: epoll: listen=8 active_threads=0 tvp=zero >>connection_get(13): got connid=21 >>connection_read(13): checking for input on id=21 >>ber_get_next >>ldap_read: want=8, got=0 >> >>ber_get_next on fd 13 failed errno=0 (Success) >>connection_read(13): input error=-2 id=21, closing. >>connection_closing: readying conn=21 sd=13 for close >>connection_close: conn=21 sd=13 >>daemon: activity on 1 descriptor >>daemon: removing 13 >>daemon: activity on: >>conn=21 fd=13 closed (connection lost) >>daemon: epoll: listen=7 active_threads=0 tvp=zero >>daemon: epoll: listen=8 active_threads=0 tvp=zero >> >> >> >>Thanks a lot >>Mark >> >>>----Messaggio originale---- >>>Da: andudi(a)gmx.ch >>>Data: 05/03/2012 14.09 >>>A: "kaifamm(a)libero.it"<kaifamm(a)libero.it>, <users(a)lists.roundcube.net> >>>Ogg: Re: [RCU] Ldap Addressbook : problem for credentials in private >>addressbook >>> >>>Hei >>>I am i ski hollydays and have not my setup in front. >>> >>>Your setup seems ok, but can you try to connect with ldapsearch on the >> >>commandline? >>>Another try could be to switch on logging in slapd.conf >>>Ldap.conf is not used by server but by clients like ldapsearch... >>> >>>Andreas >>> >>> >>> >>>"kaifamm(a)libero.it" <kaifamm(a)libero.it> schrieb: >>> >>>>Hi All, >>>> >>>>I configured the ldap server and roundcube to manage contacts. I used >>>>the >>>>howto : http://trac.roundcube.net/wiki/Howto_Ldap. It work quite, I >>>>have only >>>>a problem for credentials in private addressbook. The public >>>>addressbook works >>>>fine, I can search and add contacts. >>>> >>>>I checked the Mark's password and it is correct. I tried to use >>rootpw >>>>but it >>>>doesn't works. >>>> >>>>My versions are : >>>>openldap-servers-2.4.19-6 >>>>php-5.3.3-1 >>>>roundcube 0.7.1 >>>> >>>>I report the error in ldap log of rouncube, my slapd.conf and my >>>>main.inc.php. >>>> >>>>Thanks a lot >>>> >>>>Mark >>>> >>>>-------------------------------- >>>>logs/ldap : >>>> >>>>[05-Mar-2012 10:09:01 +0100]: C: Connect [localhost:389] >>>>[05-Mar-2012 10:09:01 +0100]: S: OK >>>>[05-Mar-2012 10:09:01 +0100]: C: Bind [dn: >>>>cn=mark,ou=private,ou=rcabook, >>>>dc=localhost] [pass: xxxx] >>>>[05-Mar-2012 10:09:01 +0100]: S: Invalid credentials >>>>[05-Mar-2012 10:09:01 +0100]: C: Close >>>> >>>> >>>>[05-Mar-2012 10:14:24 +0100]: C: Connect [localhost:389] >>>>[05-Mar-2012 10:14:24 +0100]: S: OK >>>>[05-Mar-2012 10:14:24 +0100]: C: Bind [dn: >>>>cn=mark,ou=private,ou=rcabook, >>>>dc=localhost] [pass: xxxx] >>>>[05-Mar-2012 10:14:24 +0100]: S: Invalid credentials >>>>[05-Mar-2012 10:14:24 +0100]: C: Close >>>>[05-Mar-2012 10:27:42 +0100]: C: Connect [localhost:389] >>>>[05-Mar-2012 10:27:42 +0100]: S: OK >>>>[05-Mar-2012 10:27:42 +0100]: C: Bind [dn: >>>>cn=mark,ou=private,ou=rcabook, >>>>dc=localhost] [pass: xxxx] >>>>[05-Mar-2012 10:27:42 +0100]: S: Invalid credentials >>>>[05-Mar-2012 10:27:42 +0100]: C: Close >>>>[05-Mar-2012 10:27:52 +0100]: C: Connect [localhost:389] >>>>[05-Mar-2012 10:27:52 +0100]: S: OK >>>>[05-Mar-2012 10:27:52 +0100]: C: Bind [dn: >>>>cn=mark,ou=private,ou=rcabook, >>>>dc=localhost] [pass: xxxx] >>>>[05-Mar-2012 10:27:52 +0100]: S: Invalid credentials >>>>[05-Mar-2012 10:27:52 +0100]: C: Add [dn: >>mail=ssssss(a)iiii.uu,cn=mark, >>>>ou=private,ou=rcabook,dc=localhost]: Array >>>>( >>>> [cn] => ssssssss sss >>>> [sn] => sss >>>> [givenname] => ssssssss >>>> [mail] => ssssss(a)iiii.uu >>>> [objectClass] => Array >>>> ( >>>> [0] => top >>>> [1] => inetOrgPerson >>>> ) >>>> >>>>) >>>> >>>>[05-Mar-2012 10:27:52 +0100]: S: Strong(er) authentication required >>>>[05-Mar-2012 10:27:52 +0100]: C: Close >>>>------------------------------------------------------------ >>>>config/main.inc.php >>>> >>>>$rcmail_config['ldap_public']['public'] = array( >>>> 'name' => 'Public LDAP Addressbook', >>>> 'hosts' => array('localhost'), >>>> 'use_tls' => >_______________________________________________ >Roundcube Users mailing list >users(a)lists.roundcube.net >http://lists.roundcube.net/mailman/listinfo/users >

2 1

R: Re: Ldap Addressbook : problem for credentials in private addressbook
by kaifamm＠libero.it 05 Mar '12

05 Mar '12

Hi All, thanks for the answers !!! I made other tests : If I try this : ldapsearch -xLLL -H ldap://localhost:389 -D cn=rcuser, ou=rcabook,dc=localhost -w rcpass -b ou=rcabook,dc=localhost it works fine. If I try this : ldapsearch -xLLL -H ldap://localhost:389 -D cn=mark, ou=private,ou=rcabook,dc=localhost -w xxxx It answer : ldap_bind: Invalid credentials (49), so I think that there is an ACL problem. I think that there is an error in the script rcabook-setup.sh. I did run and run again the script rcabook-setup.sh, it doesn't return errors and it said : The LDAP addressbook is ready now for using: base_dn: ou=rcabook,dc=localhost bind_dn: cn=rcuser,ou=rcabook,dc=localhost Use the following command for reading and checking your setup: ldapsearch -xLLL -H ldap://localhost:389 -D cn=rcuser,ou=rcabook, dc=localhost -w rcpass -b ou=rcabook,dc=localhost I report my ldap.log with the debug of ldap server : daemon: activity on: slap_listener_activate(7): daemon: epoll: listen=7 busy daemon: epoll: listen=8 active_threads=0 tvp=zero >>> slap_listener(ldap:///) daemon: listen=7, new connection on 13 daemon: activity on 1 descriptor daemon: activity on: daemon: epoll: listen=7 active_threads=0 tvp=zero daemon: epoll: listen=8 active_threads=0 tvp=zero daemon: added 13r (active) listener=(nil) daemon: activity on 1 descriptor conn=21 fd=13 ACCEPT from IP=127.0.0.1:45320 (IP=0.0.0.0:389) daemon: activity on: 13r daemon: read active on 13 daemon: epoll: listen=7 active_threads=0 tvp=zero connection_get(13) daemon: epoll: listen=8 active_threads=0 tvp=zero connection_get(13): got connid=21 connection_read(13): checking for input on id=21 ber_get_next ldap_read: want=8, got=8 0000: 30 84 00 00 00 3e 02 01 0....>.. ldap_read: want=60, got=60 0000: 01 60 84 00 00 00 35 02 01 03 04 2a 63 6e 3d 6d .`....5....*cn=m 0010: 61 72 6b 2c 6f 75 3d 70 72 69 76 61 74 65 2c 6f ark,ou=private,o 0020: 75 3d 72 63 61 62 6f 6f 6b 2c 64 63 3d 6c 6f 63 u=rcabook,dc=loc 0030: 61 6c 68 6f 73 74 80 04 78 78 78 78 alhost..xxxx ber_get_next: tag 0x30 len 62 contents: ber_dump: buf=0xa0b040a8 ptr=0xa0b040a8 end=0xa0b040e6 len=62 0000: 02 01 01 60 84 00 00 00 35 02 01 03 04 2a 63 6e ...`....5....*cn 0010: 3d 6d 61 72 6b 2c 6f 75 3d 70 72 69 76 61 74 65 =mark,ou=private 0020: 2c 6f 75 3d 72 63 61 62 6f 6f 6b 2c 64 63 3d 6c ,ou=rcabook,dc=l 0030: 6f 63 61 6c 68 6f 73 74 80 04 78 78 78 78 ocalhost..xxxx op tag 0x60, time 1330963449 ber_get_next ldap_read: want=8 error=Resource temporarily unavailable conn=21 op=0 do_bind ber_scanf fmt ({imt) ber: ber_dump: buf=0xa0b040a8 ptr=0xa0b040ab end=0xa0b040e6 len=59 0000: 60 84 00 00 00 35 02 01 03 04 2a 63 6e 3d 6d 61 `....5....*cn=ma 0010: 72 6b 2c 6f 75 3d 70 72 69 76 61 74 65 2c 6f 75 rk,ou=private,ou 0020: 3d 72 63 61 62 6f 6f 6b 2c 64 63 3d 6c 6f 63 61 =rcabook,dc=loca 0030: 6c 68 6f 73 74 80 04 78 78 78 78 lhost..xxxx ber_scanf fmt (m}) ber: ber_dump: buf=0xa0b040a8 ptr=0xa0b040e0 end=0xa0b040e6 len=6 0000: 00 04 78 78 78 78 ..xxxx >>> dnPrettyNormal: <cn=mark,ou=private,ou=rcabook,dc=localhost> => ldap_bv2dn(cn=mark,ou=private,ou=rcabook,dc=localhost,0) <= ldap_bv2dn(cn=mark,ou=private,ou=rcabook,dc=localhost)=0 => ldap_dn2bv(272) <= ldap_dn2bv(cn=mark,ou=private,ou=rcabook,dc=localhost)=0 => ldap_dn2bv(272) <= ldap_dn2bv(cn=mark,ou=private,ou=rcabook,dc=localhost)=0 <<< dnPrettyNormal: <cn=mark,ou=private,ou=rcabook,dc=localhost>, <cn=mark, ou=private,ou=rcabook,dc=localhost> conn=21 op=0 BIND dn="cn=mark,ou=private,ou=rcabook,dc=localhost" method=128 do_bind: version=3 dn="cn=mark,ou=private,ou=rcabook,dc=localhost" method=128 ==> bdb_bind: dn: cn=mark,ou=private,ou=rcabook,dc=localhost bdb_dn2entry("cn=mark,ou=private,ou=rcabook,dc=localhost") => bdb_dn2id("cn=mark,ou=private,ou=rcabook,dc=localhost") <= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30988) send_ldap_result: conn=21 op=0 p=3 send_ldap_result: err=49 matched="" text="" send_ldap_response: msgid=1 tag=97 err=49 ber_flush2: 22 bytes to sd 13 0000: 30 84 00 00 00 10 02 01 01 61 84 00 00 00 07 0a 0........a...... 0010: 01 31 04 00 04 00 .1.... ldap_write: want=22, written=22 0000: 30 84 00 00 00 10 02 01 01 61 84 00 00 00 07 0a 0........a...... 0010: 01 31 04 00 04 00 .1.... conn=21 op=0 RESULT tag=97 err=49 text= daemon: activity on 1 descriptor daemon: activity on: daemon: epoll: listen=7 active_threads=0 tvp=zero daemon: epoll: listen=8 active_threads=0 tvp=zero daemon: activity on 1 descriptor daemon: activity on: 13r daemon: read active on 13 daemon: epoll: listen=7 active_threads=0 tvp=zero connection_get(13) daemon: epoll: listen=8 active_threads=0 tvp=zero connection_get(13): got connid=21 connection_read(13): checking for input on id=21 ber_get_next ldap_read: want=8, got=0 ber_get_next on fd 13 failed errno=0 (Success) connection_read(13): input error=-2 id=21, closing. connection_closing: readying conn=21 sd=13 for close connection_close: conn=21 sd=13 daemon: activity on 1 descriptor daemon: removing 13 daemon: activity on: conn=21 fd=13 closed (connection lost) daemon: epoll: listen=7 active_threads=0 tvp=zero daemon: epoll: listen=8 active_threads=0 tvp=zero Thanks a lot Mark >----Messaggio originale---- >Da: andudi(a)gmx.ch >Data: 05/03/2012 14.09 >A: "kaifamm(a)libero.it"<kaifamm(a)libero.it>, <users(a)lists.roundcube.net> >Ogg: Re: [RCU] Ldap Addressbook : problem for credentials in private addressbook > >Hei >I am i ski hollydays and have not my setup in front. > >Your setup seems ok, but can you try to connect with ldapsearch on the commandline? >Another try could be to switch on logging in slapd.conf >Ldap.conf is not used by server but by clients like ldapsearch... > >Andreas > > > >"kaifamm(a)libero.it" <kaifamm(a)libero.it> schrieb: > >>Hi All, >> >>I configured the ldap server and roundcube to manage contacts. I used >>the >>howto : http://trac.roundcube.net/wiki/Howto_Ldap. It work quite, I >>have only >>a problem for credentials in private addressbook. The public >>addressbook works >>fine, I can search and add contacts. >> >>I checked the Mark's password and it is correct. I tried to use rootpw >>but it >>doesn't works. >> >>My versions are : >>openldap-servers-2.4.19-6 >>php-5.3.3-1 >>roundcube 0.7.1 >> >>I report the error in ldap log of rouncube, my slapd.conf and my >>main.inc.php. >> >>Thanks a lot >> >>Mark >> >>-------------------------------- >>logs/ldap : >> >>[05-Mar-2012 10:09:01 +0100]: C: Connect [localhost:389] >>[05-Mar-2012 10:09:01 +0100]: S: OK >>[05-Mar-2012 10:09:01 +0100]: C: Bind [dn: >>cn=mark,ou=private,ou=rcabook, >>dc=localhost] [pass: xxxx] >>[05-Mar-2012 10:09:01 +0100]: S: Invalid credentials >>[05-Mar-2012 10:09:01 +0100]: C: Close >> >> >>[05-Mar-2012 10:14:24 +0100]: C: Connect [localhost:389] >>[05-Mar-2012 10:14:24 +0100]: S: OK >>[05-Mar-2012 10:14:24 +0100]: C: Bind [dn: >>cn=mark,ou=private,ou=rcabook, >>dc=localhost] [pass: xxxx] >>[05-Mar-2012 10:14:24 +0100]: S: Invalid credentials >>[05-Mar-2012 10:14:24 +0100]: C: Close >>[05-Mar-2012 10:27:42 +0100]: C: Connect [localhost:389] >>[05-Mar-2012 10:27:42 +0100]: S: OK >>[05-Mar-2012 10:27:42 +0100]: C: Bind [dn: >>cn=mark,ou=private,ou=rcabook, >>dc=localhost] [pass: xxxx] >>[05-Mar-2012 10:27:42 +0100]: S: Invalid credentials >>[05-Mar-2012 10:27:42 +0100]: C: Close >>[05-Mar-2012 10:27:52 +0100]: C: Connect [localhost:389] >>[05-Mar-2012 10:27:52 +0100]: S: OK >>[05-Mar-2012 10:27:52 +0100]: C: Bind [dn: >>cn=mark,ou=private,ou=rcabook, >>dc=localhost] [pass: xxxx] >>[05-Mar-2012 10:27:52 +0100]: S: Invalid credentials >>[05-Mar-2012 10:27:52 +0100]: C: Add [dn: mail=ssssss(a)iiii.uu,cn=mark, >>ou=private,ou=rcabook,dc=localhost]: Array >>( >> [cn] => ssssssss sss >> [sn] => sss >> [givenname] => ssssssss >> [mail] => ssssss(a)iiii.uu >> [objectClass] => Array >> ( >> [0] => top >> [1] => inetOrgPerson >> ) >> >>) >> >>[05-Mar-2012 10:27:52 +0100]: S: Strong(er) authentication required >>[05-Mar-2012 10:27:52 +0100]: C: Close >>------------------------------------------------------------ >>config/main.inc.php >> >>$rcmail_config['ldap_public']['public'] = array( >> 'name' => 'Public LDAP Addressbook', >> 'hosts' => array('localhost'), >> 'use_tls' => false, >> 'ldap_version' => 3, // using LDAPv3 >> 'port' => 389, >> 'auth_method' => '', >> 'user_specific' => false, >> 'writable' => true, >> 'base_dn' => 'ou=public,ou=rcabook,dc=localhost', >> 'bind_dn' => 'cn=rcuser,ou=rcabook,dc=localhost', >> 'bind_pass' => 'rcpass', >> 'fieldmap' => array( >> 'name' => 'cn', >> 'surname' => 'sn', >> 'firstname' => 'givenName', >> 'email' => 'mail', >> 'phone:home' => 'homePhone', >> 'phone:work' => 'telephoneNumber', >> 'phone:mobile' => 'mobile', >> 'street' => 'street', >> 'zipcode' => 'postalCode', >> 'locality' => 'l', >> 'country' => 'c', >> 'organization' => 'o', >> ), >> 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), >> 'LDAP_rdn' => 'mail', >> 'required_fields' => array('cn', 'sn', 'mail'), >> 'filter' => '(objectClass=inetOrgPerson)', >> 'groups' => array( >> 'base_dn' => '', // in this Howto, the same base_dn as >>for the contacts is used >> 'filter' => '(objectClass=groupOfNames)', >> 'object_classes' => array("top", "groupOfNames"), >> ), >>); >> >>$rcmail_config['ldap_public']['private'] = array( >> 'name' => 'Private LDAP Addressbook', >> 'hosts' => array('localhost'), >> 'use_tls' => false, >> 'ldap_version' => 3, // using LDAPv3 >> 'port' => 389, >> 'auth_method' => '', >> 'user_specific' => true, >> 'writable' => true, >> 'base_dn' => 'cn=%u,ou=private,ou=rcabook,dc=localhost', >> 'bind_dn' => 'cn=%u,ou=private,ou=rcabook,dc=localhost', >> 'bind_pass' => '', // the user login password is used >> 'fieldmap' => array( >> 'name' => 'cn', >> 'surname' => 'sn', >> 'firstname' => 'givenName', >> 'email' => 'mail', >> 'phone:home' => 'homePhone', >> 'phone:work' => 'telephoneNumber', >> 'phone:mobile' => 'mobile', >> 'street' => 'street', >> 'zipcode' => 'postalCode', >> 'locality' => 'l', >> 'country' => 'c', >> 'organization' => 'o', >> ), >> 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), >> 'LDAP_rdn' => 'mail', >> 'required_fields' => array('cn', 'sn', 'mail'), >> 'filter' => '(objectClass=inetOrgPerson)', >> 'groups' => array( >> 'base_dn' => '', // in this Howto, the same base_dn as >>for the contacts is used >> 'filter' => '(objectClass=groupOfNames)', >> 'object_classes' => array("top", "groupOfNames"), >> ), >>); >> >>------------------------------------------- >>openldap/slapd.conf >> >># >># See slapd.conf(5) for details on configuration options. >># This file should NOT be world readable. >># >> >>include /etc/openldap/schema/corba.schema >>include /etc/openldap/schema/core.schema >>include /etc/openldap/schema/cosine.schema >>include /etc/openldap/schema/duaconf.schema >>include /etc/openldap/schema/dyngroup.schema >>include /etc/openldap/schema/inetorgperson.schema >>include /etc/openldap/schema/java.schema >>include /etc/openldap/schema/misc.schema >>include /etc/openldap/schema/nis.schema >>include /etc/openldap/schema/openldap.schema >>include /etc/openldap/schema/ppolicy.schema >>include /etc/openldap/schema/collective.schema >> >># Allow LDAPv2 client connections. This is NOT the default. >>allow bind_v2 >> >># Do not enable referrals until AFTER you have a working directory >># service AND an understanding of referrals. >>#referral ldap://root.openldap.org >> >>pidfile /var/run/openldap/slapd.pid >>argsfile /var/run/openldap/slapd.args >> >>SIZELIMIT 100000 >> >> >># >># if no access controls are present, the default policy >># allows anyone and everyone to read anything but restricts >># updates to rootdn. (e.g., "access to * by * read") >># >># rootdn can always read and write EVERYTHING! >> >>####################################################################### >># ldbm and/or bdb database definitions >>####################################################################### >> >>database bdb >>suffix "dc=localhost" >>checkpoint 1024 15 >>rootdn "cn=admin,dc=localhost" >># Cleartext passwords, especially for the rootdn, should >># be avoided. See slappasswd(8) and slapd.conf(5) for details. >># Use of strong authentication encouraged. >>rootpw {SSHA}xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >> >># The database directory MUST exist prior to running slapd AND >># should only be accessible by the slapd and slap tools. >># Mode 700 recommended. >>directory /var/lib/ldap >> >># Indices to maintain for this database >>index objectClass eq,pres >>index ou,cn,mail,surname,givenname eq,pres,sub >>index uidNumber,gidNumber,loginShell eq,pres >>index uid,memberUid eq,pres,sub >>index nisMapName,nisMapEntry eq,pres,sub >> >># Replicas of this database >>#replogfile /var/lib/ldap/openldap-master-replog >>#replica host=ldap-1.example.com:389 starttls=critical >># bindmethod=sasl saslmech=GSSAPI >># authcId=host/ldap-master.example.com(a)EXAMPLE.COM >> >> >># Grant the Roundcub user to create private users >>access to dn.one="ou=private,ou=rcabook,dc=localhost" >>attrs=userPassword >> by dn="cn=rcuser,ou=rcabook,dc=localhost" write >> by anonymous auth >> by self write >> by * none >> >># For user authentication and password change >>access to attrs=userPassword >> by dn="cn=admin,dc=localhost" write >> by anonymous auth >> by self write >> by * none >> >># Grant the Roundcube users access to their private addressbooks >>access to dn.regex="^.*cn=([^,]+),ou=private,ou=rcabook,dc=localhost$" >> by dn="cn=admin,dc=localhost" write >> by dn="cn=rcuser,ou=rcabook,dc=localhost" write >> by dn.exact,expand="cn=$1,ou=private,ou=rcabook,dc=localhost" write >> >># Grant the Roundcube user access to the whole addressbook >>access to dn.subtree="ou=rcabook,dc=localhost" >> by dn="cn=admin,dc=localhost" write >> by dn="cn=rcuser,ou=rcabook,dc=localhost" write >> >># For direcory access >>access to * >> by dn="cn=admin,dc=localhost" write >> >># enable monitoring >>database monitor >> >>----------------------------------------- > >-- >List info: http://lists.roundcube.net/users/ >BT/09979466 >

2 1

R: Re: Ldap Addressbook : problem for credentials in private addressbook
by kaifamm＠libero.it 05 Mar '12

05 Mar '12

Hi All, thanks for the answers !!! I made other tests : If I try this : ldapsearch -xLLL -H ldap://localhost:389 -D cn=rcuser, ou=rcabook,dc=localhost -w rcpass -b ou=rcabook,dc=localhost it works fine. If I try this : ldapsearch -xLLL -H ldap://localhost:389 -D cn=mark, ou=private,ou=rcabook,dc=localhost -w xxxx It answer : ldap_bind: Invalid credentials (49), so I think that there is an ACL problem. I think that there is an error in the script rcabook-setup.sh. I did run and run again the script rcabook-setup.sh, it doesn't return errors and it said : The LDAP addressbook is ready now for using: base_dn: ou=rcabook,dc=localhost bind_dn: cn=rcuser,ou=rcabook,dc=localhost Use the following command for reading and checking your setup: ldapsearch -xLLL -H ldap://localhost:389 -D cn=rcuser,ou=rcabook, dc=localhost -w rcpass -b ou=rcabook,dc=localhost I report my ldap.log with the debug of ldap server : daemon: activity on: slap_listener_activate(7): daemon: epoll: listen=7 busy daemon: epoll: listen=8 active_threads=0 tvp=zero >>> slap_listener(ldap:///) daemon: listen=7, new connection on 13 daemon: activity on 1 descriptor daemon: activity on: daemon: epoll: listen=7 active_threads=0 tvp=zero daemon: epoll: listen=8 active_threads=0 tvp=zero daemon: added 13r (active) listener=(nil) daemon: activity on 1 descriptor conn=21 fd=13 ACCEPT from IP=127.0.0.1:45320 (IP=0.0.0.0:389) daemon: activity on: 13r daemon: read active on 13 daemon: epoll: listen=7 active_threads=0 tvp=zero connection_get(13) daemon: epoll: listen=8 active_threads=0 tvp=zero connection_get(13): got connid=21 connection_read(13): checking for input on id=21 ber_get_next ldap_read: want=8, got=8 0000: 30 84 00 00 00 3e 02 01 0....>.. ldap_read: want=60, got=60 0000: 01 60 84 00 00 00 35 02 01 03 04 2a 63 6e 3d 6d .`....5....*cn=m 0010: 61 72 6b 2c 6f 75 3d 70 72 69 76 61 74 65 2c 6f ark,ou=private,o 0020: 75 3d 72 63 61 62 6f 6f 6b 2c 64 63 3d 6c 6f 63 u=rcabook,dc=loc 0030: 61 6c 68 6f 73 74 80 04 78 78 78 78 alhost..xxxx ber_get_next: tag 0x30 len 62 contents: ber_dump: buf=0xa0b040a8 ptr=0xa0b040a8 end=0xa0b040e6 len=62 0000: 02 01 01 60 84 00 00 00 35 02 01 03 04 2a 63 6e ...`....5....*cn 0010: 3d 6d 61 72 6b 2c 6f 75 3d 70 72 69 76 61 74 65 =mark,ou=private 0020: 2c 6f 75 3d 72 63 61 62 6f 6f 6b 2c 64 63 3d 6c ,ou=rcabook,dc=l 0030: 6f 63 61 6c 68 6f 73 74 80 04 78 78 78 78 ocalhost..xxxx op tag 0x60, time 1330963449 ber_get_next ldap_read: want=8 error=Resource temporarily unavailable conn=21 op=0 do_bind ber_scanf fmt ({imt) ber: ber_dump: buf=0xa0b040a8 ptr=0xa0b040ab end=0xa0b040e6 len=59 0000: 60 84 00 00 00 35 02 01 03 04 2a 63 6e 3d 6d 61 `....5....*cn=ma 0010: 72 6b 2c 6f 75 3d 70 72 69 76 61 74 65 2c 6f 75 rk,ou=private,ou 0020: 3d 72 63 61 62 6f 6f 6b 2c 64 63 3d 6c 6f 63 61 =rcabook,dc=loca 0030: 6c 68 6f 73 74 80 04 78 78 78 78 lhost..xxxx ber_scanf fmt (m}) ber: ber_dump: buf=0xa0b040a8 ptr=0xa0b040e0 end=0xa0b040e6 len=6 0000: 00 04 78 78 78 78 ..xxxx >>> dnPrettyNormal: <cn=mark,ou=private,ou=rcabook,dc=localhost> => ldap_bv2dn(cn=mark,ou=private,ou=rcabook,dc=localhost,0) <= ldap_bv2dn(cn=mark,ou=private,ou=rcabook,dc=localhost)=0 => ldap_dn2bv(272) <= ldap_dn2bv(cn=mark,ou=private,ou=rcabook,dc=localhost)=0 => ldap_dn2bv(272) <= ldap_dn2bv(cn=mark,ou=private,ou=rcabook,dc=localhost)=0 <<< dnPrettyNormal: <cn=mark,ou=private,ou=rcabook,dc=localhost>, <cn=mark, ou=private,ou=rcabook,dc=localhost> conn=21 op=0 BIND dn="cn=mark,ou=private,ou=rcabook,dc=localhost" method=128 do_bind: version=3 dn="cn=mark,ou=private,ou=rcabook,dc=localhost" method=128 ==> bdb_bind: dn: cn=mark,ou=private,ou=rcabook,dc=localhost bdb_dn2entry("cn=mark,ou=private,ou=rcabook,dc=localhost") => bdb_dn2id("cn=mark,ou=private,ou=rcabook,dc=localhost") <= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair found (-30988) send_ldap_result: conn=21 op=0 p=3 send_ldap_result: err=49 matched="" text="" send_ldap_response: msgid=1 tag=97 err=49 ber_flush2: 22 bytes to sd 13 0000: 30 84 00 00 00 10 02 01 01 61 84 00 00 00 07 0a 0........a...... 0010: 01 31 04 00 04 00 .1.... ldap_write: want=22, written=22 0000: 30 84 00 00 00 10 02 01 01 61 84 00 00 00 07 0a 0........a...... 0010: 01 31 04 00 04 00 .1.... conn=21 op=0 RESULT tag=97 err=49 text= daemon: activity on 1 descriptor daemon: activity on: daemon: epoll: listen=7 active_threads=0 tvp=zero daemon: epoll: listen=8 active_threads=0 tvp=zero daemon: activity on 1 descriptor daemon: activity on: 13r daemon: read active on 13 daemon: epoll: listen=7 active_threads=0 tvp=zero connection_get(13) daemon: epoll: listen=8 active_threads=0 tvp=zero connection_get(13): got connid=21 connection_read(13): checking for input on id=21 ber_get_next ldap_read: want=8, got=0 ber_get_next on fd 13 failed errno=0 (Success) connection_read(13): input error=-2 id=21, closing. connection_closing: readying conn=21 sd=13 for close connection_close: conn=21 sd=13 daemon: activity on 1 descriptor daemon: removing 13 daemon: activity on: conn=21 fd=13 closed (connection lost) daemon: epoll: listen=7 active_threads=0 tvp=zero daemon: epoll: listen=8 active_threads=0 tvp=zero Thanks a lot Mark >----Messaggio originale---- >Da: andudi(a)gmx.ch >Data: 05/03/2012 14.09 >A: "kaifamm(a)libero.it"<kaifamm(a)libero.it>, <users(a)lists.roundcube.net> >Ogg: Re: [RCU] Ldap Addressbook : problem for credentials in private addressbook > >Hei >I am i ski hollydays and have not my setup in front. > >Your setup seems ok, but can you try to connect with ldapsearch on the commandline? >Another try could be to switch on logging in slapd.conf >Ldap.conf is not used by server but by clients like ldapsearch... > >Andreas > > > >"kaifamm(a)libero.it" <kaifamm(a)libero.it> schrieb: > >>Hi All, >> >>I configured the ldap server and roundcube to manage contacts. I used >>the >>howto : http://trac.roundcube.net/wiki/Howto_Ldap. It work quite, I >>have only >>a problem for credentials in private addressbook. The public >>addressbook works >>fine, I can search and add contacts. >> >>I checked the Mark's password and it is correct. I tried to use rootpw >>but it >>doesn't works. >> >>My versions are : >>openldap-servers-2.4.19-6 >>php-5.3.3-1 >>roundcube 0.7.1 >> >>I report the error in ldap log of rouncube, my slapd.conf and my >>main.inc.php. >> >>Thanks a lot >> >>Mark >> >>-------------------------------- >>logs/ldap : >> >>[05-Mar-2012 10:09:01 +0100]: C: Connect [localhost:389] >>[05-Mar-2012 10:09:01 +0100]: S: OK >>[05-Mar-2012 10:09:01 +0100]: C: Bind [dn: >>cn=mark,ou=private,ou=rcabook, >>dc=localhost] [pass: xxxx] >>[05-Mar-2012 10:09:01 +0100]: S: Invalid credentials >>[05-Mar-2012 10:09:01 +0100]: C: Close >> >> >>[05-Mar-2012 10:14:24 +0100]: C: Connect [localhost:389] >>[05-Mar-2012 10:14:24 +0100]: S: OK >>[05-Mar-2012 10:14:24 +0100]: C: Bind [dn: >>cn=mark,ou=private,ou=rcabook, >>dc=localhost] [pass: xxxx] >>[05-Mar-2012 10:14:24 +0100]: S: Invalid credentials >>[05-Mar-2012 10:14:24 +0100]: C: Close >>[05-Mar-2012 10:27:42 +0100]: C: Connect [localhost:389] >>[05-Mar-2012 10:27:42 +0100]: S: OK >>[05-Mar-2012 10:27:42 +0100]: C: Bind [dn: >>cn=mark,ou=private,ou=rcabook, >>dc=localhost] [pass: xxxx] >>[05-Mar-2012 10:27:42 +0100]: S: Invalid credentials >>[05-Mar-2012 10:27:42 +0100]: C: Close >>[05-Mar-2012 10:27:52 +0100]: C: Connect [localhost:389] >>[05-Mar-2012 10:27:52 +0100]: S: OK >>[05-Mar-2012 10:27:52 +0100]: C: Bind [dn: >>cn=mark,ou=private,ou=rcabook, >>dc=localhost] [pass: xxxx] >>[05-Mar-2012 10:27:52 +0100]: S: Invalid credentials >>[05-Mar-2012 10:27:52 +0100]: C: Add [dn: mail=ssssss(a)iiii.uu,cn=mark, >>ou=private,ou=rcabook,dc=localhost]: Array >>( >> [cn] => ssssssss sss >> [sn] => sss >> [givenname] => ssssssss >> [mail] => ssssss(a)iiii.uu >> [objectClass] => Array >> ( >> [0] => top >> [1] => inetOrgPerson >> ) >> >>) >> >>[05-Mar-2012 10:27:52 +0100]: S: Strong(er) authentication required >>[05-Mar-2012 10:27:52 +0100]: C: Close >>------------------------------------------------------------ >>config/main.inc.php >> >>$rcmail_config['ldap_public']['public'] = array( >> 'name' => 'Public LDAP Addressbook', >> 'hosts' => array('localhost'), >> 'use_tls' => false, >> 'ldap_version' => 3, // using LDAPv3 >> 'port' => 389, >> 'auth_method' => '', >> 'user_specific' => false, >> 'writable' => true, >> 'base_dn' => 'ou=public,ou=rcabook,dc=localhost', >> 'bind_dn' => 'cn=rcuser,ou=rcabook,dc=localhost', >> 'bind_pass' => 'rcpass', >> 'fieldmap' => array( >> 'name' => 'cn', >> 'surname' => 'sn', >> 'firstname' => 'givenName', >> 'email' => 'mail', >> 'phone:home' => 'homePhone', >> 'phone:work' => 'telephoneNumber', >> 'phone:mobile' => 'mobile', >> 'street' => 'street', >> 'zipcode' => 'postalCode', >> 'locality' => 'l', >> 'country' => 'c', >> 'organization' => 'o', >> ), >> 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), >> 'LDAP_rdn' => 'mail', >> 'required_fields' => array('cn', 'sn', 'mail'), >> 'filter' => '(objectClass=inetOrgPerson)', >> 'groups' => array( >> 'base_dn' => '', // in this Howto, the same base_dn as >>for the contacts is used >> 'filter' => '(objectClass=groupOfNames)', >> 'object_classes' => array("top", "groupOfNames"), >> ), >>); >> >>$rcmail_config['ldap_public']['private'] = array( >> 'name' => 'Private LDAP Addressbook', >> 'hosts' => array('localhost'), >> 'use_tls' => false, >> 'ldap_version' => 3, // using LDAPv3 >> 'port' => 389, >> 'auth_method' => '', >> 'user_specific' => true, >> 'writable' => true, >> 'base_dn' => 'cn=%u,ou=private,ou=rcabook,dc=localhost', >> 'bind_dn' => 'cn=%u,ou=private,ou=rcabook,dc=localhost', >> 'bind_pass' => '', // the user login password is used >> 'fieldmap' => array( >> 'name' => 'cn', >> 'surname' => 'sn', >> 'firstname' => 'givenName', >> 'email' => 'mail', >> 'phone:home' => 'homePhone', >> 'phone:work' => 'telephoneNumber', >> 'phone:mobile' => 'mobile', >> 'street' => 'street', >> 'zipcode' => 'postalCode', >> 'locality' => 'l', >> 'country' => 'c', >> 'organization' => 'o', >> ), >> 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), >> 'LDAP_rdn' => 'mail', >> 'required_fields' => array('cn', 'sn', 'mail'), >> 'filter' => '(objectClass=inetOrgPerson)', >> 'groups' => array( >> 'base_dn' => '', // in this Howto, the same base_dn as >>for the contacts is used >> 'filter' => '(objectClass=groupOfNames)', >> 'object_classes' => array("top", "groupOfNames"), >> ), >>); >> >>------------------------------------------- >>openldap/slapd.conf >> >># >># See slapd.conf(5) for details on configuration options. >># This file should NOT be world readable. >># >> >>include /etc/openldap/schema/corba.schema >>include /etc/openldap/schema/core.schema >>include /etc/openldap/schema/cosine.schema >>include /etc/openldap/schema/duaconf.schema >>include /etc/openldap/schema/dyngroup.schema >>include /etc/openldap/schema/inetorgperson.schema >>include /etc/openldap/schema/java.schema >>include /etc/openldap/schema/misc.schema >>include /etc/openldap/schema/nis.schema >>include /etc/openldap/schema/openldap.schema >>include /etc/openldap/schema/ppolicy.schema >>include /etc/openldap/schema/collective.schema >> >># Allow LDAPv2 client connections. This is NOT the default. >>allow bind_v2 >> >># Do not enable referrals until AFTER you have a working directory >># service AND an understanding of referrals. >>#referral ldap://root.openldap.org >> >>pidfile /var/run/openldap/slapd.pid >>argsfile /var/run/openldap/slapd.args >> >>SIZELIMIT 100000 >> >> >># >># if no access controls are present, the default policy >># allows anyone and everyone to read anything but restricts >># updates to rootdn. (e.g., "access to * by * read") >># >># rootdn can always read and write EVERYTHING! >> >>####################################################################### >># ldbm and/or bdb database definitions >>####################################################################### >> >>database bdb >>suffix "dc=localhost" >>checkpoint 1024 15 >>rootdn "cn=admin,dc=localhost" >># Cleartext passwords, especially for the rootdn, should >># be avoided. See slappasswd(8) and slapd.conf(5) for details. >># Use of strong authentication encouraged. >>rootpw {SSHA}xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >> >># The database directory MUST exist prior to running slapd AND >># should only be accessible by the slapd and slap tools. >># Mode 700 recommended. >>directory /var/lib/ldap >> >># Indices to maintain for this database >>index objectClass eq,pres >>index ou,cn,mail,surname,givenname eq,pres,sub >>index uidNumber,gidNumber,loginShell eq,pres >>index uid,memberUid eq,pres,sub >>index nisMapName,nisMapEntry eq,pres,sub >> >># Replicas of this database >>#replogfile /var/lib/ldap/openldap-master-replog >>#replica host=ldap-1.example.com:389 starttls=critical >># bindmethod=sasl saslmech=GSSAPI >># authcId=host/ldap-master.example.com(a)EXAMPLE.COM >> >> >># Grant the Roundcub user to create private users >>access to dn.one="ou=private,ou=rcabook,dc=localhost" >>attrs=userPassword >> by dn="cn=rcuser,ou=rcabook,dc=localhost" write >> by anonymous auth >> by self write >> by * none >> >># For user authentication and password change >>access to attrs=userPassword >> by dn="cn=admin,dc=localhost" write >> by anonymous auth >> by self write >> by * none >> >># Grant the Roundcube users access to their private addressbooks >>access to dn.regex="^.*cn=([^,]+),ou=private,ou=rcabook,dc=localhost$" >> by dn="cn=admin,dc=localhost" write >> by dn="cn=rcuser,ou=rcabook,dc=localhost" write >> by dn.exact,expand="cn=$1,ou=private,ou=rcabook,dc=localhost" write >> >># Grant the Roundcube user access to the whole addressbook >>access to dn.subtree="ou=rcabook,dc=localhost" >> by dn="cn=admin,dc=localhost" write >> by dn="cn=rcuser,ou=rcabook,dc=localhost" write >> >># For direcory access >>access to * >> by dn="cn=admin,dc=localhost" write >> >># enable monitoring >>database monitor >> >>----------------------------------------- > >-- >List info: http://lists.roundcube.net/users/ >BT/09979466 >

1 0

Mailing list migration to new host
by Thomas Bruederli 05 Mar '12

05 Mar '12

Dear subscribers of the Roundcube mailing lists I'd like to announce the migration of our mailing lists to a new host which is planned to take place on Monday, March 5th at 3pm GMT. There's no action required on your side, all subscriptions and settings will be transferred to the new host. There might be some delay until all nodes on the net have updated their DNS entries for lists.roundcube.net and to avoid any loss of messages during that period, we recommend to suspend posting between 3pm and 9pm GMT on Monday. This is also a good occasion to thank Jason at gigo.com for offering the list hosting for the last couple of years and to Jeroen at kolab.org to take over. Best, Thomas -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

3 4

Ldap Addressbook : problem for credentials in private addressbook
by kaifamm＠libero.it 05 Mar '12

05 Mar '12

Hi All, I configured the ldap server and roundcube to manage contacts. I used the howto : http://trac.roundcube.net/wiki/Howto_Ldap. It work quite, I have only a problem for credentials in private addressbook. The public addressbook works fine, I can search and add contacts. I checked the Mark's password and it is correct. I tried to use rootpw but it doesn't works. My versions are : openldap-servers-2.4.19-6 php-5.3.3-1 roundcube 0.7.1 I report the error in ldap log of rouncube, my slapd.conf and my main.inc.php. Thanks a lot Mark -------------------------------- logs/ldap : [05-Mar-2012 10:09:01 +0100]: C: Connect [localhost:389] [05-Mar-2012 10:09:01 +0100]: S: OK [05-Mar-2012 10:09:01 +0100]: C: Bind [dn: cn=mark,ou=private,ou=rcabook, dc=localhost] [pass: xxxx] [05-Mar-2012 10:09:01 +0100]: S: Invalid credentials [05-Mar-2012 10:09:01 +0100]: C: Close [05-Mar-2012 10:14:24 +0100]: C: Connect [localhost:389] [05-Mar-2012 10:14:24 +0100]: S: OK [05-Mar-2012 10:14:24 +0100]: C: Bind [dn: cn=mark,ou=private,ou=rcabook, dc=localhost] [pass: xxxx] [05-Mar-2012 10:14:24 +0100]: S: Invalid credentials [05-Mar-2012 10:14:24 +0100]: C: Close [05-Mar-2012 10:27:42 +0100]: C: Connect [localhost:389] [05-Mar-2012 10:27:42 +0100]: S: OK [05-Mar-2012 10:27:42 +0100]: C: Bind [dn: cn=mark,ou=private,ou=rcabook, dc=localhost] [pass: xxxx] [05-Mar-2012 10:27:42 +0100]: S: Invalid credentials [05-Mar-2012 10:27:42 +0100]: C: Close [05-Mar-2012 10:27:52 +0100]: C: Connect [localhost:389] [05-Mar-2012 10:27:52 +0100]: S: OK [05-Mar-2012 10:27:52 +0100]: C: Bind [dn: cn=mark,ou=private,ou=rcabook, dc=localhost] [pass: xxxx] [05-Mar-2012 10:27:52 +0100]: S: Invalid credentials [05-Mar-2012 10:27:52 +0100]: C: Add [dn: mail=ssssss(a)iiii.uu,cn=mark, ou=private,ou=rcabook,dc=localhost]: Array ( [cn] => ssssssss sss [sn] => sss [givenname] => ssssssss [mail] => ssssss(a)iiii.uu [objectClass] => Array ( [0] => top [1] => inetOrgPerson ) ) [05-Mar-2012 10:27:52 +0100]: S: Strong(er) authentication required [05-Mar-2012 10:27:52 +0100]: C: Close ------------------------------------------------------------ config/main.inc.php $rcmail_config['ldap_public']['public'] = array( 'name' => 'Public LDAP Addressbook', 'hosts' => array('localhost'), 'use_tls' => false, 'ldap_version' => 3, // using LDAPv3 'port' => 389, 'auth_method' => '', 'user_specific' => false, 'writable' => true, 'base_dn' => 'ou=public,ou=rcabook,dc=localhost', 'bind_dn' => 'cn=rcuser,ou=rcabook,dc=localhost', 'bind_pass' => 'rcpass', 'fieldmap' => array( 'name' => 'cn', 'surname' => 'sn', 'firstname' => 'givenName', 'email' => 'mail', 'phone:home' => 'homePhone', 'phone:work' => 'telephoneNumber', 'phone:mobile' => 'mobile', 'street' => 'street', 'zipcode' => 'postalCode', 'locality' => 'l', 'country' => 'c', 'organization' => 'o', ), 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), 'LDAP_rdn' => 'mail', 'required_fields' => array('cn', 'sn', 'mail'), 'filter' => '(objectClass=inetOrgPerson)', 'groups' => array( 'base_dn' => '', // in this Howto, the same base_dn as for the contacts is used 'filter' => '(objectClass=groupOfNames)', 'object_classes' => array("top", "groupOfNames"), ), ); $rcmail_config['ldap_public']['private'] = array( 'name' => 'Private LDAP Addressbook', 'hosts' => array('localhost'), 'use_tls' => false, 'ldap_version' => 3, // using LDAPv3 'port' => 389, 'auth_method' => '', 'user_specific' => true, 'writable' => true, 'base_dn' => 'cn=%u,ou=private,ou=rcabook,dc=localhost', 'bind_dn' => 'cn=%u,ou=private,ou=rcabook,dc=localhost', 'bind_pass' => '', // the user login password is used 'fieldmap' => array( 'name' => 'cn', 'surname' => 'sn', 'firstname' => 'givenName', 'email' => 'mail', 'phone:home' => 'homePhone', 'phone:work' => 'telephoneNumber', 'phone:mobile' => 'mobile', 'street' => 'street', 'zipcode' => 'postalCode', 'locality' => 'l', 'country' => 'c', 'organization' => 'o', ), 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), 'LDAP_rdn' => 'mail', 'required_fields' => array('cn', 'sn', 'mail'), 'filter' => '(objectClass=inetOrgPerson)', 'groups' => array( 'base_dn' => '', // in this Howto, the same base_dn as for the contacts is used 'filter' => '(objectClass=groupOfNames)', 'object_classes' => array("top", "groupOfNames"), ), ); ------------------------------------------- openldap/slapd.conf # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /etc/openldap/schema/corba.schema include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/duaconf.schema include /etc/openldap/schema/dyngroup.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/java.schema include /etc/openldap/schema/misc.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/openldap.schema include /etc/openldap/schema/ppolicy.schema include /etc/openldap/schema/collective.schema # Allow LDAPv2 client connections. This is NOT the default. allow bind_v2 # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile /var/run/openldap/slapd.pid argsfile /var/run/openldap/slapd.args SIZELIMIT 100000 # # if no access controls are present, the default policy # allows anyone and everyone to read anything but restricts # updates to rootdn. (e.g., "access to * by * read") # # rootdn can always read and write EVERYTHING! ####################################################################### # ldbm and/or bdb database definitions ####################################################################### database bdb suffix "dc=localhost" checkpoint 1024 15 rootdn "cn=admin,dc=localhost" # Cleartext passwords, especially for the rootdn, should # be avoided. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw {SSHA}xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/lib/ldap # Indices to maintain for this database index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub # Replicas of this database #replogfile /var/lib/ldap/openldap-master-replog #replica host=ldap-1.example.com:389 starttls=critical # bindmethod=sasl saslmech=GSSAPI # authcId=host/ldap-master.example.com(a)EXAMPLE.COM # Grant the Roundcub user to create private users access to dn.one="ou=private,ou=rcabook,dc=localhost" attrs=userPassword by dn="cn=rcuser,ou=rcabook,dc=localhost" write by anonymous auth by self write by * none # For user authentication and password change access to attrs=userPassword by dn="cn=admin,dc=localhost" write by anonymous auth by self write by * none # Grant the Roundcube users access to their private addressbooks access to dn.regex="^.*cn=([^,]+),ou=private,ou=rcabook,dc=localhost$" by dn="cn=admin,dc=localhost" write by dn="cn=rcuser,ou=rcabook,dc=localhost" write by dn.exact,expand="cn=$1,ou=private,ou=rcabook,dc=localhost" write # Grant the Roundcube user access to the whole addressbook access to dn.subtree="ou=rcabook,dc=localhost" by dn="cn=admin,dc=localhost" write by dn="cn=rcuser,ou=rcabook,dc=localhost" write # For direcory access access to * by dn="cn=admin,dc=localhost" write # enable monitoring database monitor ----------------------------------------- openldap/ldap.conf # # LDAP Defaults # # See ldap.conf(5) for details # This file should be world readable but not world writable. #BASE dc=example,dc=com #URI ldap://ldap.example.com ldap://ldap-master.example.com:666 #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never URI ldap://127.0.0.1/ BASE dc=localhost TLS_REQCERT never TLS_CACERTDIR /etc/openldap/cacerts -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

2 1

Re: [RCU] "Session invalid or expired" roundcube 7.1
by rapaterres Oo. 02 Mar '12

02 Mar '12

Hey Marcel, 2012/3/2 Marcel Herrguth <mherrguth(a)mrgeneration.de> > Hey, > > Am 2.3.2012 04:51, schrieb rapaterres Oo.: > >> i'm just upgraded 7.0 to 7.1 roundcube and i can't access into >> webmail, i have the error "Session invalid or expired" when i try to >> login >> >> here the logs... >> [..] >> >> i don't know what's going on because all looks fine... but it isn't :( >> >> anyone can guide me with this error? >> >> > I had similare Errors. These errors occur soemtimes, but simply seem to be > a Browser Problem. (for me it was Firefox). > If you delete all cookies that Roundcube writes (especially the session > cookie) and then refresh the page, a login should work fine to you. > > You can also use the plugin that keeps you logged in. It may sometimes > display this error as well, but if you refresh it without doing anything > else, it logs you in most of the times. > > Hope I could help you > thank you for your help but... I already read that this problem could be the browser and I deleted all cookies, and tried from another browser too... but it did not work. I even tried from another computer (and other ip), and even tried to delete the sessions in the bbdd, but I have the same error. -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

1 0

Problem with users that have multiple mail aliases
by Jacek Osiecki 02 Mar '12

02 Mar '12

Hi, In my system I have multiple domains with many users, all set up in mysql. MTA is served by Exim 4, Backend and IMAP is handled by dovecot 2.0. Some of my users have mail aliases, what means that for example john(a)test.com is able to log in also as johny(a)test.com as well as john(a)williams.com. All these accounts lead to the same mailbox, and check the password for the same basic user, which is john(a)test.com. And everything works fine, until they log in to roundcube. Lightweight issue is that settings are separate for each email that they used to log in - annoying, but you could live with it. But another thing is much worse: when users set up sieve rules in roundcube, these settings are also separate for each mail alias - what is hardly acceptable. But what is absolutely unacceptable is the fact, that actually only rules set up for the basic account (john(a)test.com) are working. This is quite understandable, since dovecot during delivery checks the basic account sieve file instead of checking all possible variants :) Now I'd like to find out if there is any solution for repairing this. Dovecot, for example, uses its user_query and password_query, that always return the same no matter which credentials were used to log in. Maybe there is a way for roundcube to identify user not by credentials but by eg. inbox path? That would help a lot... Am I the only one who needs such functionality? Greetings, -- Jacek -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

2 2

"Session invalid or expired" roundcube 7.1
by rapaterres Oo. 01 Mar '12

01 Mar '12

hi all! i'm just upgraded 7.0 to 7.1 roundcube and i can't access into webmail, i have the error "Session invalid or expired" when i try to login here the logs... userlogins logs seems to be ok: [23-Feb-2012 23:55:09 +0100]: Successful login for xxxxxxx(a)xxxxxxxx.net (ID: 4) from 81.36.137.2 <81.36.137.208>22 in session oq35mfhcb07rmmija98ahbph56 imap logs (works): [23-Feb-2012 23:55:09 +0100]: [5945] S: * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2008 Double Precision, Inc. See COPYING for distribution information. [23-Feb-2012 23:55:09 +0100]: [5945] C: A0001 LOGIN xxxx(a)xxxxxxxx.net xxxxx [23-Feb-2012 23:55:09 +0100]: [5945] S: A0001 OK LOGIN Ok. [23-Feb-2012 23:55:09 +0100]: [5945] C: A0002 NAMESPACE [23-Feb-2012 23:55:09 +0100]: [5945] S: * NAMESPACE (("INBOX." ".")) NIL (("#shared." ".")("shared." ".")) [23-Feb-2012 23:55:09 +0100]: [5945] S: A0002 OK NAMESPACE completed. [23-Feb-2012 23:55:09 +0100]: [5945] C: A0003 LOGOUT [23-Feb-2012 23:55:09 +0100]: [5945] S: * BYE Courier-IMAP server shutting down [23-Feb-2012 23:55:09 +0100]: [5945] S: A0003 OK LOGOUT completed sql logs: [23-Feb-2012 23:55:09 +0100]: query(1): SELECT vars, ip, changed FROM session WHERE sess_id = 'fb41l4i16f7hpk8d17d4ka4334'; [23-Feb-2012 23:55:09 +0100]: query(1): DELETE FROM session WHERE sess_id = 'fb41l4i16f7hpk8d17d4ka4334'; [23-Feb-2012 23:55:09 +0100]: query(1): SELECT * FROM users WHERE mail_host = 'localhost' AND username = 'xxxxx(a)xxxxxxx.net'; [23-Feb-2012 23:55:09 +0100]: query(1): UPDATE users SET last_login = now() WHERE user_id = '4'; [23-Feb-2012 23:55:09 +0100]: query(1): INSERT INTO session (sess_id, vars, ip, created, changed) VALUES ('oq35mfhcb07rmmija98ahbph56', 'bGFuZ3VhZ2V8czo1OiJlc19FUyI7aW1hcF9uYW1lc3BhY2V8YTo0OntzOjg6InBlcnNvbmFsIjthOjE6e2k6MDthOjI6e2k6MDtzOjY6IklOQk9YLiI7aToxO3M6MToiLiI7fX1zOjU6Im90aGVyIjtOO3M6Njoic2hhcmVkIjthOjI6e2k6MDthOjI6e2k6MDtzOjg6IiNzaGFyZWQuIjtpOjE7czoxOiIuIjt9aToxO2E6Mjp7aTowO3M6Nzoic2hhcmVkLiI7aToxO3M6MToiLiI7fX1zOjY6InByZWZpeCI7czo2OiJJTkJPWC4iO31pbWFwX2RlbGltaXRlcnxzOjE6Ii4iO3VzZXJfaWR8czoxOiI0Ijt1c2VybmFtZXxzOjIwOiJ0b3JpZXRAbXVzc29sdGVjLm5ldCI7aW1hcF9ob3N0fHM6OToibG9jYWxob3N0IjtpbWFwX3BvcnR8aToxNDM7aW1hcF9zc2x8TjtwYXNzd29yZHxzOjI0OiJNT1NMaU8wMmVObys5eHdiMGI0ZVd3PT0iO2xvZ2luX3RpbWV8aToxMzMwMDM3NzA5O3RpbWV6b25lfGQ6MTtkc3RfYWN0aXZlfGk6MDs=', '81.36.137.208', '2012-02-23 23:55:09', '2012-02-23 23:55:09'); [23-Feb-2012 23:55:09 +0100]: query(1): SELECT vars, ip, changed FROM session WHERE sess_id = 'oq35mfhcb07rmmija98ahbph56'; [23-Feb-2012 23:55:09 +0100]: query(1): SELECT * FROM users WHERE user_id = '4'; [23-Feb-2012 23:55:09 +0100]: query(1): DELETE FROM session WHERE sess_id = 'oq35mfhcb07rmmija98ahbph56'; [23-Feb-2012 23:55:09 +0100]: query(1): INSERT INTO session (sess_id, vars, ip, created, changed) VALUES ('oq35mfhcb07rmmija98ahbph56', 'bGFuZ3VhZ2V8czo1OiJlc19FUyI7dGVtcHxiOjE7', '81.36.137.222 <81.36.137.208>', '2012-02-23 23:55:09', '2012-02-23 23:55:09'); and.. in main.inc.php: $rcmail_config['session_lifetime'] = 10; i don't know what's going on because all looks fine... but it isn't :( anyone can guide me with this error? -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

1 0

New skin?
by list＠airstreamcomm.net 29 Feb '12

29 Feb '12

Hi Devs, you're probably getting this question every day now, but will we be seeing a February announcement for the beta release including the new skin for Roundcube? Thanks for all your hard work and talent! -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

3 2

$rcmail_config['identities_level'] = 3
by Edson S. da Silva - Grupo Horizonte 28 Feb '12

28 Feb '12

Good afternoon,I have a problemin myPostfix/Roundcube.I noticedthat in the lastthree monthsallusers createdin the tablewere not fed"identities."I do not knowwhat was doneto make it happen.The problemis that thesender fieldis open forthe user inputs theemailyou want. Something interestingI noticedis thatat the time offirstlogin (hourshecreatesrecords)it displaysthe error "Your sessionis invalid or expired" db.inc.phpfileis right...$rcmail_config['db_table_identities']= 'identities'; the fileis$main.inc.phprcmail_config['identities_level']=3; I do not knowwhat can be...Can someonehelp me? Note:Myenglishisbad.... -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

1 0

Populate "Display Name" from LDAP's "sn" field?
by Josh Whitver 27 Feb '12

27 Feb '12

Hello, We've got our RoundCube install tied into our LDAP server, and we'd like to populate the "Display Name" field from LDAP's "sn" field so that new users, upon logging in, will have new mail appear to come from their full name instead of their username. Is that even possible? If so, what steps would I need to take? Which file(s) need to be edited? Running RoundCube-0.7.1. Thanks! -- Josh Whitver whitverj(a)urbandale.k12.ia.us / josh(a)whitver.net "Write a wise saying and your name will live forever." -Unknown -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

2 1

testing ldap addressbook
by Nelson Serafica 27 Feb '12

27 Feb '12

I'm currently studying roundcube with ldap as its DEFAULT addressbook. I have a running ldap for addressbook and it is working fine in an email client such as Thunderbird. Below is my setup in TB Base DN : dc=mail,dc=foo,dc=com Port 388 Port 388 is being forward to 389 of my ldap server. However, I cannot configure Roundecube to query on ldap. Below is my config in ldap settings in main.inc.php. $rcmail_config['address_book_type'] = 'ldap'; $rcmail_config['ldap_public']['Addbook'] = array( 'name' => 'foo.com', 'hosts' => array('localhost'), 'port' => 389, 'use_tls' => false, 'user_specific' => false, 'base_dn' => 'dc=mail,dc=foo,dc=com', 'LDAP_Object_Classes' => array("top", "inetOrgPerson"), 'required_fields' => array("cn", "sn", "mail"), 'LDAP_rdn' => 'mail', 'search_fields' => array('mail', 'cn'), 'name_field' => 'cn', 'email_field' => 'mail', 'surname_field' => 'sn', 'firstname_field' => 'gn', 'sort' => 'cn', 'fuzzy_search' => true, 'sizelimit' => '0', 'timelimit' => '0', ); $rcmail_config['autocomplete_addressbooks'] = array('ldap','foo.com'); $rcmail_config['autocomplete_min_length'] = 1; After saving main.inc.php, I can no longer access Addressbook Tab. Probably of the wrong settings in my ldap. I can query ldap when I do ldapsearch -x -b 'dc=mail,dc=foo,dc=com'. The settings above is based on the default file main.inc.php. I just followed the procedures. Can anyone give a hint? TIA, Nelson -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

1 1

advanced search
by kaifamm＠libero.it 27 Feb '12

27 Feb '12

Hi, I'm trying Roundcube and I think it's great !!!!!!! But I have not found an advanced search of messages, you can't search and filtering for multiple fields of message at the same time. For example, I want search messages from one date to a date (period). For example, messages that the recipient equal to "X" and the sender equal to "Y" and that the subject contains "Z". I did not find it or is there not ? if there is not, it planned in future releases? there is a plugin ? Thank you -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

1 0

Importing contacts from horde:turba
by Russell Sutherland 27 Feb '12

27 Feb '12

I am sure this must be a common question. How does one imports a set of contacts from a Horde:IMP:turba environment? I can export the raw data from the source system into a CVS like file. Is it a simple matter to just use perl:DBI to insert the data into the roundcubemail:contacts table? I have looked at that option and noticed that contacts are referenced via user_id. My roundcube instance already has all the roundcubemail:users table populated. Or is there some php code in the source tree which I can leverage to make the job easier. I have about 5000 contacts or else I could do things manually. Many thanks in advance. Russell -- Russell Sutherland email: russ(a)quist.ca cell: +1.416.803.0080 -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

4 3

[ADMIN] Mail server changes made
by Jason Fesler 26 Feb '12

26 Feb '12

To the Round Cube community. Today I've made changes to the mail server, that will hopefully enable me to continue serving as your list host. I've changed the numeric IP address used for posts being sent from this mailing list. This change *may* cause some of you to see delays, as ISPs do not yet have any reputation recorded for this new IP address. Many ISPs delay mail in this circumstance until more of a reputation is earned. If you want to catch up in the list, and you think mail to your ISP is being delayed, you can read the archives at http://lists.roundcube.net/users/ . [Stop reading here, unless you want more background info.] This change is regrettable an important one, for me to continue hosting. Until today, mail for my users (many of which have been here for 10-15 years) was sharing the same physical server and IP address as hosting the mailing lists. Most of those years, this was not a problem. However, in the last year or two, there has been increasing tension with this setup. Why the tension? People who subscribed to the list, then later complain to their ISP that the mail is spam. Pure and simple. These people build a negative reputation for my server's IP address. This in turn causes the ISPs to block *all* mail from my IP address. This affects the CRPL list, the Woodworkers list (who's now moved off), the Round Cube lists, and all the personal users on my server (including my family). Many of us use the server for contact with our families, or (in my case) for professional reasons. For example, nobody on my server can mail AT&T owned domains. This includes worldnet, pacbell, prodigy, swbell, and other related businesses. This failure mode has caused several long time users and organizations both to leave my server. All of it is directly attribution to the mailing list hosting. This tension has been so bad that I asked your list *owners*, in December, to look for a new host to move to. This has been a terrible ask - both my act of doing so; as well as the effort it takes for your list owners to find a new home. This has been quite difficult for your list owners to actually act on. I've finally come up with a solution (and had the time to implement it), to avoid moving the mailing lists to a different physical server. New posts will come from a dedicated IP address just for mailing lists; all other mail will remain on the original IP. Until the ISPs of the world stop delaying mail from this new IP, I'll ask you for your patience. With these changes, I hope that I'll be able to host the list for another 10-15 years after all. -jason list *host* . --- 8< --- detachments --- 8< --- The following attachments have been detached and are available for viewing. http://detached.gigo.com/rc/FF/HVKuFZRK/smime.p7s Only click these links if you trust the sender, as well as this message. --- 8< --- detachments --- 8< --- -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

2 1

Test / Ignore
by Jason Fesler 26 Feb '12

26 Feb '12

Testing mailing list server changes. --- 8< --- detachments --- 8< --- The following attachments have been detached and are available for viewing. http://detached.gigo.com/rc/ek/nTjsWPn2/smime.p7s Only click these links if you trust the sender, as well as this message. --- 8< --- detachments --- 8< --- -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

1 0

Roundcube and openldap search hierarchy
by Sasha Kacanski 25 Feb '12

25 Feb '12

Hi All, I setup a rouncube (svn current) with two cyrus imap servers and openldap/mysql. I managed to extend my ldap hierarchy to include following: ou=People,dc=xxxx,dc=org for public address book this works fine and all users are visible from the roundcube via public address - readonly book i have private address books under user uid uid=xxxx,ou=People,dc=xxxx,dc=org as ou=addressbook,uid=xxxx,ou=People,dc=xxxx,dc=org slapd.conf is modified with appropriate rules to allow users to create addditional address books and contacts everything works fine. I changed search criteria on the public address book to "one" from "sub" to avoid picking up private group names under public address group listing. However, when I create user private address book, e.a. cn=My Friends,ou=addressbook,uid=xxxx,ou=People,dc=xxxx,dc=org this private group will show under both, public and private address space in roundcube. I thought that by limiting search criteria in public address space from sub to one will prevent private address books from showing, but that did not work. What do you suggest as easiest approach to solve this issue. btw, I registered to http://www.roundcubeforum.net and I can't post email to any forum. I sent email to support folks and nothing... Regards, --sasha -- Aleksandar Kacanski -- Aleksandar Kacanski -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

2 1

Re: [RCU] Clustered roundcube
by James Devine 23 Feb '12

23 Feb '12

My fear is that the garbage collection from one or more webmail machines is somehow stomping over active sessions On Tue, Feb 14, 2012 at 10:10 AM, Jernej Porenta <jernej.porenta(a)arnes.si>wrote: > > On Feb 14, 2012, at 5:19 PM, James Devine wrote: > > > I have 3 machines running identical instances of roundcube setup in a > load balanced cluster sharing an instance of mysql. We seem to have issues > at times where people's sessions expire in the middle of using roundcube. > Is the best way to fix this to set the session_lifetime to 0 and do manual > cleanup of sessions? -- > > List info: http://lists.roundcube.net/users/ > > BT/ef886a1a > > > Did you try using memcache for session data? > > It might solve some issues, since it is way better performing than session > data in MySQL and the paradigm is almost the same. I believe memcache > session driver is available in 0.7 series, however you will still need > MySQL for other caches, if you are using them. > > Regards, > -- > Jernej Porenta <jernej.porenta(a)arnes.si> > ARNES, Tehnološki park 18, p.p. 7, SI-1001 Ljubljana, Slovenia > tel: +386 1 479 8800, fax: +386 1 479 88 99 > > -- List info: http://lists.roundcube.net/users/ BT/9b404e9e

2 5

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Users