I am currently having some issues trying to get the change password function to work. I have sanitized the config and the logs. I am hoping that I am not missing anything. I have RoundCube authenticating against Active Directory right now with no issues. I have no issues with mail delivery. I figured out how to get the Global Addressbook to pull from Active Directory, but this is beating me. I would appreciate any help with this plugin that I can get.
Configuration File
[root@mail ~]# less /var/www/webmail.$MYSITE.com/plugins/password/config.inc.php <?php
// Password Plugin options $rcmail_config['password_driver'] = 'ldap';
// Determine whether current password is required to change password. $rcmail_config['password_confirm_current'] = true;
// Require the new password to be a certain length. $rcmail_config['password_minimum_length'] = 7;
// Require the new password to contain a letter and punctuation character $rcmail_config['password_require_nonalpha'] = true;
// LDAP and LDAP_SIMPLE Driver options // ----------------------------------- $rcmail_config['password_ldap_host'] = $MYDC';
// LDAP server port to connect to // Default: '389' $rcmail_config['password_ldap_port'] = '389';
// TLS is started after connecting $rcmail_config['password_ldap_starttls'] = false;
// LDAP version $rcmail_config['password_ldap_version'] = '3';
// LDAP base name (root directory) $rcmail_config['password_ldap_basedn'] = 'dc=$MYDOMAIN,dc=local';
// LDAP connection method $rcmail_config['password_ldap_method'] = 'user';
// LDAP Admin DN $rcmail_config['password_ldap_adminDN'] = null;
// LDAP Admin Password $rcmail_config['password_ldap_adminPW'] = null;
// LDAP user DN mask $rcmail_config['password_ldap_userDN_mask'] = 'cn=%name,dc=$MYDOMAIN,dc=local';
// LDAP search DN $rcmail_config['password_ldap_searchDN'] = 'cn=ad.bind,cn=users,dc=$MYDOMAIN,dc=local';
// LDAP search password $rcmail_config['password_ldap_searchPW'] = '$AD.BINDPWD';
// LDAP search base $rcmail_config['password_ldap_search_base'] = 'cn=users,dc=$MYDOMAIN,dc=local';
// LDAP search filter $rcmail_config['password_ldap_search_filter'] = '(cn=%name)';
// LDAP password hash type $rcmail_config['password_ldap_encodage'] = 'crypt';
// LDAP password attribute $rcmail_config['password_ldap_pwattr'] = 'userPassword';
// LDAP password force replace $rcmail_config['password_ldap_force_replace'] = true;
// LDAP Password Last Change Date $rcmail_config['password_ldap_lchattr'] = 'pwdLastSet';
// Also try to update Samba password attributes: sambaNTPassword and sambaPwdLastSet $rcmail_config['password_ldap_samba'] = false;
);
Errors
[root@mail ~]# tail -f /var/log/httpd/error_log [Mon Mar 21 22:30:31 2011] [error] [client x.x.x.x] Bind failed: Invalid credentials: LDAP_INVALID_CREDENTIALS (49): , referer: http://webmail.$MYSITE.com/?_task=settings&_action=plugin.password-save [Mon Mar 21 22:30:40 2011] [error] [client x.x.x.x] Bind failed: Invalid credentials: LDAP_INVALID_CREDENTIALS (49): , referer: http://webmail. $MYSITE.com/?_task=settings&_action=plugin.password-save
I understand that the LDAP_INVALID_CREDENTIALS is an issue with the login and password that I am trying to bind with. I just don't see where my error is. What am I missing?
Thanks,
Clay