Great! I will add this to the wiki and concerning comments when i am at home. Thanks Andreas
"kaifamm@libero.it" kaifamm@libero.it schrieb:
Hi,
Thank you for the tips !!!!
I found the solution !!!!!!!! Yes in the script rcabook-setup.sh there is not the creation of single users for private addressbook !!!
So I made a script ( rc_create_user.sh) that create users in ldap server for private addressbook. This script must run for each ldap users.
#!/bin/bash # Parameters : USER PASSWORD # example : rc_create_user.sh mark xxxx # #------------ parameters start -------------------------------- if [ $# -lt 2 ] ; then echo "ERROR - Number of parameters is wrong. Example: rc_create_user.sh
user password" exit 1 fi
abook_user=$1; abook_pass=$2; #------------ parameters end --------------------------------
#------------ configuration start -------------------------------- server="ldap://localhost:389"; suffix="dc=localhost"; rootdn="cn=admin,$suffix";
abook_name="rcabook";
subdir_public="public"; subdir_private="private";
base_dn="ou=$subdir_private,ou=$abook_name,$suffix"; bind_dn="cn=$abook_user,$base_dn"; bind_pass="$abook_pass"; #------------ configuration end --------------------------------
echo " dn: $bind_dn cn: $abook_user userPassword:
slappasswd -s $abook_passobjectClass: organizationalRole objectClass: simpleSecurityObject " | ldapadd -x -c -H $server -D $rootdn -W 2> /dev/null || { echo "ERROR-unable to create user!"; exit 1; };----Messaggio originale---- Da: andudi@gmx.ch Data: 05/03/2012 20.03 A: "kaifamm@libero.it"kaifamm@libero.it, "Roundcube Users mailing
list" users@lists.roundcube.net
Ogg: Re: [RCU] R: Re: Ldap Addressbook : problem for credentials
in private addressbook
Well. the script was written before private abooks was added... ACL is
not checked for that yet
But have you created the user? Can you show the output of ldapsearch? I have not yet scanned yor slapd log... will do that at home
Andreas
"kaifamm@libero.it" kaifamm@libero.it schrieb:
Hi All,
thanks for the answers !!!
I made other tests :
If I try this : ldapsearch -xLLL -H ldap://localhost:389 -D
cn=rcuser,
ou=rcabook,dc=localhost -w rcpass -b ou=rcabook,dc=localhost it works fine.
If I try this : ldapsearch -xLLL -H ldap://localhost:389 -D cn=mark, ou=private,ou=rcabook,dc=localhost -w xxxx It answer : ldap_bind: Invalid credentials (49), so I think that there is an ACL problem.
I think that there is an error in the script rcabook-setup.sh.
I did run and run again the script rcabook-setup.sh, it doesn't
return
errors and it said : The LDAP addressbook is ready now for using: base_dn: ou=rcabook,dc=localhost bind_dn: cn=rcuser,ou=rcabook,dc=localhost
Use the following command for reading and checking your setup: ldapsearch -xLLL -H ldap://localhost:389 -D cn=rcuser,ou=rcabook, dc=localhost -w rcpass -b ou=rcabook,dc=localhost
I report my ldap.log with the debug of ldap server :
daemon: activity on: slap_listener_activate(7): daemon: epoll: listen=7 busy daemon: epoll: listen=8 active_threads=0 tvp=zero
slap_listener(ldap:///)
daemon: listen=7, new connection on 13 daemon: activity on 1 descriptor daemon: activity on: daemon: epoll: listen=7 active_threads=0 tvp=zero daemon: epoll: listen=8 active_threads=0 tvp=zero daemon: added 13r (active) listener=(nil) daemon: activity on 1 descriptor conn=21 fd=13 ACCEPT from IP=127.0.0.1:45320 (IP=0.0.0.0:389) daemon: activity on: 13r daemon: read active on 13 daemon: epoll: listen=7 active_threads=0 tvp=zero connection_get(13) daemon: epoll: listen=8 active_threads=0 tvp=zero connection_get(13): got connid=21 connection_read(13): checking for input on id=21 ber_get_next ldap_read: want=8, got=8 0000: 30 84 00 00 00 3e 02 01 0....>..
ldap_read: want=60, got=60 0000: 01 60 84 00 00 00 35 02 01 03 04 2a 63 6e 3d 6d
.`....5....*cn=m 0010: 61 72 6b 2c 6f 75 3d 70 72 69 76 61 74 65 2c 6f
ark,ou=private,o 0020: 75 3d 72 63 61 62 6f 6f 6b 2c 64 63 3d 6c 6f 63
u=rcabook,dc=loc 0030: 61 6c 68 6f 73 74 80 04 78 78 78 78alhost..xxxx
ber_get_next: tag 0x30 len 62 contents: ber_dump: buf=0xa0b040a8 ptr=0xa0b040a8 end=0xa0b040e6 len=62 0000: 02 01 01 60 84 00 00 00 35 02 01 03 04 2a 63 6e
.......5....*cn 0010: 3d 6d 61 72 6b 2c 6f 75 3d 70 72 69 76 61 74 65 =mark,ou=private 0020: 2c 6f 75 3d 72 63 61 62 6f 6f 6b 2c 64 63 3d 6c ,ou=rcabook,dc=l 0030: 6f 63 61 6c 68 6f 73 74 80 04 78 78 78 78 ocalhost..xxxx op tag 0x60, time 1330963449 ber_get_next ldap_read: want=8 error=Resource temporarily unavailable conn=21 op=0 do_bind ber_scanf fmt ({imt) ber: ber_dump: buf=0xa0b040a8 ptr=0xa0b040ab end=0xa0b040e6 len=59 0000: 60 84 00 00 00 35 02 01 03 04 2a 63 6e 3d 6d 61....5....*cn=ma 0010: 72 6b 2c 6f 75 3d 70 72 69 76 61 74 65 2c 6f 75
rk,ou=private,ou 0020: 3d 72 63 61 62 6f 6f 6b 2c 64 63 3d 6c 6f 63 61
=rcabook,dc=loca 0030: 6c 68 6f 73 74 80 04 78 78 78 78 lhost..xxxxber_scanf fmt (m}) ber: ber_dump: buf=0xa0b040a8 ptr=0xa0b040e0 end=0xa0b040e6 len=6 0000: 00 04 78 78 78 78 ..xxxx
dnPrettyNormal: <cn=mark,ou=private,ou=rcabook,dc=localhost>
=> ldap_bv2dn(cn=mark,ou=private,ou=rcabook,dc=localhost,0) <= ldap_bv2dn(cn=mark,ou=private,ou=rcabook,dc=localhost)=0 => ldap_dn2bv(272) <= ldap_dn2bv(cn=mark,ou=private,ou=rcabook,dc=localhost)=0 => ldap_dn2bv(272) <= ldap_dn2bv(cn=mark,ou=private,ou=rcabook,dc=localhost)=0 <<< dnPrettyNormal: <cn=mark,ou=private,ou=rcabook,dc=localhost>, <cn=mark, ou=private,ou=rcabook,dc=localhost> conn=21 op=0 BIND dn="cn=mark,ou=private,ou=rcabook,dc=localhost" method=128 do_bind: version=3 dn="cn=mark,ou=private,ou=rcabook,dc=localhost" method=128 ==> bdb_bind: dn: cn=mark,ou=private,ou=rcabook,dc=localhost bdb_dn2entry("cn=mark,ou=private,ou=rcabook,dc=localhost") => bdb_dn2id("cn=mark,ou=private,ou=rcabook,dc=localhost") <= bdb_dn2id: get failed: DB_NOTFOUND: No matching key/data pair
found
(-30988) send_ldap_result: conn=21 op=0 p=3 send_ldap_result: err=49 matched="" text="" send_ldap_response: msgid=1 tag=97 err=49 ber_flush2: 22 bytes to sd 13 0000: 30 84 00 00 00 10 02 01 01 61 84 00 00 00 07 0a
0........a...... 0010: 01 31 04 00 04 00 .1....ldap_write: want=22, written=22 0000: 30 84 00 00 00 10 02 01 01 61 84 00 00 00 07 0a
0........a...... 0010: 01 31 04 00 04 00 .1....conn=21 op=0 RESULT tag=97 err=49 text= daemon: activity on 1 descriptor daemon: activity on: daemon: epoll: listen=7 active_threads=0 tvp=zero daemon: epoll: listen=8 active_threads=0 tvp=zero daemon: activity on 1 descriptor daemon: activity on: 13r daemon: read active on 13 daemon: epoll: listen=7 active_threads=0 tvp=zero connection_get(13) daemon: epoll: listen=8 active_threads=0 tvp=zero connection_get(13): got connid=21 connection_read(13): checking for input on id=21 ber_get_next ldap_read: want=8, got=0
ber_get_next on fd 13 failed errno=0 (Success) connection_read(13): input error=-2 id=21, closing. connection_closing: readying conn=21 sd=13 for close connection_close: conn=21 sd=13 daemon: activity on 1 descriptor daemon: removing 13 daemon: activity on: conn=21 fd=13 closed (connection lost) daemon: epoll: listen=7 active_threads=0 tvp=zero daemon: epoll: listen=8 active_threads=0 tvp=zero
Thanks a lot Mark
----Messaggio originale---- Da: andudi@gmx.ch Data: 05/03/2012 14.09 A: "kaifamm@libero.it"kaifamm@libero.it,
Ogg: Re: [RCU] Ldap Addressbook : problem for credentials in
private
addressbook
Hei I am i ski hollydays and have not my setup in front.
Your setup seems ok, but can you try to connect with ldapsearch on
the
commandline?
Another try could be to switch on logging in slapd.conf Ldap.conf is not used by server but by clients like ldapsearch...
Andreas
"kaifamm@libero.it" kaifamm@libero.it schrieb:
Hi All,
I configured the ldap server and roundcube to manage contacts. I
used
the howto : http://trac.roundcube.net/wiki/Howto_Ldap. It work quite, I have only
a problem for credentials in private addressbook. The public addressb