Mailing List Archive

Hi,

as the subject says: I'm stuck with ldap-auth.

Distribution: Opensuse 11.1
Davical/awl: Latest *.rpm

So far, I've got davical up and running. Good.

My "users" are stored in a ldap-directory. Username (uid) is constructed like "someuser at some.domain"

My *.conf:

,----[ /etc/davical/myserver.conf ]
| <?php
| $c->pg_connect[] = "dbname=davical user=davical_app";
| $c->system_name = "Hannsis DAViCal CalDAV Server";
| $c->default_locale = "de_DE";
| $c->admin_email ='my at adress.mail';
| $c->collections_always_exist = false;
| $c->default_privileges = array('read-free-busy', 'schedule-query-freebusy');
|
|
| /********************************/
| /*********** LDAP hook **********/
| /********************************/
|
| $c->authenticate_hook['call'] = 'LDAP_check';
| $c->authenticate_hook['config'] = array(
| 'host' => 'ldap://my.server.de',
| 'port' => '389',
| 'bindDN'=> 'cn=bla,dc=fasel,dc=bla',
| 'passDN'=> 'totalgeheim',
| 'protocolVersion' => '3', //Version of LDAP protocol to use
| 'baseDNUsers'=> 'ou=bla,dc=fasel,dc=foo',
| 'filterUsers' => 'objectClass=CourierMailAccount',
| 'mapping_field' => array("username" => "uid",
| "updated" => "modifyTimestamp",
| "fullname" => "cn" ,
| "email" =>"mail"
| ),
| 'format_updated'=> array('Y' => array(0,4),
| 'm' => array(4,2),
| 'd'=> array(6,2),
| 'H' => array(8,2),
| 'M'=>array(10,2),
| 'S' => array(12,2)),
| 'startTLS' => 'yes',
| );
| include('drivers_ldap.php');
`----

According to http://wiki.davical.org/w/Configuration#Using_LDAP I think,
this settings should be working?

Login with a user in the ldap-Tree shows in /var/log/messages
(shortened) errors::

,----[ /var/log/messages ]
| Jan 15 00:45:24 mail httpd2-prefork: PHP Notice: Use of undefined constant __LINE - assumed '__LINE' in /usr/share/davical/inc/auth-functions.php on line 97
| Jan 15 00:45:24 mail httpd2-prefork: PHP Notice: Use of undefined constant __LINE - assumed '__LINE' in /usr/share/davical/inc/auth-functions.php on line 103
`----

Apache/php unhappy ... (and no, I'm not an Apache-Expert. My server
mainly is a mail-Server, and Apache was - mainly - set up to serve a
webmail-client to the mail-server)

I'm sure, I'm missing something obvious.

Any hints?[1]

Thanks

Hanns

Footnotes:
[1] and I hope, someone will understand my imitation of "english"

Hei, Michael,

Michael Rasmussen <mir at datanom.net> schrieb:

>Hanns Mattes <hanns at hannsmattes.de> wrote:
>
>> | 'host' => 'ldap://my.server.de',
>shouldn't this be 'host' => 'my.server.de',

No, the setting ist correct, as the config seems to be: After I've found
the "Synchronize LDAP with Davical"-Page, my users were imported to
Davical. Good.

But now I'can't login to the webinterface with my admin-account. Not
good. Probably, because there's no user "admin" in the ldap-tree and
authentication is failing for this reason. (Creating "admin" in LDAP
doesn't help.)

Any Hints?

Thanx

Hanns

Hei, Michael,

Michael Rasmussen <mir at datanom.net> schrieb:

>Hanns Mattes <hanns at hannsmattes.de> wrote:
>
>> | 'host' => 'ldap://my.server.de',
>shouldn't this be 'host' => 'my.server.de',

No, the setting ist correct, as the config seems to be: After I've found
the "Synchronize LDAP with Davical"-Page, my users were imported to
Davical. Good.

But now I'can't login to the webinterface with my admin-account. Not
good. Probably, because there's no user "admin" in the ldap-tree and
authentication is failing for this reason. (Creating "admin" in LDAP
doesn't help.)

Any Hints?

Thanx

Hanns

Which davical version is "the latest rpm"? Even the latest 0.9.7-Version
was buggy with LDAP.

Regards,
Norbert

Am 15.01.2010 01:13, schrieb Hanns Mattes:
> Hi,
>
> as the subject says: I'm stuck with ldap-auth.
>
> Distribution: Opensuse 11.1
> Davical/awl: Latest *.rpm
>
> So far, I've got davical up and running. Good.
>
> My "users" are stored in a ldap-directory. Username (uid) is constructed like "someuser at some.domain"
>
> My *.conf:
>
> ,----[ /etc/davical/myserver.conf ]
> | <?php
> | $c->pg_connect[] = "dbname=davical user=davical_app";
> | $c->system_name = "Hannsis DAViCal CalDAV Server";
> | $c->default_locale = "de_DE";
> | $c->admin_email ='my at adress.mail';
> | $c->collections_always_exist = false;
> | $c->default_privileges = array('read-free-busy', 'schedule-query-freebusy');
> |
> |
> | /********************************/
> | /*********** LDAP hook **********/
> | /********************************/
> |
> | $c->authenticate_hook['call'] = 'LDAP_check';
> | $c->authenticate_hook['config'] = array(
> | 'host' => 'ldap://my.server.de',
> | 'port' => '389',
> | 'bindDN'=> 'cn=bla,dc=fasel,dc=bla',
> | 'passDN'=> 'totalgeheim',
> | 'protocolVersion' => '3', //Version of LDAP protocol to use
> | 'baseDNUsers'=> 'ou=bla,dc=fasel,dc=foo',
> | 'filterUsers' => 'objectClass=CourierMailAccount',
> | 'mapping_field' => array("username" => "uid",
> | "updated" => "modifyTimestamp",
> | "fullname" => "cn" ,
> | "email" =>"mail"
> | ),
> | 'format_updated'=> array('Y' => array(0,4),
> | 'm' => array(4,2),
> | 'd'=> array(6,2),
> | 'H' => array(8,2),
> | 'M'=>array(10,2),
> | 'S' => array(12,2)),
> | 'startTLS' => 'yes',
> | );
> | include('drivers_ldap.php');
> `----
>
> According to http://wiki.davical.org/w/Configuration#Using_LDAP I think,
> this settings should be working?
>
> Login with a user in the ldap-Tree shows in /var/log/messages
> (shortened) errors::
>
> ,----[ /var/log/messages ]
> | Jan 15 00:45:24 mail httpd2-prefork: PHP Notice: Use of undefined constant __LINE - assumed '__LINE' in /usr/share/davical/inc/auth-functions.php on line 97
> | Jan 15 00:45:24 mail httpd2-prefork: PHP Notice: Use of undefined constant __LINE - assumed '__LINE' in /usr/share/davical/inc/auth-functions.php on line 103
> `----
>
> Apache/php unhappy ... (and no, I'm not an Apache-Expert. My server
> mainly is a mail-Server, and Apache was - mainly - set up to serve a
> webmail-client to the mail-server)
>
> I'm sure, I'm missing something obvious.
>
> Any hints?[1]
>
> Thanks
>
> Hanns
>
> Footnotes:
> [1] and I hope, someone will understand my imitation of "english"
>

--
networker, projektberatung GmbH
Kirchstr. 11a
53604 Bad Honnef

Tel.: 02224/986158
Fax: 02224/986174
Mobil: 0163/5768493

On Fri, 15 Jan 2010 13:14:01 +0100, Hanns Mattes <hanns at hannsmattes.de>
wrote:

> No, the setting ist correct, as the config seems to be: After I've found
> the "Synchronize LDAP with Davical"-Page, my users were imported to
> Davical. Good.
>
> But now I'can't login to the webinterface with my admin-account. Not
> good. Probably, because there's no user "admin" in the ldap-tree and
> authentication is failing for this reason. (Creating "admin" in LDAP
> doesn't help.)
>
> Any Hints?
>
> Thanx
>
> Hanns
>

You can connect to your database and manually re-enable the admin user :


$ psql --dbname davical --username davical_app

davical=> update usr SET active='t' WHERE username='admin';

And your admin user should work again.
Think about setting the admin flag to an ldap user because the admin will
be disabled again with the next sync.

--
Fabien Zouaoui

Hei, Norbert,

Norbert P?schel <norbert.pueschel at networker-gmbh.de> schrieb:

>Which davical version is "the latest rpm"? Even the latest 0.9.7-Version
>was buggy with LDAP.

0.9.7.6

But in the meantime I've managed to import my ldap-Users and also
re-established the admin-account, so this part of the Configuration is
done.

CU

Hanns

Hi,

answering myself correcting myself:

Hanns Mattes <hanns at hannsmattes.de> schrieb:

>[LDAP and Davical]
>
>But now I'can't login to the webinterface with my admin-account. Not
>good. Probably, because there's no user "admin" in the ldap-tree and
>authentication is failing for this reason. (Creating "admin" in LDAP
>doesn't help.)

correcting myself ... it does help. I had to create an "admin"-account
in Ldap and to sync ldap to davical once more.

So far, so good.

CU

Hanns

Hi,

with 0.9.8 you do not need LDAP-Sync; LDAP-users are created
automatically on first login. A bug in 0.9.7.6 prevents this.

Regards,
Norbert P?schel

Am 15.01.2010 15:10, schrieb Hanns Mattes:
> Hi,
>
> answering myself correcting myself:
>
> Hanns Mattes <hanns at hannsmattes.de> schrieb:
>
>> [LDAP and Davical]
>>
>> But now I'can't login to the webinterface with my admin-account. Not
>> good. Probably, because there's no user "admin" in the ldap-tree and
>> authentication is failing for this reason. (Creating "admin" in LDAP
>> doesn't help.)
>
> correcting myself ... it does help. I had to create an "admin"-account
> in Ldap and to sync ldap to davical once more.
>
> So far, so good.
>
> CU
>
> Hanns
>

--
networker, projektberatung GmbH
Kirchstr. 11a
53604 Bad Honnef

Tel.: 02224/986158
Fax: 02224/986174
Mobil: 0163/5768493

Hei, Norbert,

Am 15.01.2010 15:47, schrieb Norbert P?schel:

> with 0.9.8 you do not need LDAP-Sync; LDAP-users are created
> automatically on first login. A bug in 0.9.7.6 prevents this.

Thank You (and Michael and Fabien)! Re-installed, started from scratch -
things are looking good.

Time to have a closer look to the docs for further configuration.

CU