2.2-rc3 critique: FAILS '"' CONTAINING PASSWORDS!!!!

Alain Spineux aspineux at gmail.com
Thu Jun 19 01:11:26 CEST 2008 

On Wed, Jun 18, 2008 at 11:17 PM, Johannes Graumann
<johannes_graumann at web.de> wrote:
> Hi,
>
> 1) Completely fresh openpkg install/bootstrap
> 2) Create a new user
> 3) Try to use new user:
>        a) admin interface works

I thing the webadmin use simple_bind not SASL !

>        b) horde doesn't

use IMAP then SASL

>        c) kontact doesn't

use IMAP to

> 4) Investigate:
>        a) manually bind to openldap:
>        root# /kolab/bin/ldapsearch -b dc=graumanage,dc=net -s base -D 'cn=Johannes
>        Graumann,dc=graumanage,dc=net' -h 127.0.0.1 -x -w '<MYPASSWD>'
>

then simple bind works

>        Output in the shell:
>         # extended LDIF
>        #
>        # LDAPv3
>        # base <dc=graumanage,dc=net> with scope baseObject
>        # filter: (objectclass=*)
>        # requesting: ALL
>        #
>
>        # graumanage.net
>        dn: dc=graumanage,dc=net
>        dc: graumanage
>        objectClass: top
>        objectClass: domain
>
>        # search result
>        search: 2
>        result: 0 Success
>
>        # numResponses: 2
>        # numEntries: 1
>        b) equivalent output when observing slapd debugging (as advised here:
>        http://wiki.kolab.org/index.php/Kolab2_Server_Troubleshooting_-_LDAP)
>        c) appropriate slapd debugging output when logging into admin interface
>        d) NO slapd output when attempting to use horde

Look like SASL cannot even communicate with LDAP

>        e) only trace of horde login:
>                tail /kolab/var/apache/log/horde/horde.log
>                Jun 18 22:14:05 HORDE [error] [horde] FAILED LOGIN for Johannes Graumann
>                [192.168.0.2] to Horde [pid 25084 on line 157
>                of "/kolab/var/kolab/www/horde/login.php"]
>        ==> this looked up somewhere that the email given was linked to my name,
>                but still fails ...
>        f) /kolab/bin/cyradm --user johannes.graumann at graumanage.net localhost
>                  Password ...
>                  IMAP password ...
>        FAILS

IMAP then SASL again

> 5) Partial solution to cyrus based problems:
>        USE PASSWORD WITHOUT '"' and imap-based stuff just works!!!!?????

I dont understand , without what ?

>        ==> cyradmin login works (also with explicitly escaped '"')

Did you use double or simple quote in your password ?

>        ==> much of kontact functionality therefore works

> 6) Remaining problems:
>        a) No horde login - pointers for better troubleshooting?
>        b) LDAP lookup from within kontact: still NO TLS or SSL
>        c) call up contact: still one stalling progress bar for an unidentifiable
>        connection to the server - what might this be?

My first idea (before the " or ' stuff) was to troubleshot SASL

http://wiki.kolab.org/index.php/Kolab2_Server_Troubleshooting_-_SASL


>
> Comments? Joh
>
> _______________________________________________
> Kolab-users mailing list
> Kolab-users at kolab.org
> https://kolab.org/mailman/listinfo/kolab-users
>



-- 
Alain Spineux
aspineux gmail com
May the sources be with you

More information about the users mailing list