2.2-rc3 critique: FAILS '"' CONTAINING PASSWORDS!!!!

Johannes Graumann johannes_graumann at web.de
Mon Jun 23 15:32:38 CEST 2008


Gunnar Wrobel wrote:

> Hi Johannes,
> 
> Johannes Graumann <johannes_graumann at web.de> writes:
> 
>> Hi,
>>
>> 1) Completely fresh openpkg install/bootstrap
>> 2) Create a new user
>> 3) Try to use new user:
>>         a) admin interface works
>>         b) horde doesn't
>>         c) kontact doesn't
>> 4) Investigate:
>>         a) manually bind to openldap:
>>         root# /kolab/bin/ldapsearch -b dc=graumanage,dc=net -s base -D
>>         'cn=Johannes Graumann,dc=graumanage,dc=net' -h 127.0.0.1 -x -w
>>         '<MYPASSWD>'
>>
>>         Output in the shell:
>>          # extended LDIF
>>         #
>>         # LDAPv3
>>         # base <dc=graumanage,dc=net> with scope baseObject
>>         # filter: (objectclass=*)
>>         # requesting: ALL
>>         #
>>         
>>         # graumanage.net
>>         dn: dc=graumanage,dc=net
>>         dc: graumanage
>>         objectClass: top
>>         objectClass: domain
>>         
>>         # search result
>>         search: 2
>>         result: 0 Success
>>         
>>         # numResponses: 2
>>         # numEntries: 1
>>         b) equivalent output when observing slapd debugging (as advised
>>         here:
>>        
http://wiki.kolab.org/index.php/Kolab2_Server_Troubleshooting_-_LDAP)
>>         c) appropriate slapd debugging output when logging into admin
>>         interface d) NO slapd output when attempting to use horde e) only
>>         trace of horde login:
>>                 tail /kolab/var/apache/log/horde/horde.log
>>                 Jun 18 22:14:05 HORDE [error] [horde] FAILED LOGIN for
>>                 Johannes Graumann
>>                 [192.168.0.2] to Horde [pid 25084 on line 157
>>                 of "/kolab/var/kolab/www/horde/login.php"]
>>         ==> this looked up somewhere that the email given was linked to
>>         my name,
>>                 but still fails ...
>>         f) /kolab/bin/cyradm --user johannes.graumann at graumanage.net
>>         localhost
>>                   Password ...
>>                   IMAP password ...
>>         FAILS
>> 5) Partial solution to cyrus based problems:
>>         USE PASSWORD WITHOUT '"' and imap-based stuff just works!!!!?????
>>         ==> cyradmin login works (also with explicitly escaped '"')
>>         ==> much of kontact functionality therefore works
>> 6) Remaining problems:
>>         a) No horde login - pointers for better troubleshooting?
>>         b) LDAP lookup from within kontact: still NO TLS or SSL
>>         c) call up contact: still one stalling progress bar for an
>>         unidentifiable connection to the server - what might this be?
>>
>> Comments? Joh
> 
> Thanks for the report. I added this as
> https://www.intevation.de/roundup/kolab/issue2809.
> 
> I don't know why nobody had this issue before. I'm not certain it is
> easy to solve but it should at least be possible to add a check in the
> webadmin.

YES! And in "kolab_bootstrap -b" as well for good measure ...

Joh




More information about the users mailing list