broken global adressbook

Matthias Busch catwiesel at gmx.net
Fri Sep 19 23:17:42 CEST 2014 

Hi,

I have a few days old kolab 3.3 installation on debian 7.6 (on a vserver)

the last few days I have been busy learning and setting everything up and 
testing my settings,
i just noticed my global adressbook is broken. it does not show any 
users/adresses.

i have another local installation in a vm where i took my first steps last 
week and there the address book is working fine.

now, there have been a few modifications to kolab like:

/etc/kolab/kolab.conf
- changed the default_locale
- changed the policy_uid to '%(surname)s'[0:1].%(givenname)s.lower()
- changed the primary and secondary email adress for my domain

/usr/share/roundcubemail/config/defaults.inc.php
- changed the language and date format

ssl
- enabled ssl for apache
- enabled ssl for smtp
- enabled ssl for imap
- DID NOT TOUCH LDAP !
--> https://docs.kolab.org/howtos/secure-kolab-server.html

iptables
- blocked all ports incoming except https, imaps, smtp
- no ports blocked outgoing
- no ports blocked localhost !

(shared folder) delegation patch:
- applied patch: https://issues.kolab.org/show_bug.cgi?id=3619
- removed ou=People from basedn in /etc/roundcubemail/kolab_auth.inc.php


----
More information:
- Ive tried to put the ou=People back in kolab_auth.inc.php --> did not help
- Ive tried to unpatch kolab_auth.inc.php --> did not help
- Ive tried the above together --> did not help
- Ive tried to disable iptables --> did not help
- Ive compared /etc/roundcubemail/config.inc.php (ldap_public / 
kolab_adressbook) on the broken server with the vm where it works - did not 
see a difference except for password
- Ive queried ldap with 'basedn ou=People,dc=domain,dc=tld', username 
'uid=kolab-service,ou=Special Users,dc=domain,dc=tld' and the service 
password
--> query gives me a list with the users (uid=...) with the attributes 
(sn,uid,cn,mail,alias,...) so I guess ldap has the information and delivers 
it as expected.

unfortunately I dont know much about the inner workings of kolab and ldap to 
look further. If I knew where to look in the logs maybe I could find a 
hint...

Maybe:
- the ssl stuff broke something? unlikely...?
- the changed uid (with a .) breaks something? possible?
- ?!

Any help would be appreciated!

More information about the users mailing list