Hi Someone is able to connect sogo with ldap throw Apache and could show the config files?
I'm trying to do it, but on SOGo web for all user that I try to login,
always: user or password incorrect, and in
sogo.log I can't find the problem. In SOGo.conf what about:
[env=REMOTE_HOST:%{REMOTE_HOST_ADDR},PT]?
Remote_host is were LDAP is configured? AuthType XXX?? and
%{REMOTE_USER}e"? I'm not sure how to configured it
Thank you very much!!
My config file:
.GNUstepDefaults: I remplaced password_bind for the correct
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//GNUstep//DTD plist 0.9//EN"
"http://www.gnustep.org/plist-0_9.xml";>
<plist version="0.9">
<dict>
<key>NSGlobalDomain</key>
<dict>
</dict>
<key>sogod</key>
<dict>
<key>GCSFolderDebugEnabled</key>
<string>YES</string>
<key>GCSFolderStoreDebugEnabled</key>
<string>YES</string>
<key>LDAPDebugEnabled</key>
<string>YES</string>
<key>MySQL4DebugEnabled</key>
<string>YES</string>
<key>NGImap4DisableIMAP4Pooling</key>
<string>YES</string>
<key>OCSFolderInfoURL</key>
<string>mysql://sogo:[email protected]:3306/sogo/sogo_folder_info</string>
<key>OCSFolderManagerSQLDebugEnabled</key>
<string>YES</string>
<key>OCSSessionsFolderURL</key>
<string>mysql://sogo:[email protected]:3306/sogo/sogo_sessions_folder</string>
<key>PGDebugEnabled</key>
<string>YES</string>
<key>SOGoACLsSendEMailNotifications</key>
<string>YES</string>
<key>SOGoAppointmentSendEMailNotifications</key>
<string>YES</string>
<key>SOGoDebugRequests</key>
<string>YES</string>
<key>SOGoDraftsFoldersName</key>
<string>Drafts</string>
<key>SOGoFirstDayOfWeek</key>
<string>1</string>
<key>SOGoFoldersSendEMailNotifications</key>
<string>YES</string>
<key>SOGoIMAPServer</key>
<string>localhost</string>
<key>SOGoLanguage</key>
<string>Spanish</string>
<key>SOGoLoginModule</key>
<string>Calendar</string>
<key>SOGoMailDomain</key>
<string>grupodominio.es</string>
<key>SOGoMailKeepDraftsAfterSend</key>
<string>YES</string>
<key>SOGoMailMessageCheck</key>
<string>every_5_minutes</string>
<key>SOGoMailingMechanism</key>
<string>smtp</string>
<key>SOGoProfileURL</key>
<string>mysql://sogo:[email protected]:3306/sogo/sogo_user_profile</string>
<key>SOGoSMTPServer</key>
<string>debianSogo.grupodominio.es</string>
<key>SOGoSentFolderName</key>
<string>Sent</string>
<key>SOGoSieveScriptsEnabled</key>
<string>YES</string>
<key>SOGoSieveServer</key>
<string>sieve://localhost:4190</string>
<key>SOGoSuperUsernames</key>
<array>
<string>admin</string>
</array>
<key>SOGoTimeZone</key>
<string>Europe/Madrid</string>
<key>SOGoTrashFolderName</key>
<string>Trash</string>
<key>SOGoUIxDebugEnabled</key>
<string>YES</string>
<key>SOGoUserSources</key>
<array>
<dict>
<key>CNFieldName</key>
<string>cn</string>
<key>IDFieldName</key>
<string>uid</string>
<key>UIDFieldName</key>
<string>uid</string>
<key>baseDN</key>
<string>ou=Users,dc=servidor,dc=dominio,dc=com,dc=es</string>
<key>bindDN</key>
<string>[email protected]</string>
<key>bindFields</key>
<string>uid</string>
<key>bindPassword</key>
<string>password_bind</string>
<key>canAuthenticate</key>
<string>YES</string>
<key>displayName</key>
<string>Contactos</string>
<key>hostname</key>
<string>servidor.dominio.com.es</string>
<key>id</key>
<string>public</string>
<key>isAddressBook</key>
<string>NO</string>
<key>port</key>
<string>389</string>
<key>type</key>
<string>ldap</string>
</dict>
</array>
<key>SOGoVacationEnabled</key>
<string>YES</string>
<key>SoDebugObjectTraversal</key>
<string>YES</string>
<key>SoSecurityManagerDebugEnabled</key>
<string>YES</string>
<key>WODebugZipResponse</key>
<string>YES</string>
<key>WODontZipResponse</key>
<string>YES</string>
</dict>
</dict>
</plist>
SOGo.conf
Alias /SOGo.woa/WebServerResources/ \
/usr/lib/GNUstep/SOGo/WebServerResources/
Alias /SOGo/WebServerResources/ \
/usr/lib/GNUstep/SOGo/WebServerResources/
AliasMatch /SOGo/so/ControlPanel/Products/(.*)/Resources/(.*) \
/usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2
<Directory /usr/lib/GNUstep/SOGo/>
AllowOverride None
Order deny,allow
Allow from all
</Directory>
<LocationMatch "^/SOGo/so/ControlPanel/Products/.*UI/Resources/.*\.(jpg|
png|gif|css|js)">
SetHandler default-handler
</LocationMatch>
## Uncomment the following to enable proxy-side authentication, you will
then
## need to set the "SOGoTrustProxyAuthentication" SOGo user default to
YES and
## adjust the "x-webobjects-remote-user" proxy header in the "Proxy"
section
## below.
#<Location /SOGo>
# AuthType XXX
#Require valid-user
#SetEnv proxy-nokeepalive 1
#Allow from all
#</Location>
ProxyRequests Off
SetEnv proxy-nokeepalive 1
ProxyPreserveHost On
# When using CAS, you should uncomment this and install
cas-proxy-validate.py
# in /usr/lib/cgi-bin to reduce server overloading
#
# ProxyPass /SOGo/casProxy
http://localhost/cgi-bin/cas-proxy-validate.py
# <Proxy http://localhost/app/cas-proxy-validate.py>
# Order deny,allow
# Allow from your-cas-host-addr
# </Proxy>
ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0
<Proxy http://127.0.0.1:20000/SOGo>
## adjust the following to your configuration
RequestHeader set "x-webobjects-server-port" "80"
RequestHeader set "x-webobjects-server-name" "debianSogo"
RequestHeader set "x-webobjects-server-url" "http://debianSogo";
## When using proxy-side autentication, you need to uncomment and
## adjust the following line:
#RequestHeader set "x-webobjects-remote-user" "%{REMOTE_USER}e"
RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
RequestHeader set "x-webobjects-remote-host" %{REMOTE_HOST}e
env=REMOTE_HOST
AddDefaultCharset UTF-8
Order allow,deny
Allow from all
</Proxy>
## We use mod_rewrite to pass remote address to the SOGo proxy.
# The remote address will appear in SOGo's log files and in the
X-Forward
# header of emails.
RewriteEngine On
RewriteRule ^/SOGo/(.*)$ /SOGo/$1 [env=REMOTE_HOST:
%{REMOTE_HOST_ADDR},PT]
sogo.log
Mar 12 18:28:59 sogod [30456]: <0x0x238faf0[WOWatchDog]> Terminating
with signal 15
Mar 12 18:28:59 sogod [30456]: <0x0x2371470[WOWatchDogChild]> sending
terminate signal to pid 30462
MySQL4 connection dropped 0x0x2010a40 (channel=0x0x2301c40)
Mar 12 18:28:59 sogod [30456]: <0x0x2371470[WOWatchDogChild]> child
30462 exited
Mar 12 18:28:59 sogod [30456]: <0x0x238faf0[WOWatchDog]> all children
exited. We now terminate.
Mar 12 18:28:59 sogod [30707]: version 1.3.12 (build @vizzini.inverse.ca
201202142210) -- starting
Mar 12 18:28:59 sogod [30707]: vmem size check enabled: shutting down
app when vmem > 384 MB
Mar 12 18:28:59 sogod [30707]: <0x0x1322310[SOGoProductLoader]> SOGo
products loaded from '/usr/lib/GNUstep/SOGo':
Mar 12 18:28:59 sogod [30707]: <0x0x1322310[SOGoProductLoader]>
AdministrationUI.SOGo, Appointments.SOGo, SchedulerUI.SOGo,
MailerUI.SOGo, Contacts.SOGo, MailPartViewers.SOGo, CommonUI.SOGo,
ContactsUI.SOGo, PreferencesUI.SOGo, MainUI.SOGo, Mailer.SOGo
Mar 12 18:28:59 sogod [30707]: <0x0x14f9880[WOWatchDog]> listening on
*:20000
Mar 12 18:28:59 sogod [30707]: <0x0x14f9880[WOWatchDog]> watchdog
process pid: 30707
Mar 12 18:28:59 sogod [30707]: <0x0x7f717d36a440[WOWatchDogChild]>
watchdog request timeout set to 10 minutes
Mar 12 18:28:59 sogod [30707]: <0x0x14f9880[WOWatchDog]> preparing 1
children
Mar 12 18:28:59 sogod [30707]: <0x0x14f9880[WOWatchDog]> child spawned
with pid 30713
2012-03-12 18:28:59.768 sogod[30713] MySQL4 connection established
0x0x1376160
2012-03-12 18:28:59.769 sogod[30713] MySQL4 channel 0x0x1372c70 opened
(connection=0x0x1376160,sogo)
2012-03-12 18:28:59.769 sogod[30713] <MySQL4Channel[0x0x1372c70]
connection=0x0x1376160> SQL: SELECT count(*) FROM sogo_user_profile;
2012-03-12 18:28:59.770 sogod[30713] <MySQL4Channel[0x0x1372c70]
connection=0x0x1376160> query has results, entering fetch-mode.
2012-03-12 18:28:59.770 sogod[30713] <MySQL4Channel[0x0x1372c70]
connection=0x0x1376160> SQL: SELECT count(*) FROM sogo_folder_info;
2012-03-12 18:28:59.770 sogod[30713] <MySQL4Channel[0x0x1372c70]
connection=0x0x1376160> query has results, entering fetch-mode.
2012-03-12 18:28:59.774 sogod[30713] <MySQL4Channel[0x0x1372c70]
connection=0x0x1376160> SQL: SELECT count(*) FROM sogo_sessions_folder;
2012-03-12 18:28:59.775 sogod[30713] <MySQL4Channel[0x0x1372c70]
connection=0x0x1376160> query has results, entering fetch-mode.
2012-03-12 18:29:16.029 sogod[30713] Note: Using UTF-8 as URL encoding
in NGExtensions.
Mar 12 18:29:16 sogod [30713]: |SOGo| starting method 'POST' on uri
'/SOGo/connect'
Mar 12 18:29:16 sogod [30713]: <0x0x1300c20[SOGoCache]> Cache cleanup
interval set every 300.000000 seconds
Mar 12 18:29:16 sogod [30713]: <0x0x1300c20[SOGoCache]> Using host(s)
'localhost' as server(s)
Mar 12 18:29:16 sogod [30713]: |SOGo| traverse(acquire): SOGo => connect
Mar 12 18:29:16 sogod [30713]: |SOGo| do traverse name: 'SOGo'
2012-03-12 18:29:16.037 sogod[30713] Note(SoObject): SoDebugKeyLookup is
enabled!
2012-03-12 18:29:16.037 sogod[30713] Note(SoObject): SoDebugBaseURL is
enabled!
2012-03-12 18:29:16.037 sogod[30713] Note(SoObject): relative base URLs
are enabled.
Mar 12 18:29:16 sogod [30713]: <[so-security]>D validate object:
<SOGo[0x0x150b630]: name=SOGo>
Mar 12 18:29:16 sogod [30713]: <[so-security]>D object is public.
Mar 12 18:29:16 sogod [30713]: <[so-security]>D validate key SOGo of
object: <SOGo[0x0x150b630]: name=SOGo>
Mar 12 18:29:16 sogod [30713]: <[so-security]>D found no security info
for key (class SOGo): SOGo
Mar 12 18:29:16 sogod [30713]: <[so-security]>D default is allow ...
Mar 12 18:29:16 sogod [30713]: |SOGo| do traverse name: 'connect'
Mar 12 18:29:16 sogod [30713]: <[so-security]>D validate key connect of
object: <SOGo[0x0x150b630]: name=SOGo>
Mar 12 18:29:16 sogod [30713]: <[so-security]>D validate permission
'<public>' on object: <SOGo[0x0x150b630]: name=SOGo>
Mar 12 18:29:16 sogod [30713]: <[so-security]>D successfully validated
permission '<public>'.
Mar 12 18:29:16 sogod [30713]: <[so-security]>D successfully validated
key (connect).
2012-03-12 18:29:16.044 sogod[30713] ERROR(-[NGBundleManager
bundleWithPath:]): could not create bundle for path:
'/usr/share/GNUstep/Libraries/gnustep-base/Versions/1.20/Resources/SSL.bundle'
2012-03-12 18:29:16.061 sogod[30713] WOCompoundElement: pool embedding
is on.
2012-03-12 18:29:16.061 sogod[30713] WOCompoundElement: id logging is
on.
Mar 12 18:29:16 sogod [30713]: <[so-security]>D validate object:
<0x0x16c5810[SoPageInvocation]: class=SOGoRootPage action=connect bound
instantiated product=<0x0x14264e0[SoProduct]: loaded code-loaded
bundle=/usr/lib/GNUstep/SOGo/MainUI.SOGo #classes=8 #categories=4
rm=0x0x1428a00>>
Mar 12 18:29:16 sogod [30713]: <[so-security]>D object is public.
Mar 12 18:29:16 sogod [30713]: <[so-security]>D validate key connect of
object: <SOGo[0x0x150b630]: name=SOGo>
Mar 12 18:29:16 sogod [30713]: <[so-security]>D validate permission
'<public>' on object: <SOGo[0x0x150b630]: name=SOGo>
Mar 12 18:29:16 sogod [30713]: <[so-security]>D successfully validated
permission '<public>'.
Mar 12 18:29:16 sogod [30713]: <[so-security]>D successfully validated
key (connect).
Mar 12 18:29:16 sogod [30713]: |SOGo| set clientObject:
<SOGo[0x0x150b630]: name=SOGo>
Mar 12 18:29:16 sogod [30713]: <0x0x1790d40[LDAPSource]> WARNING: using
old bindFields format - please update it
2012-03-12 18:29:21.080 sogod[30713] -[NGLdapConnection
_searchAtBaseDN:qualifier:attributes:scope:]: search with at base
filter for attrs
Mar 12 18:29:21 sogod [30713]: SOGoRootPage Login for user 'sogo' might
not have worked - password policy: 65535 grace: -1 expire: -1 bound:
0
Mar 12 18:29:21 sogod [30713]: |SOGo| request took 5.075449 seconds to
execute
Mar 12 18:29:21 sogod [30713]: <0x0x12d8330[WOResponse]> Zipping of
response disabled
localhost - - [12/Mar/2012:18:29:21 GMT] "POST /SOGo/connect HTTP/1.1"
403 34/80 5.081 - - 2M
Mikel Gilsanz Prieto
Responsable Dpto. Sistemas / IT Manager
Gran Vía 81, 8º, Dpto. 9
48011 Bilbao
+34944415140 (Ext. 204) +34650049384 +34944415192
[email protected]
www.grupoavalon.es
Este mensaje se dirige exclusivamente a su destinatario y puede contener
información privilegiada o confidencial. Si no es Vd. el destinatario
indicado, queda notificado de que la utilización, divulgación y/o copia
sin autorización está prohibida en virtud de la legislación vigente. Si
ha recibido este mensaje por error, le rogamos que nos lo comunique
inmediatamente por esta misma vía y proceda a su destrucción. Le
informamos que su dirección de correo electrónico, así como el resto de
los datos de carácter personal aportados, serán objeto de tratamiento
automatizado en nuestros ficheros, con la finalidad de gestionar la
agenda de contactos de nuestra entidad y poder atender a sus peticiones.
Vd. podrá en cualquier momento ejercer el derecho de acceso,
rectificación, cancelación y oposición en los términos establecidos en
la Ley Orgánica 15/1999 mediante notificación a [email protected]
Antes de imprimir este mensaje, piense si es necesario. El medio
ambiente está en nuestras manos.
<<attachment: arbolito.gif>>
<<attachment: fax.gif>>
<<attachment: movil.gif>>
<<attachment: tfno.gif>>
<<attachment: AvalonimagenFirma.jpg>>
