Thank you I did ldapsearch in shell, and changed bindDN when I try to login in log it's looks like OK
<[so-security]>D validate key connect of object: <SOGo[0x0x12588c0]: name=SOGo> Mar 13 10:04:34 sogod [4095]: <[so-security]>D validate permission '<public>' on object: <SOGo[0x0x12588c0]: name=SOGo> Mar 13 10:04:34 sogod [4095]: <[so-security]>D successfully validated permission '<public>'. Mar 13 10:04:34 sogod [4095]: <[so-security]>D successfully validated key (connect). but always password wron and I'm sure the password is well: set clientObject: <SOGo[0x0x12588c0]: name=SOGo> 2012-03-13 10:04:39.198 sogod[4095] -[NGLdapConnection _searchAtBaseDN:qualifier:attributes:scope:]: search with at base filter for attrs Mar 13 10:04:39 sogod [4095]: SOGoRootPage Login for user 'sogoprueba' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0 Mar 13 10:04:39 sogod [4095]: |SOGo| request took 5.064696 seconds to execute Mar 13 10:04:39 sogod [4095]: <0x0x146d7a0[WOResponse]> Zipping of response disabled localhost - - [13/Mar/2012:10:04:39 GMT] "POST /SOGo/connect HTTP/1.1" 403 34/102 5.067 - - 0 Any idea please? sogo.log Mar 13 10:04:34 sogod [4095]: |SOGo| starting method 'POST' on uri '/SOGo/connect' Mar 13 10:04:34 sogod [4095]: |SOGo| traverse(acquire): SOGo => connect Mar 13 10:04:34 sogod [4095]: |SOGo| do traverse name: 'SOGo' Mar 13 10:04:34 sogod [4095]: <[so-security]>D validate object: <SOGo[0x0x12588c0]: name=SOGo> Mar 13 10:04:34 sogod [4095]: <[so-security]>D object is public. Mar 13 10:04:34 sogod [4095]: <[so-security]>D validate key SOGo of object: <SOGo[0x0x12588c0]: name=SOGo> Mar 13 10:04:34 sogod [4095]: <[so-security]>D found no security info for key (class SOGo): SOGo Mar 13 10:04:34 sogod [4095]: <[so-security]>D default is allow ... Mar 13 10:04:34 sogod [4095]: |SOGo| do traverse name: 'connect' Mar 13 10:04:34 sogod [4095]: <[so-security]>D validate key connect of object: <SOGo[0x0x12588c0]: name=SOGo> Mar 13 10:04:34 sogod [4095]: <[so-security]>D validate permission '<public>' on object: <SOGo[0x0x12588c0]: name=SOGo> Mar 13 10:04:34 sogod [4095]: <[so-security]>D successfully validated permission '<public>'. Mar 13 10:04:34 sogod [4095]: <[so-security]>D successfully validated key (connect). Mar 13 10:04:34 sogod [4095]: <[so-security]>D validate object: <0x0x14e0d70[SoPageInvocation]: class=SOGoRootPage action=connect bound instantiated product=<0x0x11737c0[SoProduct]: loaded code-loaded bundle=/usr/lib/GNUstep/SOGo/MainUI.SOGo #classes=8 #categories=4 rm=0x0x1175ce0>> Mar 13 10:04:34 sogod [4095]: <[so-security]>D object is public. Mar 13 10:04:34 sogod [4095]: <[so-security]>D validate key connect of object: <SOGo[0x0x12588c0]: name=SOGo> Mar 13 10:04:34 sogod [4095]: <[so-security]>D validate permission '<public>' on object: <SOGo[0x0x12588c0]: name=SOGo> Mar 13 10:04:34 sogod [4095]: <[so-security]>D successfully validated permission '<public>'. Mar 13 10:04:34 sogod [4095]: <[so-security]>D successfully validated key (connect). Mar 13 10:04:34 sogod [4095]: |SOGo| set clientObject: <SOGo[0x0x12588c0]: name=SOGo> 2012-03-13 10:04:39.198 sogod[4095] -[NGLdapConnection _searchAtBaseDN:qualifier:attributes:scope:]: search with at base filter for attrs Mar 13 10:04:39 sogod [4095]: SOGoRootPage Login for user 'sogoprueba' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0 Mar 13 10:04:39 sogod [4095]: |SOGo| request took 5.064696 seconds to execute Mar 13 10:04:39 sogod [4095]: <0x0x146d7a0[WOResponse]> Zipping of response disabled localhost - - [13/Mar/2012:10:04:39 GMT] "POST /SOGo/connect HTTP/1.1" 403 34/102 5.067 - - 0 Mikel Gilsanz Prieto Responsable Dpto. Sistemas / IT Manager Gran Vía 81, 8º, Dpto. 9 48011 Bilbao +34944415140 (Ext. 204) +34650049384 +34944415192 [email protected] www.grupoavalon.es Este mensaje se dirige exclusivamente a su destinatario y puede contener información privilegiada o confidencial. Si no es Vd. el destinatario indicado, queda notificado de que la utilización, divulgación y/o copia sin autorización está prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción. Le informamos que su dirección de correo electrónico, así como el resto de los datos de carácter personal aportados, serán objeto de tratamiento automatizado en nuestros ficheros, con la finalidad de gestionar la agenda de contactos de nuestra entidad y poder atender a sus peticiones. Vd. podrá en cualquier momento ejercer el derecho de acceso, rectificación, cancelación y oposición en los términos establecidos en la Ley Orgánica 15/1999 mediante notificación a [email protected] Antes de imprimir este mensaje, piense si es necesario. El medio ambiente está en nuestras manos. El mar, 13-03-2012 a las 08:41 +0100, Georg Bretschneider escribió: > Hi, > > did you try ldapsearch in your shell? > Your bindDN confuses me. Is the user sogoprueba in the following ou: > ou=Users,dc=servidor,dc=dominio,dc=com,dc=es ? > Try chaning your bindDN to > uid=sogoprueba,ou=Users,dc=servidor,dc=dominio,dc=com,dc=es . > > > Bye > > > Am 12.03.2012 18:44, schrieb Mikel: > > Hi > > > > Someone is able to connect sogo with ldap throw Apache and could show > > the config files? > > > > I'm trying to do it, but on SOGo web for all user that I try to login, > > always: user or password incorrect, and in > > sogo.log I can't find the problem. In SOGo.conf what about: > > [env=REMOTE_HOST:%{REMOTE_HOST_ADDR},PT]? > > Remote_host is were LDAP is configured? AuthType XXX?? and > > %{REMOTE_USER}e"? I'm not sure how to configured it > > > > > > > > Thank you very much!! > > > > My config file: > > > > .GNUstepDefaults: I remplaced password_bind for the correct > > > > <?xml version="1.0" encoding="UTF-8"?> > > <!DOCTYPE plist PUBLIC "-//GNUstep//DTD plist 0.9//EN" > > "http://www.gnustep.org/plist-0_9.xml";> > > <plist version="0.9"> > > <dict> > > <key>NSGlobalDomain</key> > > <dict> > > </dict> > > <key>sogod</key> > > <dict> > > <key>GCSFolderDebugEnabled</key> > > <string>YES</string> > > <key>GCSFolderStoreDebugEnabled</key> > > <string>YES</string> > > <key>LDAPDebugEnabled</key> > > <string>YES</string> > > <key>MySQL4DebugEnabled</key> > > <string>YES</string> > > <key>NGImap4DisableIMAP4Pooling</key> > > <string>YES</string> > > <key>OCSFolderInfoURL</key> > > <string>mysql://sogo:[email protected] > > <mailto:[email protected]>:3306/sogo/sogo_folder_info</string> > > <key>OCSFolderManagerSQLDebugEnabled</key> > > <string>YES</string> > > <key>OCSSessionsFolderURL</key> > > <string>mysql://sogo:[email protected] > > <mailto:[email protected]>:3306/sogo/sogo_sessions_folder</string> > > <key>PGDebugEnabled</key> > > <string>YES</string> > > <key>SOGoACLsSendEMailNotifications</key> > > <string>YES</string> > > <key>SOGoAppointmentSendEMailNotifications</key> > > <string>YES</string> > > <key>SOGoDebugRequests</key> > > <string>YES</string> > > <key>SOGoDraftsFoldersName</key> > > <string>Drafts</string> > > <key>SOGoFirstDayOfWeek</key> > > <string>1</string> > > <key>SOGoFoldersSendEMailNotifications</key> > > <string>YES</string> > > <key>SOGoIMAPServer</key> > > <string>localhost</string> > > <key>SOGoLanguage</key> > > <string>Spanish</string> > > <key>SOGoLoginModule</key> > > <string>Calendar</string> > > <key>SOGoMailDomain</key> > > <string>grupodominio.es</string> > > <key>SOGoMailKeepDraftsAfterSend</key> > > <string>YES</string> > > <key>SOGoMailMessageCheck</key> > > <string>every_5_minutes</string> > > <key>SOGoMailingMechanism</key> > > <string>smtp</string> > > <key>SOGoProfileURL</key> > > <string>mysql://sogo:[email protected] > > <mailto:[email protected]>:3306/sogo/sogo_user_profile</string> > > <key>SOGoSMTPServer</key> > > <string>debianSogo.grupodominio.es</string> > > <key>SOGoSentFolderName</key> > > <string>Sent</string> > > <key>SOGoSieveScriptsEnabled</key> > > <string>YES</string> > > <key>SOGoSieveServer</key> > > <string>sieve://localhost:4190</string> > > <key>SOGoSuperUsernames</key> > > <array> > > <string>admin</string> > > </array> > > <key>SOGoTimeZone</key> > > <string>Europe/Madrid</string> > > <key>SOGoTrashFolderName</key> > > <string>Trash</string> > > <key>SOGoUIxDebugEnabled</key> > > <string>YES</string> > > <key>SOGoUserSources</key> > > <array> > > <dict> > > <key>CNFieldName</key> > > <string>cn</string> > > <key>IDFieldName</key> > > <string>uid</string> > > <key>UIDFieldName</key> > > <string>uid</string> > > <key>baseDN</key> > > <string>ou=Users,dc=servidor,dc=dominio,dc=com,dc=es</string> > > <key>bindDN</key> > > <string>[email protected] > > <mailto:[email protected]></string> > > <key>bindFields</key> > > <string>uid</string> > > <key>bindPassword</key> > > <string>password_bind</string> > > <key>canAuthenticate</key> > > <string>YES</string> > > <key>displayName</key> > > <string>Contactos</string> > > <key>hostname</key> > > <string>servidor.dominio.com.es</string> > > <key>id</key> > > <string>public</string> > > <key>isAddressBook</key> > > <string>NO</string> > > <key>port</key> > > <string>389</string> > > <key>type</key> > > <string>ldap</string> > > </dict> > > </array> > > <key>SOGoVacationEnabled</key> > > <string>YES</string> > > <key>SoDebugObjectTraversal</key> > > <string>YES</string> > > <key>SoSecurityManagerDebugEnabled</key> > > <string>YES</string> > > <key>WODebugZipResponse</key> > > <string>YES</string> > > <key>WODontZipResponse</key> > > <string>YES</string> > > </dict> > > </dict> > > </plist> > > > > > > > > > > SOGo.conf > > > > Alias /SOGo.woa/WebServerResources/ \ > > /usr/lib/GNUstep/SOGo/WebServerResources/ > > Alias /SOGo/WebServerResources/ \ > > /usr/lib/GNUstep/SOGo/WebServerResources/ > > AliasMatch /SOGo/so/ControlPanel/Products/(.*)/Resources/(.*) \ > > /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2 > > > > <Directory /usr/lib/GNUstep/SOGo/> > > AllowOverride None > > Order deny,allow > > Allow from all > > </Directory> > > > > <LocationMatch > > "^/SOGo/so/ControlPanel/Products/.*UI/Resources/.*\.(jpg|png|gif|css|js)"> > > SetHandler default-handler > > </LocationMatch> > > > > ## Uncomment the following to enable proxy-side authentication, you will > > then > > ## need to set the "SOGoTrustProxyAuthentication" SOGo user default to > > YES and > > ## adjust the "x-webobjects-remote-user" proxy header in the "Proxy" section > > ## below. > > #<Location /SOGo> > > # AuthType XXX > > #Require valid-user > > #SetEnv proxy-nokeepalive 1 > > #Allow from all > > #</Location> > > > > ProxyRequests Off > > SetEnv proxy-nokeepalive 1 > > ProxyPreserveHost On > > > > # When using CAS, you should uncomment this and install > > cas-proxy-validate.py > > # in /usr/lib/cgi-bin to reduce server overloading > > # > > # ProxyPass /SOGo/casProxy http://localhost/cgi-bin/cas-proxy-validate.py > > # <Proxy http://localhost/app/cas-proxy-validate.py> > > # Order deny,allow > > # Allow from your-cas-host-addr > > # </Proxy> > > > > ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0 > > > > <Proxy http://127.0.0.1:20000/SOGo> > > ## adjust the following to your configuration > > RequestHeader set "x-webobjects-server-port" "80" > > RequestHeader set "x-webobjects-server-name" "debianSogo" > > RequestHeader set "x-webobjects-server-url" "http://debianSogo"; > > > > ## When using proxy-side autentication, you need to uncomment and > > ## adjust the following line: > > #RequestHeader set "x-webobjects-remote-user" "%{REMOTE_USER}e" > > > > RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0" > > RequestHeader set "x-webobjects-remote-host" %{REMOTE_HOST}e > > env=REMOTE_HOST > > > > AddDefaultCharset UTF-8 > > > > Order allow,deny > > Allow from all > > </Proxy> > > > > ## We use mod_rewrite to pass remote address to the SOGo proxy. > > # The remote address will appear in SOGo's log files and in the X-Forward > > # header of emails. > > RewriteEngine On > > RewriteRule ^/SOGo/(.*)$ /SOGo/$1 [env=REMOTE_HOST:%{REMOTE_HOST_ADDR},PT] > > > > sogo.log > > > > > > Mar 12 18:28:59 sogod [30456]: <0x0x238faf0[WOWatchDog]> Terminating > > with signal 15 > > Mar 12 18:28:59 sogod [30456]: <0x0x2371470[WOWatchDogChild]> sending > > terminate signal to pid 30462 > > MySQL4 connection dropped 0x0x2010a40 (channel=0x0x2301c40) > > Mar 12 18:28:59 sogod [30456]: <0x0x2371470[WOWatchDogChild]> child > > 30462 exited > > Mar 12 18:28:59 sogod [30456]: <0x0x238faf0[WOWatchDog]> all children > > exited. We now terminate. > > Mar 12 18:28:59 sogod [30707]: version 1.3.12 (build @vizzini.inverse.ca > > 201202142210) -- starting > > Mar 12 18:28:59 sogod [30707]: vmem size check enabled: shutting down > > app when vmem > 384 MB > > Mar 12 18:28:59 sogod [30707]: <0x0x1322310[SOGoProductLoader]> SOGo > > products loaded from '/usr/lib/GNUstep/SOGo': > > Mar 12 18:28:59 sogod [30707]: <0x0x1322310[SOGoProductLoader]> > > AdministrationUI.SOGo, Appointments.SOGo, SchedulerUI.SOGo, > > MailerUI.SOGo, Contacts.SOGo, MailPartViewers.SOGo, CommonUI.SOGo, > > ContactsUI.SOGo, PreferencesUI.SOGo, MainUI.SOGo, Mailer.SOGo > > Mar 12 18:28:59 sogod [30707]: <0x0x14f9880[WOWatchDog]> listening on > > *:20000 > > Mar 12 18:28:59 sogod [30707]: <0x0x14f9880[WOWatchDog]> watchdog > > process pid: 30707 > > Mar 12 18:28:59 sogod [30707]: <0x0x7f717d36a440[WOWatchDogChild]> > > watchdog request timeout set to 10 minutes > > Mar 12 18:28:59 sogod [30707]: <0x0x14f9880[WOWatchDog]> preparing 1 > > children > > Mar 12 18:28:59 sogod [30707]: <0x0x14f9880[WOWatchDog]> child spawned > > with pid 30713 > > 2012-03-12 18:28:59.768 sogod[30713] MySQL4 connection established > > 0x0x1376160 > > 2012-03-12 18:28:59.769 sogod[30713] MySQL4 channel 0x0x1372c70 opened > > (connection=0x0x1376160,sogo) > > 2012-03-12 18:28:59.769 sogod[30713] <MySQL4Channel[0x0x1372c70] > > connection=0x0x1376160> SQL: SELECT count(*) FROM sogo_user_profile; > > 2012-03-12 18:28:59.770 sogod[30713] <MySQL4Channel[0x0x1372c70] > > connection=0x0x1376160> query has results, entering fetch-mode. > > 2012-03-12 18:28:59.770 sogod[30713] <MySQL4Channel[0x0x1372c70] > > connection=0x0x1376160> SQL: SELECT count(*) FROM sogo_folder_info; > > 2012-03-12 18:28:59.770 sogod[30713] <MySQL4Channel[0x0x1372c70] > > connection=0x0x1376160> query has results, entering fetch-mode. > > 2012-03-12 18:28:59.774 sogod[30713] <MySQL4Channel[0x0x1372c70] > > connection=0x0x1376160> SQL: SELECT count(*) FROM sogo_sessions_folder; > > 2012-03-12 18:28:59.775 sogod[30713] <MySQL4Channel[0x0x1372c70] > > connection=0x0x1376160> query has results, entering fetch-mode. > > 2012-03-12 18:29:16.029 sogod[30713] Note: Using UTF-8 as URL encoding > > in NGExtensions. > > Mar 12 18:29:16 sogod [30713]: |SOGo| starting method 'POST' on uri > > '/SOGo/connect' > > Mar 12 18:29:16 sogod [30713]: <0x0x1300c20[SOGoCache]> Cache cleanup > > interval set every 300.000000 seconds > > Mar 12 18:29:16 sogod [30713]: <0x0x1300c20[SOGoCache]> Using host(s) > > 'localhost' as server(s) > > Mar 12 18:29:16 sogod [30713]: |SOGo| traverse(acquire): SOGo => connect > > Mar 12 18:29:16 sogod [30713]: |SOGo| do traverse name: 'SOGo' > > 2012-03-12 18:29:16.037 sogod[30713] Note(SoObject): SoDebugKeyLookup is > > enabled! > > 2012-03-12 18:29:16.037 sogod[30713] Note(SoObject): SoDebugBaseURL is > > enabled! > > 2012-03-12 18:29:16.037 sogod[30713] Note(SoObject): relative base URLs > > are enabled. > > Mar 12 18:29:16 sogod [30713]: <[so-security]>D validate object: > > <SOGo[0x0x150b630]: name=SOGo> > > Mar 12 18:29:16 sogod [30713]: <[so-security]>D object is public. > > Mar 12 18:29:16 sogod [30713]: <[so-security]>D validate key SOGo of > > object: <SOGo[0x0x150b630]: name=SOGo> > > Mar 12 18:29:16 sogod [30713]: <[so-security]>D found no security info > > for key (class SOGo): SOGo > > Mar 12 18:29:16 sogod [30713]: <[so-security]>D default is allow ... > > Mar 12 18:29:16 sogod [30713]: |SOGo| do traverse name: 'connect' > > Mar 12 18:29:16 sogod [30713]: <[so-security]>D validate key connect of > > object: <SOGo[0x0x150b630]: name=SOGo> > > Mar 12 18:29:16 sogod [30713]: <[so-security]>D validate permission > > '<public>' on object: <SOGo[0x0x150b630]: name=SOGo> > > Mar 12 18:29:16 sogod [30713]: <[so-security]>D successfully validated > > permission '<public>'. > > Mar 12 18:29:16 sogod [30713]: <[so-security]>D successfully validated > > key (connect). > > 2012-03-12 18:29:16.044 sogod[30713] ERROR(-[NGBundleManager > > bundleWithPath:]): could not create bundle for path: > > '/usr/share/GNUstep/Libraries/gnustep-base/Versions/1.20/Resources/SSL.bundle' > > 2012-03-12 18:29:16.061 sogod[30713] WOCompoundElement: pool embedding > > is on. > > 2012-03-12 18:29:16.061 sogod[30713] WOCompoundElement: id logging is on. > > Mar 12 18:29:16 sogod [30713]: <[so-security]>D validate object: > > <0x0x16c5810[SoPageInvocation]: class=SOGoRootPage action=connect bound > > instantiated product=<0x0x14264e0[SoProduct]: loaded code-loaded > > bundle=/usr/lib/GNUstep/SOGo/MainUI.SOGo #classes=8 #categories=4 > > rm=0x0x1428a00>> > > Mar 12 18:29:16 sogod [30713]: <[so-security]>D object is public. > > Mar 12 18:29:16 sogod [30713]: <[so-security]>D validate key connect of > > object: <SOGo[0x0x150b630]: name=SOGo> > > Mar 12 18:29:16 sogod [30713]: <[so-security]>D validate permission > > '<public>' on object: <SOGo[0x0x150b630]: name=SOGo> > > Mar 12 18:29:16 sogod [30713]: <[so-security]>D successfully validated > > permission '<public>'. > > Mar 12 18:29:16 sogod [30713]: <[so-security]>D successfully validated > > key (connect). > > Mar 12 18:29:16 sogod [30713]: |SOGo| set clientObject: > > <SOGo[0x0x150b630]: name=SOGo> > > Mar 12 18:29:16 sogod [30713]: <0x0x1790d40[LDAPSource]> WARNING: using > > old bindFields format - please update it > > 2012-03-12 18:29:21.080 sogod[30713] -[NGLdapConnection > > _searchAtBaseDN:qualifier:attributes:scope:]: search with at base > > filter for attrs > > Mar 12 18:29:21 sogod [30713]: SOGoRootPage Login for user 'sogo' might > > not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0 > > Mar 12 18:29:21 sogod [30713]: |SOGo| request took 5.075449 seconds to > > execute > > Mar 12 18:29:21 sogod [30713]: <0x0x12d8330[WOResponse]> Zipping of > > response disabled > > localhost - - [12/Mar/2012:18:29:21 GMT] "POST /SOGo/connect HTTP/1.1" > > 403 34/80 5.081 - - 2M > > > > > > *Mikel Gilsanz Prieto* > > > > *Responsable Dpto. Sistemas / IT Manager* > > > > > > > > > > > > /Gran Vía 81, 8º, Dpto. 9/ > > > > /48011 Bilbao/ > > > > /+34944415140 (Ext. 204) //+34650049384 //+34944415192/ > > > > [email protected] <mailto:[email protected]> > > > > www.grupoavalon.es <http://www.avalon.com.es/> > > > > Este mensaje se dirige exclusivamente a su destinatario y puede contener > > información privilegiada o confidencial. Si no es Vd. el destinatario > > indicado, queda notificado de que la utilización, divulgación y/o copia > > sin autorización está prohibida en virtud de la legislación vigente. Si > > ha recibido este mensaje por error, le rogamos que nos lo comunique > > inmediatamente por esta misma vía y proceda a su destrucción. Le > > informamos que su dirección de correo electrónico, así como el resto de > > los datos de carácter personal aportados, serán objeto de tratamiento > > automatizado en nuestros ficheros, con la finalidad de gestionar la > > agenda de contactos de nuestra entidad y poder atender a sus peticiones. > > Vd. podrá en cualquier momento ejercer el derecho de acceso, > > rectificación, cancelación y oposición en los términos establecidos en > > la Ley Orgánica 15/1999 mediante notificación a [email protected] > > <mailto:[email protected]> > > > > *Antes de imprimir este mensaje, piense si es necesario. El medio > > ambiente está en nuestras manos.* > > > > > > > -- > [email protected] > https://inverse.ca/sogo/lists
<<attachment: arbolito.gif>>
<<attachment: fax.gif>>
<<attachment: movil.gif>>
<<attachment: tfno.gif>>
<<attachment: AvalonimagenFirma.jpg>>
