[Tickets #8271] LDAP preferences - unauthenticated bind attempt / failure

bugs at horde.org bugs at horde.org
Thu May 14 02:43:18 UTC 2009 

DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/8271
------------------------------------------------------------------------------
  Ticket             | 8271
  Created By         | simon at simonandkate.net
  Summary            | LDAP preferences - unauthenticated bind attempt /
                     | failure
  Queue              | Turba
  Version            | 2.3.1
  Type               | Bug
  State              | Unconfirmed
  Priority           | 1. Low
  Milestone          |
  Patch              |
  Owners             |
------------------------------------------------------------------------------


simon at simonandkate.net (2009-05-13 22:43) wrote:

I have a shared LDAP directory in Turba that functionally works fine.  
Users with granted permissions can add and edit contacts.

Error: "The preferences backend is currently unavailable and your  
preferences have not been loaded. You may continue to use the system  
with default settings."

Reproducible: yes every time - Logoff, logon, go to the shared address  
book, open a contact created by a user other than me, return to the  
shared addressbook - error is thrown.

LDAP log:

May 14 12:31:55 server01 slapd[1156]: conn=121129 op=2 BIND  
dn="uid=katie,ou=users,dc=simonandkate,dc=lan" method=128
May 14 12:31:55 server01 slapd[1156]: conn=121129 op=2 RESULT tag=97  
err=53 text=unauthenticated bind (DN with no password) disallowed

The user it is attempting to bind as is the user who created the  
shared contact.

These errors are occurring in Wicked http://bugs.horde.org/ticket/8270  
when accessing a page created by someone else, Ansel  
http://bugs.horde.org/ticket/8269 when listing galleries created by  
someone else, and Turba (this ticket) when returning from a contact  
created by someone else - consistently and repeatably.

The patches posted for Ingo http://bugs.horde.org/ticket/7418,  
Kronolith http://bugs.horde.org/ticket/8246 and Nag  
http://bugs.horde.org/ticket/8251 have solved the issues for me in  
those applications.

My Horde Prefs config is as follows:

$conf['prefs']['params']['hostspec'] = 'server01.simonandkate.lan';
$conf['prefs']['params']['port'] = 389;
$conf['prefs']['params']['version'] = '3';
$conf['prefs']['params']['tls'] = true;
$conf['prefs']['params']['basedn'] = 'dc=simonandkate,dc=lan';
$conf['prefs']['params']['writedn'] = 'user';
$conf['prefs']['params']['uid'] = 'uid';
$conf['prefs']['driver'] = 'ldap';

Preferences binds are done as the logged on user. Would doing a  
preferences bind as an LDAP user with permissions to all the required  
parts of LDAP solve this? I would rather bind as the user concerned...  
seems to be a more "proper" way to do it, and I'd have thought it  
should work given the option is there.

More information about the bugs mailing list