[Tickets #8271] LDAP preferences - unauthenticated bind attempt / failure
bugs at horde.org
bugs at horde.org
Thu May 14 02:43:18 UTC 2009
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/8271
------------------------------------------------------------------------------
Ticket | 8271
Created By | simon at simonandkate.net
Summary | LDAP preferences - unauthenticated bind attempt /
| failure
Queue | Turba
Version | 2.3.1
Type | Bug
State | Unconfirmed
Priority | 1. Low
Milestone |
Patch |
Owners |
------------------------------------------------------------------------------
simon at simonandkate.net (2009-05-13 22:43) wrote:
I have a shared LDAP directory in Turba that functionally works fine.
Users with granted permissions can add and edit contacts.
Error: "The preferences backend is currently unavailable and your
preferences have not been loaded. You may continue to use the system
with default settings."
Reproducible: yes every time - Logoff, logon, go to the shared address
book, open a contact created by a user other than me, return to the
shared addressbook - error is thrown.
LDAP log:
May 14 12:31:55 server01 slapd[1156]: conn=121129 op=2 BIND
dn="uid=katie,ou=users,dc=simonandkate,dc=lan" method=128
May 14 12:31:55 server01 slapd[1156]: conn=121129 op=2 RESULT tag=97
err=53 text=unauthenticated bind (DN with no password) disallowed
The user it is attempting to bind as is the user who created the
shared contact.
These errors are occurring in Wicked http://bugs.horde.org/ticket/8270
when accessing a page created by someone else, Ansel
http://bugs.horde.org/ticket/8269 when listing galleries created by
someone else, and Turba (this ticket) when returning from a contact
created by someone else - consistently and repeatably.
The patches posted for Ingo http://bugs.horde.org/ticket/7418,
Kronolith http://bugs.horde.org/ticket/8246 and Nag
http://bugs.horde.org/ticket/8251 have solved the issues for me in
those applications.
My Horde Prefs config is as follows:
$conf['prefs']['params']['hostspec'] = 'server01.simonandkate.lan';
$conf['prefs']['params']['port'] = 389;
$conf['prefs']['params']['version'] = '3';
$conf['prefs']['params']['tls'] = true;
$conf['prefs']['params']['basedn'] = 'dc=simonandkate,dc=lan';
$conf['prefs']['params']['writedn'] = 'user';
$conf['prefs']['params']['uid'] = 'uid';
$conf['prefs']['driver'] = 'ldap';
Preferences binds are done as the logged on user. Would doing a
preferences bind as an LDAP user with permissions to all the required
parts of LDAP solve this? I would rather bind as the user concerned...
seems to be a more "proper" way to do it, and I'd have thought it
should work given the option is there.
More information about the bugs
mailing list