[dev] ActiveSync: got "ERR: Invalid address book" on Nokia Mail for exchange, but worked on WindowsMobile 6.1

Lukas Gradl horde at ssn.at
Wed May 26 15:19:38 UTC 2010


On 2010-05-26 02:31, Michael Rubinsky wrote:
>
> Quoting Lukas Gradl <horde at ssn.at>:
>
>> On 2010-05-25 22:19, Michael Rubinsky wrote:
>>>
>>>>
>>>> When using Nokia there is a PEAR_Error in Turba_Driver::&singleton():
>>>>
>>>> The Message is "Bind failed: (53) Server is unwilling to perform"
>>>>
>>>> It seems that the Password to connect to the LDAP-Server is not
>>>> provided correctly.
>>>>
>>>> I defined the LDAP-Access in sources.php as following:
>>>>
>>>> 'bind_dn' => 'cn='.Horde_Auth::getAuth().',ou=Users,dc=demo,dc=com',
>>>> 'bind_password' => Horde_Auth::getCredential('password'),
>>>>
>>>> the Horde_Auth::getAuth() is correct, the
>>>> Horde_Auth::getCredential('password') is empty.
>>>
>>> Ok. That's a good piece of information. I have a feeling the
>>> authorization header isn't being sent or parsed correctly.
>>> Can you check to see the value of $pass in Horde_Rpc_ActiveSync
>>> (framework/Rpc/lib/Horde/Rpc/ActiveSync.php) on line 178? This should
>>> (obviously) be the user's horde password.
>>>
>>
>> Yes, it contains the Users horde-Password.
>>
>> The problem seems to sit within the way I'm authenticating in
>> sources.php.
>>
>> To use the Horde-Password as the password to authenticate against LDAP
>> I use the line:
>> 'bind_password' => Horde_Auth::getCredential('password'),
>> in my sources.php.
>> When the sources.php get's included in Turba_Application::_init() this
>> variable is empty.
>
> Weird, the same code path is followed when all devices sync, even if
> they issue a GETITEMESTIMATE request first, as that calls the same
> backend code. Not sure what the heck is going on here, but I'll keep
> thinking about it.
>
>> Is there another way to provide the Password to LDAP?
>
> Not that I know of. Horde_Auth::getCredential('password') should return
> the password that was set when the user authenticated. The password is
> stored in the session when Horde_Auth#authenticate is called, and is
> returned when Horde_Auth#getCredential is called. Not sure where to go
> from here. If you end up getting a wireshark trace, guess it's worth
> looking at.
>

OK, tried to track it down a little bit more.

In Horde_Auth::_getCredentials there is a Horde_Secret Object called 
$secret. I tried to examine that variable using print_r().

It contains [_cipherCache:protected]. When called by WM 6.1 it contains 
an Array with a Crypt_Blowfish Object (I think this contains the 
password...)
When called by MfE 3.0 it contains an Empty Array...

regards
Lukas



-- 

----------------------------
software security networks
Lukas Gradl <horde#ssn.at>
Eduard-Bodem-Gasse 5
A - 6020 Innsbruck
Tel: +43-512-214040-0
Fax: +43-512-214040-21
----------------------------


More information about the dev mailing list