[horde] [Horde]LDAP auth problems

Stefan Dinescu stefan.dinescu.m at gmail.com
Fri Oct 28 09:08:39 UTC 2011 

Hy,

I was given a task to make a LDAP authentification for horde, but i
can't get it to work. I am stuck for the last 2 days and google isn't
very useful this time. Here is my horde/config/conf.php

<?php
/* CONFIG START. DO NOT CHANGE ANYTHING IN OR AFTER THIS LINE. */
// $Id: 234c6a25837ade4d777c5c597115ea0b46715ba5 $
$conf['vhosts'] = false;
$conf['debug_level'] = E_ALL & ~E_NOTICE;
$conf['max_exec_time'] = 0;
$conf['compress_pages'] = true;
$conf['secret_key'] = '4ea809c4-d184-465e-b4b5-6743855c3b2a';
$conf['umask'] = 077;
$conf['testdisable'] = false;
$conf['use_ssl'] = 2;
$conf['server']['name'] = $_SERVER['SERVER_NAME'];
$conf['urls']['token_lifetime'] = 30;
$conf['urls']['hmac_lifetime'] = 30;
$conf['urls']['pretty'] = false;
$conf['safe_ips'] = array();
$conf['session']['name'] = 'Horde';
$conf['session']['use_only_cookies'] = true;
$conf['session']['cache_limiter'] = 'nocache';
$conf['session']['timeout'] = 0;
$conf['cookie']['domain'] = $_SERVER['SERVER_NAME'];
$conf['cookie']['path'] = '/';
$conf['sql']['persistent'] = false;
$conf['sql']['username'] = 'sqluser';
$conf['sql']['password'] = 'sqlpass';
$conf['sql']['hostspec'] = 'localhost';
$conf['sql']['port'] = 3306;
$conf['sql']['protocol'] = 'tcp';
$conf['sql']['database'] = 'horde';
$conf['sql']['charset'] = 'utf-8';
$conf['sql']['ssl'] = false;
$conf['sql']['splitread'] = false;
$conf['sql']['phptype'] = 'mysql';
$conf['ldap']['hostspec'] = '192.168.0.20';
$conf['ldap']['port'] = 389;
$conf['ldap']['tls'] = false;
$conf['ldap']['version'] = 3;
$conf['ldap']['user']['binddn'] = 'cn=admin
1,ou=Administrators,ou=mail,o=company';
$conf['ldap']['user']['bindpw'] = 'password1';
$conf['ldap']['user']['uid'] = 'uid';
$conf['ldap']['user']['objectclass'] = array('*');
$conf['ldap']['user']['filter_type'] = 'objectclass';
$conf['ldap']['bindas'] = 'user';
$conf['ldap']['useldap'] = true;
$conf['auth']['admins'] = array('test at gogu.com');
$conf['auth']['checkip'] = true;
$conf['auth']['checkbrowser'] = true;
$conf['auth']['alternate_login'] = false;
$conf['auth']['redirect_on_logout'] = false;
$conf['auth']['list_users'] = 'list';
$conf['auth']['params']['basedn'] = 'ou=vpopmail,ou=mail,o=company';
$conf['auth']['params']['scope'] = 'sub';
$conf['auth']['params']['ad'] = false;
$conf['auth']['params']['uid'] = 'uid';
$conf['auth']['params']['encryption'] = 'plain';
$conf['auth']['params']['newuser_objectclass'] =
array('shadowAccount', 'inetOrgPerson');
$conf['auth']['params']['filter'] = '(objectclass=shadowAccount)';
$conf['auth']['params']['password_expiration'] = 'no';
$conf['auth']['params']['driverconfig'] = 'horde';
$conf['auth']['driver'] = 'ldap';
$conf['auth']['params']['count_bad_logins'] = false;
$conf['auth']['params']['login_block'] = false;
$conf['auth']['params']['login_block_count'] = 5;
$conf['auth']['params']['login_block_time'] = 5;
$conf['nobase64_img'] = false;
$conf['signup']['allow'] = false;
$conf['log']['priority'] = 'DEBUG';
$conf['log']['ident'] = 'HORDE_NEW';
$conf['log']['name'] = '/tmp/log_stefan.log';
$conf['log']['type'] = 'file';
$conf['log']['enabled'] = true;
$conf['log_accesskeys'] = false;
$conf['prefs']['params']['driverconfig'] = 'horde';
$conf['prefs']['driver'] = 'Sql';
$conf['alarms']['params']['driverconfig'] = 'horde';
$conf['alarms']['params']['ttl'] = 300;
$conf['alarms']['driver'] = 'Sql';
$conf['datatree']['driver'] = 'null';
$conf['group']['driverconfig'] = 'horde';
$conf['group']['driver'] = 'Sql';
$conf['group']['cache'] = false;
$conf['perms']['driverconfig'] = 'horde';
$conf['perms']['driver'] = 'Sql';
$conf['share']['no_sharing'] = false;
$conf['share']['auto_create'] = true;
$conf['share']['world'] = true;
$conf['share']['any_group'] = false;
$conf['share']['hidden'] = false;
$conf['share']['cache'] = false;
$conf['share']['driver'] = 'Sqlng';
$conf['cache']['default_lifetime'] = 86400;
$conf['cache']['params']['sub'] = 0;
$conf['cache']['driver'] = 'File';
$conf['cache']['compress'] = true;
$conf['cache']['use_memorycache'] = '';
$conf['cachecss'] = false;
$conf['cachejs'] = false;
$conf['cachethemes'] = false;
$conf['lock']['params']['driverconfig'] = 'horde';
$conf['lock']['driver'] = 'Sql';
$conf['token']['params']['driverconfig'] = 'horde';
$conf['token']['driver'] = 'Sql';
$conf['mailer']['params']['sendmail_path'] = '/usr/lib/sendmail';
$conf['mailer']['params']['sendmail_args'] = '-oi';
$conf['mailer']['type'] = 'sendmail';
$conf['mailformat']['brokenrfc2231'] = false;
$conf['vfs']['params']['driverconfig'] = 'horde';
$conf['vfs']['type'] = 'Sql';
$conf['sessionhandler']['type'] = 'Builtin';
$conf['sessionhandler']['memcache'] = false;
$conf['spell']['driver'] = '';
$conf['gnupg']['keyserver'] = array('pool.sks-keyservers.net');
$conf['gnupg']['timeout'] = 10;
$conf['image']['driver'] = false;
$conf['exif']['driver'] = 'Bundled';
$conf['problems']['email'] = 'webmaster at company.com';
$conf['problems']['maildomain'] = 'example.com';
$conf['problems']['tickets'] = false;
$conf['problems']['attachments'] = true;
$conf['menu']['apps'] = array();
$conf['menu']['always'] = true;
$conf['menu']['links']['help'] = 'all';
$conf['menu']['links']['prefs'] = 'authenticated';
$conf['menu']['links']['problem'] = 'all';
$conf['menu']['links']['login'] = 'all';
$conf['menu']['links']['logout'] = 'authenticated';
$conf['portal']['fixed_blocks'] = array();
$conf['accounts']['driver'] = 'null';
$conf['user']['verify_from_addr'] = false;
$conf['user']['select_view'] = true;
$conf['facebook']['enabled'] = false;
$conf['twitter']['enabled'] = false;
$conf['urlshortener'] = false;
$conf['imsp']['enabled'] = false;
$conf['kolab']['enabled'] = false;
$conf['memcache']['enabled'] = false;
$conf['activesync']['state']['params']['devicetable'] =
'horde_activesync_device';
$conf['activesync']['state']['params']['statetable'] = 'horde_activesync_state';
$conf['activesync']['state']['params']['maptable'] = 'horde_activesync_map';
$conf['activesync']['state']['params']['userstable'] =
'horde_activesync_device_users';
$conf['activesync']['logging']['type'] = 'horde';
$conf['activesync']['ping']['heartbeatmin'] = 60;
$conf['activesync']['ping']['heartbeatmax'] = 2700;
$conf['activesync']['ping']['heartbeatdefault'] = 480;
$conf['activesync']['ping']['deviceping'] = true;
$conf['activesync']['ping']['waitinterval'] = 5;
$conf['activesync']['securitypolicies']['pin'] = false;
$conf['activesync']['securitypolicies']['provisioning'] = 'loose';
$conf['activesync']['enabled'] = true;
/* CONFIG END. DO NOT CHANGE ANYTHING IN OR BEFORE THIS LINE. */


in the log i configured i get the error:

DEBUG: HORDE_NEW Horde_Registry: retrieved app with cache ID
horde_registry|app|1319635717|d619fb0bf369527e6bcef7f81be1b848 [pid
23644 on line 1702 of "/usr/local/lib/php/Horde/Registry.php"]
2011-10-28T11:39:41+03:00 DEBUG: HORDE_NEW Load config file
(hooks.php; app: imp) [pid 23644 on line 865 of
"/usr/local/lib/php/Horde.php"]
2011-10-28T11:39:41+03:00 DEBUG: HORDE_NEW [imp] Load config file
(conf.php; app: imp) [pid 23644 on line 865 of
"/usr/local/lib/php/Horde.php"]
2011-10-28T11:39:41+03:00 DEBUG: HORDE_NEW [imp] Load config file
(backends.php; app: imp) [pid 23644 on line 865 of
"/usr/local/lib/php/Horde.php"]
2011-10-28T11:39:41+03:00 ERR: HORDE_NEW [horde] FAILED LOGIN for
user at domain.ro [193.232.101.89] to Horde [pid 23644 on line 182 of
"/usr/local/apache2/htdocs/hordenew/login.php"]
2011-10-28T11:39:41+03:00 DEBUG: HORDE_NEW [horde] Load config file
(nls.php; app: horde) [pid 23644 on line 865 of
"/usr/local/lib/php/Horde.php"]
2011-10-28T11:39:41+03:00 DEBUG: HORDE_NEW [horde] Login failed
because your username or password was entered incorrectly. [pid 23644
on line 27 of "/usr/local/lib/php/Horde/Core/Notification/Handler/Decorator/Hordelog.php"]
2011-10-28T11:39:41+03:00 DEBUG: HORDE_NEW [horde] SQL  (0.0004s)
    SELECT alarm_id, alarm_uid, alarm_start, alarm_end, alarm_methods,
      alarm_params, alarm_title, alarm_text, alarm_snooze, alarm_internal
      FROM horde_alarms WHERE alarm_dismissed = 0 AND ((alarm_snooze IS NULL
      AND alarm_start <= '2011-10-28T08:39:41') OR alarm_snooze <=
      '2011-10-28T08:39:41') AND (alarm_end IS NULL OR alarm_end >=
      '2011-10-28T08:39:41') AND (alarm_uid IS NULL OR alarm_uid = '' OR
      alarm_uid = '') ORDER BY alarm_start, alarm_end [pid 23644 on
line 803 of "/usr/local/lib/php/Horde/Db/Adapter/Base.php"]
2011-10-28T11:39:41+03:00 DEBUG: HORDE_NEW [horde] Load config file
(motd.php; app: horde) [pid 23644 on line 865 of
"/usr/local/lib/php/Horde.php"]
2011-10-28T11:39:41+03:00 DEBUG: HORDE_NEW [horde] Max memory usage:
9699328 bytes [pid 23644 on line 475 of
"/usr/local/lib/php/Horde/Registry.php"]

When i log into the ldap directory it says: Logged in as: cn=admin
1,ou=Administrators,ou=mail,o=company

I am pretty new to this job, and my knowledge of LDAP is pretty limited.

in the 'ou=vpopmail,ou=mail,o=company subtree i have like 100 domains.
i am trying to log in into test at mydomain.com
it is located at:

uid=test at mydomain.com,ou=mydomain.com,ou=vpopmail,ou=mail,o=company

the info on this user is:
dn uid=test at mydomain.com,ou=mydomain.com,ou=vpopmail,ou=mail,o=company
uid test at mydomain.com
sn test
cn test

the password is set as clear

thanks



--
Stefan DINESCU

Advertising Manager
BOS - Business Organization for Students
Business is fun!

0744684881
stefan.dinescu.m at gmail.com
stefan.dinescu at cti.pub.ro
stefan_1414 at yahoo.com

More information about the horde mailing list