[sork] Strong(er) authentication required with LDAP ?

pascal at linuxorable.net pascal at linuxorable.net
Thu Feb 17 02:43:46 PST 2005 

Hi,

I try to configure Passwd with LDAP and I get this message:

Strong(er) authentication required

My apache2.conf is:

<VirtualHost 82.67.66.131:443>
    ServerName "www.linuxorable.net"
    DocumentRoot "/usr/local/www"
    SSLEngine On
</VirtualHost>


<VirtualHost 82.67.66.131:80>
ServerName "www.linuxorable.net"
DocumentRoot "/usr/local/www"
<Directory "/usr/local/www/horde">
Redirect / https://www.linuxorable.net/
</Directory>
<Directory "/usr/local/www/phpLDAPadmin_0.9.5">
Redirect / https://www.linuxorable.net/
</Directory>
</VirtualHost>

and phpLDAPadmin/STARTTLS works fine.

I saw anywhere in horde/passwd where to configure ldap authentication.
And I read the mailing list archives without success (neither with google)

My horde/passwd/config/backends.php is:
___________________________________________________________
// NOTE: to set the ldap userdn, see horde/config/hooks.php
$backends['ldap'] = array(
    'name' => 'LDAP server',
    'preferred' => 'linuxorable.net',
    'password policy' => array(
        'minLength' => 3,
        'maxLength' => 8
    ),
    'driver' => 'ldap',
    'params' => array(
        'host' => 'localhost',
        'port' => 389,
        'basedn' => 'ou=xxxxxxxx,dc=linuxorable,dc=net',
        'uid' => 'uid',
        'realm' => '', // this will be appended to the username when
                       // looking for the userdn.
        'encryption' => 'crypt',
    'tls' => false // make sure the host == cn in the server certificate
    )
);
?>
---------------------------------------------------------------------------

and /etc/ldap/slapd.conf is:
___________________________________________________________________________
access to dn="ou=xxxxxxxx,dc=linuxorable,dc=net" attr=userPassword
        by self write
        by anonymous auth
        by * none
---------------------------------------------------------------------------

I found something strange in /var/log/slapd.log:

slapd[1673]: do_modify: dn (uid=virginie at linuxorable.net,dc=linuxorable,dc=net)
slapd[1673]: >>> dnPrettyNormal:
<uid=virginie at linuxorable.net,dc=linuxorable,dc=net>
slapd[1673]: <<< dnPrettyNormal:
<uid=virginie at linuxorable.net,dc=linuxorable,dc=net>,
<uid=virginie at linuxorable.net,dc=linuxorable,dc=net>
slapd[1673]: modifications:
slapd[1673]: ^Ireplace: userPassword
slapd[1673]: ^I^Ione value, length 29
slapd[1673]: conn=8 op=2 MOD
dn="uid=virginie at linuxorable.net,dc=linuxorable,dc=net"
slapd[1673]: conn=8 op=2 MOD attr=userPassword
slapd[1673]: send_ldap_result: conn=8 op=2 p=3
slapd[1673]: send_ldap_result: err=8 matched="" text="modifications require
authentication"
slapd[1673]: send_ldap_response: msgid=3 tag=103 err=8
slapd[1673]: conn=8 op=2 RESULT tag=103 err=8 text=modifications require
authentication
--------------------------------------------------------------------------

The searched uid seems to be uid=virginie at linuxorable.net while the uid users in
LDAP are uid=virginie !

Thank you for your help

Pascal -- FRANCE

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

More information about the sork mailing list