Mailing List CGatePro@mail.stalker.com Message #97116
From: Kirnauskis Postmaster <postmaster@kirnauskis.com>
Subject: Re: Pronto and LDAP
Date: Thu, 22 Jan 2009 16:24:24 +0200
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
X-Mailer: Apple Mail (2.930.3)
Continuing to followup on my own post, but still seeking for help. :)

I changed the authLDAPnew.pl configuration line to 'adminDN=>'uid=diradmin,cn=users,dc=ldap,dc=myserver,dc=com'' which seemed to cure the bind problem I described in my previous post. However, I'm still getting an error message claiming the password is wrong (which it isn't).

10:51:43.900 4 EXTAUTH out(121): 38 SASL(CRAM-MD5) (XIMSS) myaccount@server.com f76b65e73550c329b0e436a7a5ffb523 "<27.1232614303@pixmill.fi>" [83.145.215.158]\n
10:51:43.900 4 EXTAUTH inp(038): * trying to connect to ldap.myserver.com
10:51:43.913 4 EXTAUTH inp(078): * searching cn=users,dc=ldap,dc=myserver,dc=com for (&(uid=myaccount)(objectclass=*))
10:51:43.916 4 EXTAUTH inp(019): 38 PLAIN "********"
10:51:43.916 1 EXTAUTH myaccount@myserver.com(XIMSS) SASL/plain password is incorrect. Error Code=incorrect password



On 16.1.2009, at 11:26, Kirnauskis Postmaster wrote:

I'm following up on my own post (see below) because I still haven't been able to resolve the problem.

My logs seem to indicate the problem is with binding as the admin to my LDAP (OS X Server 10.5). I found generic instructions on how the binding is supposed to work in https://support.communigate.com/tickets/kb_cat.php?s=828684a3a9a33d1d4a66b37c206f0054&id=25&t=qanda (I am also using the authLDAPnew.pl)

Does anyone know if OS X OD is setup to allow retrieval of the plain text password by default using the directory administrator account?

How should the configuration line " adminDN=>'uid=admin,cn=host'," of authLDAPnew.pl look like? Mine is like this:
adminDN=>'uid=diradmin,cn=ldap.mydomain.dom',

Begin forwarded message:

Has anyone applied these instructions to bind to an LDAP directory on OS X?

http://www.afp548.com/filemgmt/visit.php?lid=57

I've got everything else working except Pronto. I get an "incorrect password" from Pronto, if I try to authenticate from the LDAP directory. The instructions say: "In addition, if you wish to use the Pronto! Engine, you will need to disable the CRAM-MD5 Login Method. This will disable the SASL bind for Pronto!." But it seems to me disabling the CRAM-MD5 login method doesn't cure the problem.

Can anyone offer any insights?


On 12.1.2009, at 23:13, Kirnauskis Postmaster wrote:

Pronto doesn't work (webmail does, and always has). Are you sure you have your CGP password disabled? This the log I get from the Pronto login attempt:

17:36:11.816 4 EXTAUTH out(120): 8 SASL(CRAM-MD5) (XIMSS) me@mydomain.com 37999a0438deef8a2b413427dse0e55967 "<17.1231774571@mydomain.com>" [83.145.215.158]\n
17:36:11.817 4 EXTAUTH inp(038): * trying to connect to ldap.mydomain.com
17:36:11.819 4 EXTAUTH inp(048): 8 ERROR Can't bind as admin: Invalid credentials
17:36:11.819 1 EXTAUTH me@mydomain.com(XIMSS) SASL password is incorrect


--
Kirnauskis Postmaster
postmaster@kirnauskis.com


#############################################################
This message is sent to you because you are subscribed to
the mailing list <CGatePro@mail.stalker.com>.
To unsubscribe, E-mail to: <CGatePro-off@mail.stalker.com>
To switch to the DIGEST mode, E-mail to <CGatePro-digest@mail.stalker.com>
To switch to the INDEX mode, E-mail to <CGatePro-index@mail.stalker.com>
Send administrative queries to  <CGatePro-request@mail.stalker.com>


--
Kirnauskis Postmaster
postmaster@kirnauskis.com

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster