1 Topic by mc (edited by mc 2016-01-25 17:31:50)

  • mc
  • Member
  • Offline
  • Registered: 2016-01-25
  • Posts: 9

Topic: LDAP login with password in tips failure

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.3
- Linux/BSD distribution name and version: CentOS 6.6
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro?No
- Related log if you're reporting an issue:
====
Install a new iredmail today with LDAP/SOGo ,
login iredmailadmin , create a user and login with the new id in SOGo is OK
and I wanna try add a mail alias for the account with phpldapadmin
But login to phpldapadmin always failure

Unable to connect to LDAP server Local LDAP Server
錯誤: Inappropriate authentication (48) for anon
error    Failed to Authenticate to server
Invalid Username or Password.

the LDAP Section in tips like this
OpenLDAP:
    * LDAP suffix: dc=abc,dc=org
    * LDAP root dn: cn=Manager,dc=abc,dc=org, password: HHHyOry98t33V9Wv66T8u9LfGHcD2Z
    * LDAP bind dn (read-only): cn=vmail,dc=abc,dc=org, password: Mw4Eucnu9KC9ComrUh4KZwApRTuzDX
    * LDAP admin dn (read-write): cn=vmailadmin,dc=abc,dc=org, password: FoiQReKGgGeZeRRXfFhkWZNQJkk7fC
    * LDAP base dn: o=domains,dc=abc,dc=org
    * LDAP admin base dn: o=domainAdmins,dc=abc,dc=org

login phpldapadmin with cn=Manager,dc=abc,dc=org  password HHHyOry98t33V9Wv66T8u9LfGHcD2Z

What is the password to login ??
and is there anyway to change the password to plaintext ?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,792

Re: LDAP login with password in tips failure

mc wrote:

login phpldapadmin with cn=Manager,dc=abc,dc=org  password HHHyOry98t33V9Wv66T8u9LfGHcD2Z
What is the password to login ??
and is there anyway to change the password to plaintext ?

Password is "HHHyOry98t33V9Wv66T8u9LfGHcD2Z", and it's plain password.

3 Reply by mc

  • mc
  • Member
  • Offline
  • Registered: 2016-01-25
  • Posts: 9

Re: LDAP login with password in tips failure

ZhangHuangbin wrote:
mc wrote:

login phpldapadmin with cn=Manager,dc=abc,dc=org  password HHHyOry98t33V9Wv66T8u9LfGHcD2Z
What is the password to login ??
and is there anyway to change the password to plaintext ?

Password is "HHHyOry98t33V9Wv66T8u9LfGHcD2Z", and it's plain password.

but I cant ogin with that ...
Unable to connect to LDAP server Local LDAP Server
錯誤: Inappropriate authentication (48) for anon
error    Failed to Authenticate to server
Invalid Username or Password.

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,792

Re: LDAP login with password in tips failure

Please try 'ldapsearch' command on server to verify that ldap bind dn / password are correct. For example:

ldapsearch -x -D "cn=manager,dc=xxx,dx=xxx" -W -b "o=domains,dc=xxx,dc=xxx"

5 Reply by mc (edited by mc 2016-01-26 12:34:48)

  • mc
  • Member
  • Offline
  • Registered: 2016-01-25
  • Posts: 9

Re: LDAP login with password in tips failure

ldapsearch -x -b "cn=manager,dc=abc,dc=org"
ldap_bind: Inappropriate authentication (48)
        additional info: anonymous bind disallowed

ldapsearch -W -x -b -D "cn=manager,dc=abc,dc=org"
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
[root@iredmail iRedMail-0.9.3]#

ldapsearch -W -x -b "o=domains,dc=abc,dc=org" -D "cn=Manager,dc=abc,dc=org"
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <o=domains,dc=abc,dc=org> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# domains, abc.org
dn: o=domains,dc=abc,dc=org
objectClass: organization
o: domains

with o=domains, dc=abc,dc=org  , the ldapsearch finally works !
so , which login id shout I use ? o=domains,dc=abc,dc=org ?

input the password from tips  HHHyOry98t33V9Wv66T8u9LfGHcD2Z

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,792

Re: LDAP login with password in tips failure

You can use one of them:

* LDAP root dn: cn=Manager,dc=abc,dc=org, password: HHHyOry98t33V9Wv66T8u9LfGHcD2Z
    * LDAP bind dn (read-only): cn=vmail,dc=abc,dc=org, password: Mw4Eucnu9KC9ComrUh4KZwApRTuzDX
    * LDAP admin dn (read-write): cn=vmailadmin,dc=abc,dc=org, password: FoiQReKGgGeZeRRXfFhkWZNQJkk7fC

7 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,792

Re: LDAP login with password in tips failure

You can use one of them:

* LDAP root dn: cn=Manager,dc=abc,dc=org, password: HHHyOry98t33V9Wv66T8u9LfGHcD2Z
    * LDAP bind dn (read-only): cn=vmail,dc=abc,dc=org, password: Mw4Eucnu9KC9ComrUh4KZwApRTuzDX
    * LDAP admin dn (read-write): cn=vmailadmin,dc=abc,dc=org, password: FoiQReKGgGeZeRRXfFhkWZNQJkk7fC

8 Reply by mc

  • mc
  • Member
  • Offline
  • Registered: 2016-01-25
  • Posts: 9

Re: LDAP login with password in tips failure

after some try and error , I eventually figure out what`s the problem
if use yum install phpldapadmin
the default setting in /etc/phpldapadmin/config.php line 399

$servers->setValue('login','attr','uid');

should be

$servers->setValue('login','attr','dn');

and everything works pretty fine now !
maybe you guys should consider add this to tips or some documents !