Topic: LDAP user password change failing using SOGo GUI
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.3.2
- Deployed with iRedMail Easy or the downloadable installer? Installer
- Linux/BSD distribution name and version: CentOS Linux release 7.9.2009 (Core)
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Since SOGo upgrade from v4 to v5 on November 24th, 2021, password changes conducted by SOGo GUI allegedly work, but they do not take effect on the OpenLDAP DB. The error message in sogo.log is:
DateAndTime sogod [25326]: <0x0x55fb34e2a960[NGLdapConnection]> change password - ldap_find_control call failed
DateAndTime sogod [25326]: <0x0x55fb3472f7a0[LDAPSource]> <NSException: 0x55fb34f5fee0> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{"error_code" = 49; login = "mail=john.doe@mycompany.com,ou=users,domainname=mycompany.com,o=domains,dc=mycompany,dc=com"; }
DateAndTime sogod [25326]: 192.168.1.27 "POST /SOGo/so/changePassword HTTP/1.0" 204 0/78 0.152 - - 392K - 20In LDAP's log openldap.log I cannot identify any error message:
DateAndTime miniupdirm slapd[25316]: conn=1007 fd=14 ACCEPT from IP=127.0.0.1:37330 (IP=0.0.0.0:389)
DateAndTime miniupdirm slapd[25316]: conn=1007 op=0 BIND dn="cn=vmail,dc=mycompany,dc=com" method=128
DateAndTime miniupdirm slapd[25316]: conn=1007 op=0 BIND dn="cn=vmail,dc=mycompany,dc=com" mech=SIMPLE ssf=0
DateAndTime miniupdirm slapd[25316]: conn=1007 op=0 RESULT tag=97 err=0 text=
DateAndTime miniupdirm slapd[25316]: conn=1007 op=1 SRCH base="o=domains,dc=mycompany,dc=com" scope=2 deref=0 filter="(&(mail=john.doe@mycompany.com)(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=sogo))"
DateAndTime miniupdirm slapd[25316]: conn=1007 op=1 SRCH attr=dn
DateAndTime miniupdirm slapd[25316]: conn=1007 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
DateAndTime miniupdirm slapd[25316]: conn=1008 fd=15 ACCEPT from IP=127.0.0.1:37332 (IP=0.0.0.0:389)
DateAndTime miniupdirm slapd[25316]: conn=1008 op=0 SRCH base="" scope=0 deref=0 filter="(objectClass=*)"
DateAndTime miniupdirm slapd[25316]: conn=1008 op=0 SRCH attr=supportedCapabilities
DateAndTime miniupdirm slapd[25316]: conn=1008 op=0 SEARCH RESULT tag=101 err=0 nentries=0 text=
DateAndTime miniupdirm slapd[25316]: conn=1008 op=1 BIND dn="cn=vmail,dc=mycompany,dc=com" method=128
DateAndTime miniupdirm slapd[25316]: conn=1008 op=1 BIND dn="cn=vmail,dc=mycompany,dc=com" mech=SIMPLE ssf=0
DateAndTime miniupdirm slapd[25316]: conn=1008 op=1 RESULT tag=97 err=0 text=
DateAndTime miniupdirm slapd[25316]: conn=1008 op=2 EXT oid=1.3.6.1.4.1.4203.1.11.1
DateAndTime miniupdirm slapd[25316]: conn=1008 op=2 PASSMOD id="mail=john.doe@mycompany.com,ou=users,domainname=mycompany.com,o=domains,dc=mycompany,dc=com" old new
DateAndTime miniupdirm slapd[25316]: conn=1008 op=2 RESULT oid= err=50 text=
DateAndTime miniupdirm slapd[25316]: conn=1008 op=3 BIND anonymous mech=implicit ssf=0
DateAndTime miniupdirm slapd[25316]: conn=1008 op=3 BIND dn="mail=john.doe@mycompany.com,ou=users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com" method=128
DateAndTime miniupdirm slapd[25316]: conn=1008 op=3 RESULT tag=97 err=49 text=
DateAndTime miniupdirm slapd[25316]: conn=1008 op=4 UNBIND
DateAndTime miniupdirm slapd[25316]: conn=1008 fd=15 closed
DateAndTime miniupdirm slapd[25316]: conn=1007 op=2 UNBIND
DateAndTime miniupdirm slapd[25316]: conn=1007 fd=14 closedAny suggestion how to track it down further?
Thank you very much!
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.