View Issue Details

IDProjectCategoryView StatusLast Update
0002471SOGoBackend Generalpublic2016-05-06 15:36
Reporterparavis Assigned Toludovic  
PriorityhighSeveritymajorReproducibilityalways
Status resolvedResolutionfixed 
PlatformDebian LinuxOSUbuntu Server LTSOS Version12.04.3
Product Version2.0.7 
Fixed in Version2.3.11 
Summary0002471: SOGoRootPage and changePassword, LDAP auth with passwordPolicy, and pwdReset = TRUE
Description

Backend--
OpenLDAP 2.4.28
ppolicy with pwdReset (for new user accounts, no other policies enabled)

All password change functions within SOGo preferences works fine. All LDAP password change functions outside of SOGo work fine. All other LDAP services working great for multiple other services on multiple other servers.

Steps To Reproduce

Fresh install of Ubuntu 12.04.3. No extra packages other than LAMP and SSH installed on server. Run apt-get update, apt-get upgrade, and apt-get dist-upgrade. Reboot. Follow installation instructions on www.sogo.nu for Ubuntu 12.04. Reboot.

Default SOGo configuration with only the following LDAP auth config changes (aside from the basic SQL/LDAP configuration parameters):
passwordPolicy = YES;

Update user's LDAP attribute pwdReset = TRUE. Try to log in and follow password change instructions.

Additional Information

At login screen, user is presented with "Change Your Password" screen after successfully authenticating against LDAP. Mis-typing new and confirm password results in proper error message. Properly typing new and confirm password results in "Unhandled HTTP error code: 502".

With passwordPolicy = NO; in sogo.conf, user is able to log in -- though cannot change password from Preferences menu.

User is able to change password in Preferences -> Password with passwordPolicy = YES; in sogo.conf and pwdReset = FALSE in LDAP.

Upon clicking "OK" in "Change your Password" screen, no communications with LDAP server are seen. Simply an error in the Apache and SOGo logs.

SOGo:
Oct 25 20:58:55 sogod [1871]: <0x0x7f599b70c170[SOGoCache]> Cache cleanup interval set every 300.000000 seconds
Oct 25 20:58:55 sogod [1871]: <0x0x7f599b70c170[SOGoCache]> Using host(s) 'localhost' as server(s)
2013-10-25 20:58:55.145 sogod[1871] Note(SoObject): SoDebugKeyLookup is enabled!
2013-10-25 20:58:55.146 sogod[1871] Note(SoObject): SoDebugBaseURL is enabled!
2013-10-25 20:58:55.146 sogod[1871] Note(SoObject): relative base URLs are enabled.
2013-10-25 20:58:55.153 sogod[1871] ERROR(-[NGBundleManager bundleWithPath:]): could not create bundle for path: '/usr/share/GNUstep/Libraries/gnustep-base/Versions/1.22/Resources/SSL.bundle'
2013-10-25 20:58:55.159 sogod[1871] WOxElemBuilder: could not locate builders: WOxExtElemBuilder,WOxExtElemBuilder
2013-10-25 20:58:55.160 sogod[1871] WOCompoundElement: pool embedding is on.
2013-10-25 20:58:55.160 sogod[1871] WOCompoundElement: id logging is on.
2013-10-25 20:58:55.176 sogod[1871] WARNING(-[NSNull(misc) count]): called NSNull -count (returns 0) !!!
10.0.2.101 - - [25/Oct/2013:20:58:55 GMT] "GET /SOGo/ HTTP/1.1" 200 3870/0 0.049 11821 67% 3M
Oct 25 20:59:00 sogod [1871]: <0x0x7f599bd40ad0[NGLdapConnection]> bind - ldap_result call result: 97
Oct 25 20:59:00 sogod [1871]: <0x0x7f599bd40ad0[NGLdapConnection]> bind - policy values: -1 -1 2 - bound: 1
Oct 25 20:59:00 sogod [1871]: SOGoRootPage Login from '10.0.2.101' for user 'lpeterson' might not have worked - password policy: 2 grace: -1 expire: -1 bound: 1
10.0.2.101 - - [25/Oct/2013:20:59:00 GMT] "POST /SOGo/connect HTTP/1.1" 403 30/51 0.021 - - 396K
Oct 25 20:59:10 sogod [1848]: <0x0x7f599b926320[WOWatchDogChild]> child 1871 exited
Oct 25 20:59:10 sogod [1848]: <0x0x7f599b926320[WOWatchDogChild]> (terminated due to signal 11, coredump)
Oct 25 20:59:10 sogod [1848]: <0x0x7f599b74cbb0[WOWatchDog]> child spawned with pid 1875

Apache:
[Fri Oct 25 13:58:33 2013] [error] [client 10.0.2.101] (20014)Internal error: proxy: error reading status line from remote server 127.0.0.1:20000, referer: https://10.0.1.68/SOGo/
[Fri Oct 25 13:58:33 2013] [error] [client 10.0.2.101] proxy: Error reading from remote server returned by /SOGo/so/changePassword, referer: https://10.0.1.68/SOGo/
[Fri Oct 25 13:59:10 2013] [error] [client 10.0.2.101] (20014)Internal error: proxy: error reading status line from remote server 127.0.0.1:20000, referer: https://10.0.1.68/SOGo/
[Fri Oct 25 13:59:10 2013] [error] [client 10.0.2.101] proxy: Error reading from remote server returned by /SOGo/so/changePassword, referer: https://10.0.1.68/SOGo/

Tags502, ldap, passwordPolicy, pwdReset

Activities

ludovic

ludovic

2016-05-06 15:36

administrator   ~0010066

Fixed last week, will be in 2.3.11 and later, in SOGo v3.1.1.

Issue History

Date Modified Username Field Change
2013-10-25 17:06 paravis New Issue
2013-10-25 17:11 paravis Tag Attached: ldap
2013-10-25 17:11 paravis Tag Attached: 502
2013-10-25 17:11 paravis Tag Attached: passwordPolicy
2013-10-25 17:11 paravis Tag Attached: pwdReset
2016-05-06 15:36 ludovic Note Added: 0010066
2016-05-06 15:36 ludovic Status new => resolved
2016-05-06 15:36 ludovic Fixed in Version => 2.3.11
2016-05-06 15:36 ludovic Resolution open => fixed
2016-05-06 15:36 ludovic Assigned To => ludovic