Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Workspace » Open Diretory Works ! (Kerio Workspace beta 7)
  •  
Yohann94

Messages: 49

Karma: 1
Send a private message to this user
Thanks to the Kerio Team to bring Open Directory into this beta 7 ! I'm testing it and it works as great as with Kerio connect !
  •  
andrewrob

Messages: 70
Karma: 3
Send a private message to this user
Hi. What settings did you use, I am struggling to make it work.

I have:

hostname: full hostname with domain
ssl off
username: uid:username,cn=users,dc=hostname,dc=domainname,dc=com

searchbase: dc=domainname,dc=com


It passes the test but I cant find any users.
  •  
PeterBarlow

Messages: 24
Karma: 0
Send a private message to this user
I'm struggling too.
We have other systems happily reading users and groups from our Apple OD server.
But I can't even get the test to pass. Message says credentials fail.
Can someone post example data for the syntax that works for them?
  •  
Yohann94

Messages: 49

Karma: 1
Send a private message to this user
Here are my settings :
domain name : mydomain.com
hostname : myserver.mydomain.com
username : uid=diradmin,cn=users,dc=mydomain,dc=com
search suffix : dc=mydomain,dc=com

My Open Directory is on another computer which run Mac OS X Server 10.5.8.
  •  
PeterBarlow

Messages: 24
Karma: 0
Send a private message to this user
Thanks for your help Yohann94.
Reassuring to see that my settings are right, but frustrating that it still doesn't work for me.
I know the credentials I'm using are correct as I use them successfully elsewhere.
My differences are our OD is MOSX 10.6, and my KWS is in a sub-domain of the domain of the OD server.
Perhaps I should try to rule out these variances.
Anyone else with other thoughts on this?
  •  
andrewrob

Messages: 70
Karma: 3
Send a private message to this user
I have this working now with the following username

username: uid:username,cn=hostname,cn=users,dc=hostname,dc=domainname, dc=com

where hostname above is just the first part of the hostname.
  •  
Jarda Snajdr (Kerio)

Messages: 221
Karma: 12
Send a private message to this user
Hello everyone,

most likely, the user DN you entered is incorrect.

If you named your server myserver.mydomain.com, then the user DN should be:

uid=diradmin,cn=users,dc=myserver,dc=mydomain,dc=com

If even this doesn't work, open the Mac OS X Workgroup Manager and find out what the diradmin user's full DN is.

Jarda


  •  
stk_jj

Messages: 47
Karma: 0
Send a private message to this user
I just entered the hostname, DirAdmins shortname + PW and the complete DN was autofilled Smile.
  •  
greg_m

Messages: 65
Karma: 0
Send a private message to this user
I'm getting error code 49 invalid credentials too. I entered the shortname and password which I know to be working. Does the KWS server have to be bound to the OD Master?
  •  
PeterBarlow

Messages: 24
Karma: 0
Send a private message to this user
Sorry everyone, I meant to post this feedback days ago ...

My issue with the 49 error was resolved by tweaking the definition of the OD access account.
Thanks to andrewrob's post above for the detail that made the difference.
Because my OD host and my KWS server are not in the same DNS domain, when I added the dc=hostname item to the front of the dc pairs list the error on using the Test button was resolved.
I then had to add the same dc=hostname to the front of the LDAP search suffix config to make the actual lookup of Users work.
I'd recommend that by default this should be considered standard practice, especially as the interface auto-completes these data lines and leaves this detail out.

However ... What is really weird, is that when I went back in to the Admin screen for this, to check my info before entering this post, it had reverted to how it was before I fixed it. ???

Does KWS forcibly try to control this config data and reset it on reboots or something?

[Updated on: Wed, 08 December 2010 00:22]

  •  
PeterBarlow

Messages: 24
Karma: 0
Send a private message to this user
Warning!

Conclusively tested my wondering in my previous post above ...
Quote:
Does KWS forcibly try to control this config data and reset it on reboots or something?


The custom config for OD we have used to make this work in a non-standard DNS/domain deployment is over-written back to the auto-entered defaults on server reboot!!!

I have lodged a bug ticket with Kerio. I hope this can be addressed with the next beta.

[Updated on: Wed, 08 December 2010 01:47]

  •  
Tomas Laubr (Kerio)

Messages: 34
Karma: 2
Send a private message to this user
It's a bug. However custom config is not over-written. It just shows default LDAP search suffix when you visit Directory Service settings for the first time.
  •  
samvenning

Messages: 41
Karma: 0
Send a private message to this user
I think I've discovered problem using Kerio Workspace connected to Open Directory. With this configuration "Send Link" doesn't work. When I look at the user's attributes in Kerio Workspace I see the following:

Username: saven
Full Name: Sam Venning
Description:
Email Address: saven
Password: ••••••••
Confirm Password: •••••••

What is notable here is that there isn't a properly formed email address with <_at_>domain.com appended to the username. Why isn't this information coming from Open Directory?

The Kerio Workspace log records this:


org.apache.commons.mail.EmailException: Missing final '@domain'
at org.apache.commons.mail.Email.createInternetAddress(Email.ja va:605)
at org.apache.commons.mail.Email.setFrom(Email.java:668)
at com.kerio.workspace.Email.<init>(Email.java:39)
at com.kerio.workspace.MailService.createEmailPlain(MailService .java:63)
at com.kerio.workspace.EmailHandler.sendEmailMethod(EmailHandle r.java:22)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce ssorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe thodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.kerio.workspace.APIServlet.callMethod(APIServlet.java:11 8)
at com.kerio.workspace.APIServlet.doPost(APIServlet.java:42)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFi lter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(App licationFilterChain.java:206)
at com.kerio.workspace.HibernateSessionFilter.doFilter(Hibernat eSessionFilter.java:29)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFi lter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(App licationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(Standar dWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(Standar dContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHo stValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorRepo rtValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(Standard EngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAd apter.java:298)
at org.apache.coyote.http11.Http11AprProcessor.process(Http11Ap rProcessor.java:859)
at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionH andler.process(Http11AprProtocol.java:579)
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoin t.java:1555)
at java.lang.Thread.run(Thread.java:680)
Caused by: javax.mail.internet.AddressException: Missing final '@domain' in string ``saven''
at javax.mail.internet.InternetAddress.checkAddress(InternetAdd ress.java:1178)
at javax.mail.internet.InternetAddress.validate(InternetAddress .java:1071)
at org.apache.commons.mail.Email.createInternetAddress(Email.ja va:601)
... 27 more
  •  
Jarda Snajdr (Kerio)

Messages: 221
Karma: 12
Send a private message to this user
Hello Sam,

we're reading the email addresses from the directory service. The 'saven' value should be an email fetched from Open Directory. Are you sure the email address is entered correctly on your directory server?

Jarda

Previous Topic: Welcome email to new user
Next Topic: Instalace Kerio Workspace 1.0 beta 7
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Nov 23 08:40:20 CET 2017

Total time taken to generate the page: 0.00501 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.