[CalendarServer-users] LDAP configuration problem under debian wheezy

Andre LaBranche dre at apple.com
Mon Dec 1 10:31:11 PST 2014 

Hi,

I’m not positive, but i think your config is malformed. For example, you don’t close the rdnSchema dict.

Have a look at the OpenLDAP section of:

http://trac.calendarserver.org/browser/CalendarServer/trunk/conf/caldavd-test.plist <http://trac.calendarserver.org/browser/CalendarServer/trunk/conf/caldavd-test.plist>

Try re-building your config using the above as a template.

-dre


> On Nov 30, 2014, at 11:32 PM, zero one <list-01 at outlook.de> wrote:
> 
>  am trying to bind calendarserver to LDAP.  The relevant config part is below. Problem: calendarserver does not respond any more (when trying to use a browser, I will get a timeout).
> 
> When trying:
> 
> su caldavd -p -c "calendarserver_manage_principals --list-principals users“
> 
> i will get:
> 
> Traceback (most recent call last):
>   File "/usr/bin/calendarserver_manage_principals", line 32, in <module>
>     main()
>   File "/usr/lib/python2.7/dist-packages/calendarserver/tools/principals.py", line 250, in main
>     config.directory = getDirectory()
>   File "/usr/lib/python2.7/dist-packages/calendarserver/tools/util.py", line 143, in getDirectory
>     directory = BaseDirectoryService(config.DirectoryService.params)
>   File "/usr/lib/python2.7/dist-packages/twistedcaldav/directory/ldapdirectory.py", line 231, in __init__
>     attrSet.add(attr)
> TypeError: unhashable type: 'list'
> 
> I double-checked the ldap credentials (the password given below is just a placeholder). 
> 
> Does anybody have an idea how I can debug this? Thanks for your help!
> 
> 
> 
> === caldav.plist ===
> 
> <!--  OpenLDAP Directory Service -->
>     <key>DirectoryService</key>
>     <dict>
>       <key>type</key>
>       <string>twistedcaldav.directory.ldapdirectory.LdapDirectoryService</string>
> 
>       <key>params</key>
>       <dict>
>         <key>recordTypes</key>
>         <array>
>            <string>users</string>
>            <string>groups</string>
>         </array>
>         <key>cacheTimeout</key>
>         <integer>10</integer>
>         <key>uri</key>
>         <string>ldap://127.0.0.1:389/</string> <!-- your ldap server url -->
>         <key>tls</key>
>         <false/>
>         <key>tlsCACertFile</key>
>         <string></string>
>         <key>tlsCACertDir</key>
>         <string></string>
>         <key>tlsRequireCert</key>
>         <string>never</string>
>         <key>credentials</key>
>         <dict>
>           <key>dn</key>
>           <string>cn=admin,dc=company,dc=com</string> <!-- dn to auth as -->
>           <key>password</key>
>           <string>12345</string> <!-- password to auth with -->
>         </dict>
>         <key>rdnSchema</key>
>         <dict>
>           <key>base</key>
>           <string>dc=company,dc=com</string> <!-- your base dn -->
>           <key>guidAttr</key>
>           <string>uid</string> <!-- LDAP attribute used for GUIDs -->
>           <key>users</key>
>           <dict>
>             <key>rdn</key>
>             <string>ou=people</string> <!-- dn for users (relative to base dn) -->
>             <key>mapping</key>
>             <dict>
>                 <key>recordName</key>
>                 <string>uid</string>
>                 <key>fullName</key>
>                 <string>cn</string>
>                 <key>emailAddresses</key>
>                 <array>
>                     <string>mail</string>
>                 </array>
>                 <key>firstName</key>
>                 <string>sn</string>
>                 <key>lastName</key>
>                 <string>givenName</string>
>             </dict>
>           </dict>
>           <key>groups</key>
>           <dict>
>             <key>rdn</key>
>             <string>ou=groups</string> <!-- dn for groups (relative to base dn) -->
>             <key>mapping</key>
>             <dict>
>                 <key>recordName</key>
>                 <string>cn</string>
>                 <key>fullName</key>
>                 <string>cn</string>
>                 <key>emailAddresses</key>
>                 <array>
>                     <string>mail</string>
>                 </array>
>                 <key>firstName</key>
>                 <string></string>
>                 <key>lastName</key>
>                 <string></string>
>             </dict>
>           </dict>
>         </dict>
>         <key>groupSchema</key>
>         <dict>
>           <key>membersAttr</key>
>           <string>uniqueMember</string> <!-- LDAP attribute which indicates members of a group -->
>           <key>nestedGroupsAttr</key>
>           <string></string>
>           <key>memberIdAttr</key>
>           <string></string>
>         </dict>
>         <key>resourceSchema</key>
>         <dict>
>          <key>resourceInfoAttr</key>
>          <string></string>
>          <key>autoScheduleAttr</key>
>          <string></string>
>          <key>autoScheduleEnabledValue</key>
>          <string></string>
>          <key>proxyAttr</key>
>          <string></string>
>          <key>readOnlyProxyAttr</key>
>          <string></string>
>         </dict>
>       </dict>
>     </dict>   		 	   		  
> _______________________________________________
> calendarserver-users mailing list
> calendarserver-users at lists.macosforge.org
> https://lists.macosforge.org/mailman/listinfo/calendarserver-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/calendarserver-users/attachments/20141201/ea74e3cd/attachment-0001.html>

More information about the calendarserver-users mailing list