[CalendarServer-users] LDAP configuration problem under debian wheezy
Andre LaBranche
dre at apple.com
Mon Dec 1 10:31:11 PST 2014
Hi,
I’m not positive, but i think your config is malformed. For example, you don’t close the rdnSchema dict.
Have a look at the OpenLDAP section of:
http://trac.calendarserver.org/browser/CalendarServer/trunk/conf/caldavd-test.plist <http://trac.calendarserver.org/browser/CalendarServer/trunk/conf/caldavd-test.plist>
Try re-building your config using the above as a template.
-dre
> On Nov 30, 2014, at 11:32 PM, zero one <list-01 at outlook.de> wrote:
>
> am trying to bind calendarserver to LDAP. The relevant config part is below. Problem: calendarserver does not respond any more (when trying to use a browser, I will get a timeout).
>
> When trying:
>
> su caldavd -p -c "calendarserver_manage_principals --list-principals users“
>
> i will get:
>
> Traceback (most recent call last):
> File "/usr/bin/calendarserver_manage_principals", line 32, in <module>
> main()
> File "/usr/lib/python2.7/dist-packages/calendarserver/tools/principals.py", line 250, in main
> config.directory = getDirectory()
> File "/usr/lib/python2.7/dist-packages/calendarserver/tools/util.py", line 143, in getDirectory
> directory = BaseDirectoryService(config.DirectoryService.params)
> File "/usr/lib/python2.7/dist-packages/twistedcaldav/directory/ldapdirectory.py", line 231, in __init__
> attrSet.add(attr)
> TypeError: unhashable type: 'list'
>
> I double-checked the ldap credentials (the password given below is just a placeholder).
>
> Does anybody have an idea how I can debug this? Thanks for your help!
>
>
>
> === caldav.plist ===
>
> <!-- OpenLDAP Directory Service -->
> <key>DirectoryService</key>
> <dict>
> <key>type</key>
> <string>twistedcaldav.directory.ldapdirectory.LdapDirectoryService</string>
>
> <key>params</key>
> <dict>
> <key>recordTypes</key>
> <array>
> <string>users</string>
> <string>groups</string>
> </array>
> <key>cacheTimeout</key>
> <integer>10</integer>
> <key>uri</key>
> <string>ldap://127.0.0.1:389/</string> <!-- your ldap server url -->
> <key>tls</key>
> <false/>
> <key>tlsCACertFile</key>
> <string></string>
> <key>tlsCACertDir</key>
> <string></string>
> <key>tlsRequireCert</key>
> <string>never</string>
> <key>credentials</key>
> <dict>
> <key>dn</key>
> <string>cn=admin,dc=company,dc=com</string> <!-- dn to auth as -->
> <key>password</key>
> <string>12345</string> <!-- password to auth with -->
> </dict>
> <key>rdnSchema</key>
> <dict>
> <key>base</key>
> <string>dc=company,dc=com</string> <!-- your base dn -->
> <key>guidAttr</key>
> <string>uid</string> <!-- LDAP attribute used for GUIDs -->
> <key>users</key>
> <dict>
> <key>rdn</key>
> <string>ou=people</string> <!-- dn for users (relative to base dn) -->
> <key>mapping</key>
> <dict>
> <key>recordName</key>
> <string>uid</string>
> <key>fullName</key>
> <string>cn</string>
> <key>emailAddresses</key>
> <array>
> <string>mail</string>
> </array>
> <key>firstName</key>
> <string>sn</string>
> <key>lastName</key>
> <string>givenName</string>
> </dict>
> </dict>
> <key>groups</key>
> <dict>
> <key>rdn</key>
> <string>ou=groups</string> <!-- dn for groups (relative to base dn) -->
> <key>mapping</key>
> <dict>
> <key>recordName</key>
> <string>cn</string>
> <key>fullName</key>
> <string>cn</string>
> <key>emailAddresses</key>
> <array>
> <string>mail</string>
> </array>
> <key>firstName</key>
> <string></string>
> <key>lastName</key>
> <string></string>
> </dict>
> </dict>
> </dict>
> <key>groupSchema</key>
> <dict>
> <key>membersAttr</key>
> <string>uniqueMember</string> <!-- LDAP attribute which indicates members of a group -->
> <key>nestedGroupsAttr</key>
> <string></string>
> <key>memberIdAttr</key>
> <string></string>
> </dict>
> <key>resourceSchema</key>
> <dict>
> <key>resourceInfoAttr</key>
> <string></string>
> <key>autoScheduleAttr</key>
> <string></string>
> <key>autoScheduleEnabledValue</key>
> <string></string>
> <key>proxyAttr</key>
> <string></string>
> <key>readOnlyProxyAttr</key>
> <string></string>
> </dict>
> </dict>
> </dict>
> _______________________________________________
> calendarserver-users mailing list
> calendarserver-users at lists.macosforge.org
> https://lists.macosforge.org/mailman/listinfo/calendarserver-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/calendarserver-users/attachments/20141201/ea74e3cd/attachment-0001.html>
More information about the calendarserver-users
mailing list