Christian Renardy | 19 Dec 11:07 2014
Picon

Session write problem

Hello everyone,
I just installed lam on my debian machine (running deb7, PHP 5.4.4 and Apache 2.2.22, apacheds).
Trying to configure server settings, passwords etc. is not working with the following errors (php notice and warning),
sess and tmp folder a www-data owned and got 700 rights, I do see sess****** files in there eventually.

[Fri Dec 19 10:56:32 2014] [error] [client xxx] PHP Notice:  A session had already been started - ignoring session_start() in /usr/share/ldap-account-manager/templates/config/mainlogin.php on line 42, referer: http://example.de/lam/templates/config/mainlogin.php
[Fri Dec 19 10:56:32 2014] [error] [client xxx] PHP Stack trace:, referer: http://example.de/lam/templates/config/mainlogin.php
[Fri Dec 19 10:56:32 2014] [error] [client xxx] PHP   1. {main}() /usr/share/ldap-account-manager/templates/config/mainmanage.php:0, referer: http://example.de/lam/templates/config/mainlogin.php
[Fri Dec 19 10:56:32 2014] [error] [client xxx] PHP   2. require() /usr/share/ldap-account-manager/templates/config/mainmanage.php:54, referer: http://example.de/lam/templates/config/mainlogin.php
[Fri Dec 19 10:56:32 2014] [error] [client xxx] PHP   3. session_start() /usr/share/ldap-account-manager/templates/config/mainlogin.php:42, referer: http://example.de/lam/templates/config/mainlogin.php
[Fri Dec 19 10:56:32 2014] [error] [client xxx] PHP Warning:  Unknown: open(../../sess/sess_te8anxxxxxxxxxx, O_RDWR) failed: No such file or directory (2) in Unknown on line 0, referer: http://example.de/lam/templates/config/mainlogin.php
[Fri Dec 19 10:56:32 2014] [error] [client xxx] PHP Stack trace:, referer: http://example.de/lam/templates/config/mainlogin.php
[Fri Dec 19 10:56:32 2014] [error] [client xxx] PHP   1. {main}() /usr/share/ldap-account-manager/templates/config/mainmanage.php:0, referer: http://example.de/lam/templates/config/mainlogin.php
[Fri Dec 19 10:56:32 2014] [error] [client xxx] PHP Warning:  Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/usr/share/ldap-account-manager/templates/config/../../sess) in Unknown on line 0, referer: http://example.de/lam/templates/config/mainlogin.php
[Fri Dec 19 10:56:32 2014] [error] [client xxx] PHP Stack trace:, referer: http://example.de/lam/templates/config/mainlogin.php
[Fri Dec 19 10:56:32 2014] [error] [client xxx] PHP   1. {main}() /usr/share/ldap-account-manager/templates/config/mainmanage.php:0, referer: http://example.de/lam/templates/config/mainlogin.php

Got some idea? Looks like some kind of locking error and no check whether the session is already set.

Happy holidays,
Chris
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public
Guillaume Pierre | 8 Dec 10:09 2014
Picon

Lam does not recognize legitim Nginx user

Hi

I’m new to lam, and I think it’s a great idea. I’m using a virtual machin (from Osx Virtual Box binary) running Ubuntu 14.04.1 LTS 
But I have some concerns (actually there are 3 main issues, but I’ll do 3 different requests). 

Here is the main problem I encounter :

I use Nginx ax a web server. It is using the user « nginx » to launch kid processes. Here is some infos about that : 

sudo lsof -nP -i | grep LISTEN
nginx     2997      root    6u  IPv4 134392      0t0  TCP *:80 (LISTEN)
nginx     2997      root    7u  IPv4 134393      0t0  TCP *:8080 (LISTEN)
nginx     2997      root    8u  IPv4 134394      0t0  TCP *:12345 (LISTEN)
nginx     2997      root    9u  IPv4 134395      0t0  TCP *:34567 (LISTEN)
nginx     2998     nginx    6u  IPv4 134392      0t0  TCP *:80 (LISTEN)
nginx     2998     nginx    7u  IPv4 134393      0t0  TCP *:8080 (LISTEN)
nginx     2998     nginx    8u  IPv4 134394      0t0  TCP *:12345 (LISTEN)
nginx     2998     nginx    9u  IPv4 134395      0t0  TCP *:34567 (LISTEN)

In the other hand, Lam is running but ONLY when everything is CHMOD 777 … which is not what I’m looking as you can expect.

First issue : if I omit to put 777 on var/sess/ and var/tmp/ , I just CANT access anything. Here is a screenshot :



Second issue : if I do chmod 777 both files (var/sess/ and var/tmp/ ) I get an access, but many errors : 


Actually, there is A LOT of « Upgrade Failed » 
But, I have to say that I can connect to the BerkeleyDB trough LDAP.
(I’have not been able yet to set any data… Lam give me strange alerts, and always complain about missing element. But, as I’m a very newby with LDAP, I dont know at this time if me or Lam is the fault. I’ll see later.)

Anyway, if I chmod 777 the whole Lam directory, every error suddenly disappear...

Does anyone have an idea on how I can tell Lam that the nginx user, who own Lam files, IS actually the legitim web server user?

Thank you.

------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public
Abel Guzman | 5 Dec 08:13 2014
Picon

About integration with smbldap-tools

Good day,
I am be very interested in using LAM for the end user to manage their 
own accounts.
I have used smbldap-tools a few times for my networking servers.
So right now I am trying to use LAM to create the users instead of the 
console commands that smbldap-tools provides, but I am failing.
Is there any previous experience on that regard?
I have both of them installed and if I use LAM to create the users, but 
they can not use the network services.
Regards
Abel

------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
Michael Stevens | 1 Dec 19:08 2014

Not getting uidNumber automatically assigned when creating new users

Using the “New user” button from the “Users” tab … I’m just getting started with lam, this
wasn’t previously working and broke. My UNIX users module settings are 

Fixed range
min 10000
max 30000

Our existing hid assignments are reasonable, my next available uid is within the range specified above.
Everything else appears to be configured correctly looking at the tree view and the Users and Groups
module tabs.
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
Detlev Habicht | 1 Dec 12:14 2014
Picon
Picon

Feature Request

Hello,

when i am creating UNIX accounts i want to see the used UIDs.

It is possible to implement something to see used UIDs???
(While i am working in the UNIX area.)

Greetings

Detlev

--
  Detlev  | Institut fuer Mikroelektronische Systeme
  Habicht | D-30167 Hannover +49 511 76219662 habicht-z4aLgj2Nwzb1qYPpFx2fzhvVK+yQ3ZXh@public.gmane.org
  --------+-------- Handy    +49 172 5415752  ---------------------------



------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public
mourik jan heupink | 1 Dec 10:46 2014
Picon

msSFU30MaxUidNumber using lam

Hi,

A small question: How does lam determine the next available uidNumber?

Using ADUC, the last used number is stored in msSFU30MaxUidNumber
(http://msdn.microsoft.com/en-us/library/cc220531.aspx), to be found here:
CN=<lowercase workgroup
name>,CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,DC=example,DC=com

This works nicely, and the users we create using ADUC all get a unique, 
new uidNumber. Contrary: Users that we create in LAM get a duplicate
(already used) uidNumber. So we have to manually edit those.

Our question: Would it be possible for lam to take into account the last 
used uidNumber (from msSFU30MaxUidNumber) and use
(msSFU30MaxUidNumber+1) when creating a new user?

Kind regards,
Mourik Jan

------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
Roland Gruber | 29 Nov 16:54 2014
Picon

Re: CAS authentication

Hi Stéphane,

unfortunately, CAS support is not that easy because of licensing
problems. phpCAS is licensed under Apache license which is not
compatible with LAM's GPL. There also seems to be no other PHP library
that is available as e.g. (L)GPL.

Do you have any experience with mod_auth_cas in Apache? Maybe this could
be used.

Best regards

Roland

On 01.08.2014 11:04, Stéphane wrote:
> Hi Roland,
> 
> Sorry for my "timeout" ! The holidays have started for me... :-)
>> If you did any special configuration on CAS side this would be interesting.
> Nope, I think our CAS server respects the guidelines ; we even published
> it under a CeCILL licence 3 or 4 years ago !
> It has certainly a little bit evolved but the developper is still quite
> an integrist :-P
> 
>> CAS will also be available in the free version.
> That sounds really Great :)
> 
>> I can give you a 50% discount coupon for your non-profit organization.
>> Please provide me your web address if this is an option for you.
> Thanks !
> 
> I'll talk about it with with boss when he'll come back from holidays. If
> we buy a license in September, will we able to upgrade to 4.8 when it'll
> be released ? I've also developped specific classes for my needs
> (groupOfNames and a specific iNetOrgPerson), I'll be especially
> interested to compare your groupdOfNames version and mine, yours is
> certainly more successful :)
> 
> If it is not yet done, have great holidays !
> I'll come back to you in the beginning of september ;-)
> 
> Best regards
> --
> Stéphane
> 
> Le 23/07/2014 17:52, Roland Gruber a écrit :
>> Hi Stéphane,
>>
>> On 23.07.2014 10:43, Stéphane wrote:
>>> Originally, I'd like to use LDAP Account Manager in my compagnie to
>>> manage one Open LDAP directory. Since it was impossible to think about
>>> it without the CAS login function (global administrator requirement),
>>> I've implemented this function and share all this. I'm glad to see it'll
>>> be soon available :) If you want, I may give you all the code I've done
>>> ? I've done some improvments, maybe It will help you to save you some
>>> time ? 
>> the PHP code is ok. I will implement a more generic approach to allow
>> future extensions. So I just needed the basic ideas.
>>
>> If you did any special configuration on CAS side this would be interesting.
>>
>>
>>> Lastly a little question... will this feature only available in the Pro
>>> version ?
>> CAS will also be available in the free version.
>>
>>
>>> except the CAS login function, the only other function I need
>>> to deploy LAM is to hide/readonly/no new entry/forbid delete on Active
>>> account types (conftypes.php).
>> This is a feature that is only available in LAM Pro.
>>
>>
>>> My compangie is not a huge trust, we're
>>> just a tiny non-profit group that provides (everytime it's possible)
>>> opensource tools to healthcare users in public hospitals ... we do not
>>> have huge funds, and most of time we can only give a little bit of our
>>> time... Since those two functions are only available in Pro version, do
>>> you think it may be possible to have an official licence ? 
>> I can give you a 50% discount coupon for your non-profit organization.
>> Please provide me your web address if this is an option for you.
>>
>>
> 
> 

------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public
jc | 25 Nov 07:30 2014

help

help

Get your own FREE website, FREE domain & FREE mobile app with Company email.  
Know More >
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public
jc | 25 Nov 07:30 2014

hepl

???

Get your own FREE website, FREE domain & FREE mobile app with Company email.  
Know More >
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public
Florian Stuelpner | 13 Nov 11:05 2014

Wrong password message

Hello Team,

I've configured a Samba 4.1.13 (on a Debian 8 Beta 2 Jessie VM) and the
LDAP-Account-Manager(version: 4.7.1). After that I created a new
profile. I used this settings:

Server settings
Server address:ldap://localhost:389 
<https://hiperscan.tecart.de/public/link.php?ldap://localhost:389>
Active TLS: no
Tree suffix: dc=example,dc=net
LDAP search limit: -

Security settings
Login method: Fixed list
List of valid users: cn=Administrator,dc=example,dc=net

Account types:
Users: LDAP-suffix: ou=Users,dc=example,dc=net List attributes:
#cn;#Name;#sn;#DisplayName
Groups: LDAP-suffix: ou=Groups,dc=example,dc=net List attributes:
#cn;#description,#member
Hosts: LDAP-suffix: ou=Computers,dc=example,dc=net List attributes:
#cn;#description

Modules
Users: Windows (windowsUser)(*)
Groups: Windows (windowsGroup)(*)
Hosts: Windows (windowsHosts)(*)

My /etc/ldap/ldap.conf entries:
BASE dc=example,dc=net
URIldap://vdebian8.example.net 
<https://hiperscan.tecart.de/public/link.php?ldap://vdebian8.example.net>
TLS_REQCERT never

My problem is that I can't login as "Administrator". If I try it, I get
this message: Wrong password/user name combination. Please try again.

I've created a log file for warnings and received this entries :
2014-11-12 14:25:59: LDAP Account Manager (efgsdnkkq7hg54lmltlrpe1b30 -
192.168.15.2) - ERROR: User cn=Administrator,dc=example,dc=net
(192.168.15.2) failed to log in (wrong password).

but I use the right pw.

What can be a reason for this problem?

Best regards
Florian Stülpner

------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk
_______________________________________________
Lam-public mailing list
Lam-public <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lam-public
Guruprasad Kulkarni | 7 Nov 22:28 2014

ubuntu 12.04 lam pro objectclass pwdPolicy is not supported by your ldap server

Hi,

I am using ubuntu 12.04LTS with openldap.

I am trying out lam pro and when I run the schema test, I get the following error for password policy:

objectclass pwdPolicy is not supported by your ldap server

I checked online to see if I can enable ppolicy module. 

Some mentioned adding the following line to /etc/ldap.conf
include /etc/ldap/schema/ppolicy.schema

or

moduleload ppolicy.la


While I do not see any errors in syslog saying policy cannot be loaded or found, lam pro says ppolicy is not supported.

If you know of a way to make ppolicy work, please do let me know


-Guruprasad
------------------------------------------------------------------------------
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public

Gmane