View Issue Details

IDProjectCategoryView StatusLast Update
0001832SOGoBackend Generalpublic2012-06-18 17:26
Reporterrelu_parfene Assigned Toludovic  
Status closedResolutionfixed 
Product Version1.3.16 
Target Version1.3.17Fixed in Version1.3.17 
Summary0001832: Broken password change in LDAP resulting no login to SOGo

I updated to version 1.3.16 and everything went perfectly, except change
the password (I have users in LDAP). After changing the password from
the web interface I can not read emails, contacts and do not see any
events in calendars. After getting out of the web interface I can not
log in with new password nor with the old one. Apparently the password
is changed to something not related to password inserted by me.

TagsNo tags attached.




2012-06-09 07:45

reporter   ~0004034

Whats the userPasswordAlgorithm you are using?



2012-06-09 09:52

reporter   ~0004035

I updated again to version 1.3.16 and I did the tests again, this time more carefully. In my 1.3.15a configuration userPasswordAlgorithm was not configured, so passwords were stored in clear text. After upgrading to 1.3.16 LDAP passwords was saved in the form {none}clear_text_password. This has screwed up my authentication for Dovecot, which is authenticated on the same LDAP. Thus, the web interface started with a long timeout caused by mail module. However , I noticed that the contacts and calendars were functional. After I configured userPasswordAlgorithm to ssha or crypt I noticed that I could successfully change the password. I still have problems with some encryption algorithms and Dovecot but that's another story. So my new conclusion is that is not a bug, but a feature. Sorry for the confusion that I created.



2012-06-09 11:46

reporter   ~0004036

If you want to store the passwords in clear text just use "plain" as userPasswordAlgorithm.
As a side note, if the passwords are stored as {scheme}pass (as it is with 1.3.16), dovecot should be able to authenticate the users (as long as the scheme is known)

Hans de Groot

Hans de Groot

2012-06-11 08:28

reporter   ~0004039

Hi. I am trying the crypt-md5 and it's not working.
I copied my crypted password from /etc/shadow and looks something like this:


When using


I can login and do every thing until I change the passsword. than it becomes a short crypt password.

This sort of feels like readonly crypt-md5 support.

Now version 1.3.16 is supposed to have real crypt-md5 support, but when I change my config to


Cannot login.

I tried with prependEncryptionScheme YES and NO

I of course use mysql authentication, not ldap.

Am I doing something wrong here? Or is it a bug?



2012-06-11 08:30

reporter   ~0004040

Try md5-crypt. This is a documentation mistake.

Hans de Groot

Hans de Groot

2012-06-11 09:29

reporter   ~0004041

Last edited: 2012-06-11 09:30

Thanks. That did the trick. now it is working :-) (login and password change)



2012-06-11 12:51

administrator   ~0004042

Re-opening the issue since it's a documentation mistake.



2012-06-18 17:26

administrator   ~0004070


Issue History

Date Modified Username Field Change
2012-06-09 06:05 relu_parfene New Issue
2012-06-09 07:45 the_nic Note Added: 0004034
2012-06-09 09:52 relu_parfene Note Added: 0004035
2012-06-09 11:46 the_nic Note Added: 0004036
2012-06-11 08:28 Hans de Groot Note Added: 0004039
2012-06-11 08:30 the_nic Note Added: 0004040
2012-06-11 09:29 Hans de Groot Note Added: 0004041
2012-06-11 09:30 Hans de Groot Note Edited: 0004041
2012-06-11 11:04 Christian Mack Status new => closed
2012-06-11 11:04 Christian Mack Resolution open => no change required
2012-06-11 12:51 ludovic Target Version => 1.3.17
2012-06-11 12:51 ludovic Note Added: 0004042
2012-06-11 12:52 ludovic Status closed => acknowledged
2012-06-18 17:26 ludovic Note Added: 0004070
2012-06-18 17:26 ludovic Status acknowledged => resolved
2012-06-18 17:26 ludovic Fixed in Version => 1.3.17
2012-06-18 17:26 ludovic Resolution no change required => fixed
2012-06-18 17:26 ludovic Assigned To => ludovic
2012-06-18 17:26 ludovic Status resolved => closed