control: severity -1 serious control: notfound -1 1.813 Hi, Wolfgang, thanks for filing this bug! It was useful already, from reading the mails to quickly I thought this bug affected our jessie version..! (and not the stable wheezy release as it's now clear.) Leaving lots of context for the gosa maintainers...: On Samstag, 8. November 2014, Wolfgang Schweer wrote: > > After upgrading a Debian Edu Wheezy main server to the 7.7 point release > > and to d-e-config 1.718 the GOsa² gui fails to connect to LDAP (as > > reported by Giorgio Pioda on the debian-edu mailing list). > > > > The point release included ssl and php5 related changes which might > > cause the issue. > After investigating further it seems to be that the mechanism using > encrypted passwords in gosa.conf is failing now. > > (As far as I know the random cleartext password generated during setup > is encrypted using gosa-encrypt-passwords and a file gosa.secrets is > generated to let apache2 cope with the encrypted passwords.) > > This seems to work getting an upgraded Wheezy main-server working again > (no need to generate a new gosa.conf): > > (1) cat /dev/null > /etc/gosa/gosa.secrets > (2) take the random cleartext password from gosa.conf.orig and put it > instead of the encrypted long one into gosa.conf (actually twice: > adminPassword and snapshotAdminPassword) > (3) restart apache2 > > From a security point of view it's probably more than dubious... > Maybe gosa-encrypt-passwords has to be adjusted. Comments? cheers, Holger
Attachment:
signature.asc
Description: This is a digitally signed message part.