The mailing list for listmasters using Sympa

[Andreas Hubert <address@concealed>]

okay, I just found the Data Source Setup and now I am able to have all my nested groups created automatically as mailinglists!

Just LDAP over SSL would be a nice to have thing to have ...

Am 15.05.2015 um 15:02 schrieb Andreas Hubert <address@concealed>:

Hi Steve,

it explains why it does not work, but how it would work then? :)
Should I edit the config file directly, for example at
/var/lib/sympa/list_data/it-members/config

and put there a member_include followed my the ldap query?
like this:
member_include
include_ldap_query
   host server1:389,server2:389
   user cn=sympa,cn=Users,dc=int,dc=domain,dc=com
   passwd thePass
   timeout 20
   suffix dc=int,dc=domain,dc=com
   scope sub
   attrs mail
   select first
   filter (&(objectCategory=user) (memberOf=CN=ITGuysGroup,OU=IT-Services,OU=Departments,OU=Groups,DC=int,DC=domain,DC=com))

I also asked in another mail to the mailinglist, what I have to do, to make SSL work with these LDAP queries. It works for authentication bot not for these queries and it looks like there is an incosistency about the SSL options.

Thanks
Andreas

Am 13.05.2015 um 23:15 schrieb Steve Shipway <address@concealed>:

Under Sympa 6.1, the owner and editor includes are done via the .incl files, but the membership is done explicitly (IE not using a .incl but having the lines directly in the config file).  This is something I wish were consistent - we'd really like to be able to use .incl files with members.  So, there is no member-include directive corresponding to the owner-include etc.

Does this explain the issue?

Steve

Steve Shipway
University of Auckland ITS
UNIX Systems Design Lead
address@concealed
Ph: +64 9 373 7599 ext 86487

From: Andreas Hubert [address@concealed]
Sent: Wednesday, 13 May 2015 7:48 p.m.
To: Steve Shipway
Cc: address@concealed
Subject: Re: [sympa-users] question to member_include via ldap

Hi Steve,

maybe I wasn’t clear enough, but the LDAP search works absolutely fine. The problem is that in my list config, it just works with owner_include but not with member_include. I want the LDAP search results as subscribers, not as list owners, so I have no idea how and where to change that.

Thanks for help
Andreas

Am 13.05.2015 um 09:42 schrieb Steve Shipway <address@concealed>:

Sympa is not so helpful with feedback if an external datasource does not work
as intended.

Particularly with LDAP, if you have a slight error in your filter then you'll
end up with nothing imported... errors in the credentials and SSL definition
can also end up with either a generic synchronisation failure message, or just
nothing being loaded.

I once spent ages trying to work out what was wrong with my LDAP credentials,
and it turned out to be a single . in the filter that was misplaced.

Possibly, a log entry should be created if an external datasource sync results
in zero members or an error?

Steve

Steve Shipway
address@concealed

Andreas Hubert
IT-Services


censhare AG
Paul-Gerhardt-Allee 50
81245 München
Germany Fon +49 89 568236-302
Fax +49 89 568236-501
http://www.censhare.com
Vorstand: Walter Bauer, Robert Motzke, Dieter Reichert, Stephan Wehselau
Aufsichtsratsvorsitzender: Matthias Zimmermann
Handelsregister: Amtsgericht München HRB 140617
USt-ID: DE219222021

Andreas Hubert
IT-Services


censhare AG
Paul-Gerhardt-Allee 50
81245 München
Germany Fon +49 89 568236-302
Fax +49 89 568236-501
http://www.censhare.com
Vorstand: Walter Bauer, Robert Motzke, Dieter Reichert, Stephan Wehselau
Aufsichtsratsvorsitzender: Matthias Zimmermann
Handelsregister: Amtsgericht München HRB 140617
USt-ID: DE219222021

Andreas Hubert
IT-Services

censhare AG Paul-Gerhardt-Allee 50 81245 München Germany

Fon +49 89 568236-302 Fax +49 89 568236-501 http://www.censhare.com

Vorstand: Walter Bauer, Robert Motzke, Dieter Reichert, Stephan Wehselau Aufsichtsratsvorsitzender: Matthias Zimmermann Handelsregister: Amtsgericht München HRB 140617 USt-ID: DE219222021

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail