1

Topic: [SOLVED] Permission Issues after upgrde to 1.5.0

hi,

I have upgraded to 1.5.0 (pro version - LDAP), for day-to-day operations i have a admin account , which manages creation and deletion of emails etc, including passwd resets etc. They are not global admins. Since the upgrade they cannot add or modify anything that falls under their jurisdiction. When they try to create a new email address for a domain which they are admins for they get Permission denied displayed on the webpage of the control panel.

OS: FreeBSD 8.1 64bit


Errors:

1. openldap.log

root@servername.com:/usr/ports/net/openldap24-server/work/openldap-2.4.23/servers/slapd

Dont see any other errors in apache/maillog etc
Attachment shows the error on the control panel page.

Post's attachments

error.bmp 234.52 kb, 4 downloads since 2011-05-03 

You don't have the permssions to download the attachments of this post.

2

Re: [SOLVED] Permission Issues after upgrde to 1.5.0

How did you create new email address? I mean, by clicking which links.

3

Re: [SOLVED] Permission Issues after upgrde to 1.5.0

ZhangHuangbin wrote:

How did you create new email address? I mean, by clicking which links.


Clicking on the users (say 10 users in that domain, so click on that) , then click on user or Add Account and select user , the page will come up saying create user for domain.com.

The same worked well for other versions.

4

Re: [SOLVED] Permission Issues after upgrde to 1.5.0

I have same problem Error: PERMISSION_DENIED
When a domain admin try to create a user account

5

Re: [SOLVED] Permission Issues after upgrde to 1.5.0

I can't reproduce this issue with our demo site (http://demo.iredmail.org/).

Do you both use the official release which i released on May 03?

6

Re: [SOLVED] Permission Issues after upgrde to 1.5.0

ZhangHuangbin wrote:

you both use the official release which i released on May 03?

yes, i just download it and installed yesterday.

7

Re: [SOLVED] Permission Issues after upgrde to 1.5.0

yes, i upgraded today.
Seems like the new or existing domain admin is not allowed : ADD, DELETE or MODIFY the domain it is admin of.

I tried with a new user admin , same thing. I cant run much debug as this is production server.

8

Re: [SOLVED] Permission Issues after upgrde to 1.5.0

Fixed.

- Save below code as file "create_user_permission.patch":

diff -r 60eb05427561 libs/ldaplib/user.py
--- libs/ldaplib/user.py    Wed May 04 15:42:20 2011 +0800
+++ libs/ldaplib/user.py    Wed May 04 16:54:20 2011 +0800
@@ -114,7 +114,7 @@
 
         # Get @domainAccountSetting.
         domainLib = domainlib.Domain()
-        result_domain_profile = domainLib.profile(self.domain)
+        result_domain_profile = domainLib.profile(domain=self.domain)
 
         # Initial parameters.
         domainAccountSetting = {}

- Upload to your server which has iRedAdmin-Pro-LDAP-1.5.0 running. We assume it's /tmp/create_user_permission.patch.
- Change current working directory to root directory of iRedAdmin-Pro-LDAP-1.5.0. e.g.

# cd /var/www/iRedAdmin-Pro-LDAP-1.5.0/

- Verify patch, make sure it can be applied without error:

# patch -p0 --dry-run < /tmp/create_user_permission.patch
patching file libs/ldaplib/user.py

If you got same output message as above, it's safe to apply it with below command. If not, please ***STOP*** here and do ***NOT*** try below command.

- Patch it:

# patch -p0 < /tmp/create_user_permission.patch
patching file libs/ldaplib/user.py

That's all.

Thanks very much for your feedback.