After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 521010 - GAL breaks with NTLM patch and openldap
GAL breaks with NTLM patch and openldap
Status: RESOLVED DUPLICATE of bug 500389
Product: Evolution Exchange
Classification: Deprecated
Component: Connector
2.22.x
Other All
: Normal major
: ---
Assigned To: Connector Maintainer
Ximian Connector QA
Depends on:
Blocks:
 
 
Reported: 2008-03-07 16:02 UTC by David Ronis
Modified: 2008-03-08 22:26 UTC
See Also:
GNOME target: ---
GNOME version: 2.21/2.22


Description David Ronis 2008-03-07 16:02:09 UTC 
Please describe the problem:
I've been having problems connecting evolution to our exchange GAL server.  Our IT folks tell me that it requires a secure connection (unlike the connection to the exchange mail files).  Evolution's setup dialog for this account gives me two options, "plaintext" and "secure".  I've tried both.  

In either case, the mail account works, but the GAL breaks (i.e., I never get a response to my lookups).  

By accident I think I've discovered what might be the problem.  I'm building under garnome, and use a local version of openldap, to which I apply the NTLM patch.  A few days ago, I forgot to apply the patch and voila--the GAL lookups started to work.  Reappling the patch and rebuilding (evo & friends too) break it again.

I've monitored the connection attempts with wireshark and can see the NTLM bind failing.  So here's my, guess.  My GAL needs a secure connection; however, it doesn't seem to support NTLM (at least in the evo flavor).  Thus the bind fails, 
and falling back to plaintext fails (again for the gal but not mail).  Presumably, openldap supports other secure bind methods, but evo isn't trying them.

For now, I'm not applying the NTLM patch.


Steps to reproduce:
1. Go to addressbook->Exchange->GAL
2.  enter in a search and push enter
3. 


Actual results:


Expected results:


Does this happen every time?
yes

Other information:
Comment 1 Milan Crha 2008-03-07 18:45:05 UTC 
From my point of view, we should be able to fallback to "simple bind" even when compiled with NTLM patched LDAP, whether on option or by default is a question. But the option seems like the right way.

As David mentioned on the IRC, also an option for password type special for GAL (or for LDAP in general) would be nice too.

What do you think, srag?
Comment 2 Matthew Barnes 2008-03-08 22:26:18 UTC 
Closing this as a dupe and moving the discussion over to bug #500389. I posted a patch there that makes Evolution fall back to a simple bind if an NTLM bind fails. It's suitable for a stable release, but we should really allow the user to choose different authentication methods for an Exchange server versus a Global Catalog server.

*** This bug has been marked as a duplicate of 500389 ***