General discussion on installation and configuration of SOGo

Text archives Help

Re: [SOGo] Adding users via Windows Admin Tools doesn't work

Chronological Thread 
  • From: Rowland Penny < >
  • To:
  • Subject: Re: [SOGo] Adding users via Windows Admin Tools doesn't work
  • Date: Tue, 11 Aug 2015 16:08:11 +0100

On 10/08/15 20:38, Gerald Brandt wrote:
Hi Rowland,

I changed dovecots ldap file to the following:

# cat /etc/dovecot/dovecot-ldap.conf.ext

hosts =
dn = cn=administrator,cn=Users,dc=erlphase,dc=com
dnpass = xxxx
base = cn=Users,dc=erlphase,dc=com
auth_bind = yes
pass_filter = (samaccountname=%n)
user_filter = (samaccountname=%n)
user_attrs = cn=home=/var/spool/dovecot/%$

And I can now log in via IMAP and Web nicely.  However, sending email locally has issues.  If I send to , I see the following in the logs:

Aug 10 14:33:01 pdc postfix/cleanup[2138]: 4422DE10FF: message-id=<654-55c8fc80-3-57a4d200@35647971>
Aug 10 14:33:01 pdc postfix/qmgr[1236]: 4422DE10FF: from=< >, size=502, nrcpt=2 (queue active)
Aug 10 14:33:01 pdc postfix/smtpd[2036]: disconnect from localhost[]
Aug 10 14:33:01 pdc dovecot: lmtp(2145): Connect from
Aug 10 14:33:01 pdc dovecot: auth: ldap( , unknown user
Aug 10 14:33:01 pdc dovecot: lmtp(2146): Connect from
Aug 10 14:33:01 pdc dovecot: auth: ldap( , unknown user
Aug 10 14:33:01 pdc postfix/lmtp[2143]: 4422DE10FF: to=< >, orig_to=< >, relay=[]:24, delay=0.13, delays=0.09/0.02/0.01/0.01, dsn=5.1.1, status=bounced (host[] said: 550 5.1.1 < > User doesn't exist: (in reply to RCPT TO command))

It takes the user 'gbr' and tries to send to firstname (Gerald) and lastname (Brandt) as separate users.


On 2015-07-25 03:12 AM, Rowland Penny wrote:
On 24/07/15 23:03, Gerald Brandt wrote:

On 2015-07-24 03:44 PM, Rowland Penny wrote:
On 24/07/15 19:13, Gerald Brandt wrote:

On 2015-07-24 10:57 AM, Rowland Penny wrote:
On 24/07/15 16:17, Gerald Brandt wrote:

I added two users to my SAMBA/SOGo/Openchange server via the Windows tools from Windows 7.  I then went to the Linux server and ran opechnage_newuser -- create user.

When the user connects via Outlook (2003), they can send and receive emails, calendar, etc.

When the user connects via IMAP, they can't login.  Dovecot can't find the user in LDAP.

When the user connects voa the SOGo web interface, login takes awhile, and the user is presented with no email folders.

I added a user with samba-tool user add and the openchange_newuser --create, and all three (Outlook, IMAP, and web) work perfectly.

Should I file a bug report with Openchnage on this?  With SOGo?


Hi, can you post you dovecot ldap conf file (suitably sanitized of course) also what version of samba4 you are using.



I'm using everything from the inverse repo.  Dovecot authorizes fine when I use samba-tool to add a user.  Samba version is 4.1.18. 

I use a script to build my Samba/SOGo/Openchange install.  You can see my script at . It has every config file I use.

Here's my dovecot.conf

# Enable installed protocols
!include_try /usr/share/dovecot/protocols.d/*.protocol


disable_plaintext_auth = yes
auth_master_user_separator = *
auth_mechanisms = plain login

# master users
#passdb {
#  driver = passwd-file
#  master = yes
#  args = /etc/dovecot/master-users

  # Unless you're using PAM, you probably still want the destination user to
  # be looked up from passdb that it really exists. pass=yes does that.
  #pass = yes

# ldap users
passdb {
  driver = ldap
  args = /etc/dovecot/dovecot-ldap.conf.ext

userdb {
  driver = ldap
  args = /etc/dovecot/dovecot-ldap.conf.ext

# trust on
passdb {
 driver = static
 args = nopassword=y allow_nets=

auth_verbose = yes
mail_debug = no
plugin {
  # Events to log. Also available: flag_change append
  #mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  # Available fields: uid, box, msgid, from, subject, size, vsize, flags
  # size and vsize are available only for expunge and copy events.
  #mail_log_fields = uid box msgid size

mail_location = maildir:~/maildir
mail_uid = vmail
mail_gid = vmail
mail_plugins = acl quota

namespace {
  type = private
  separator = /
  prefix =
  inbox = yes

  mailbox INBOX {
    auto = create
namespace {
  type = shared
  separator = /
  prefix = shared/%%u/
  location = maildir:%%h/maildir:INDEX=~/maildir/shared/%%u
  subscriptions = no
  list = children

service imap-login {
  inet_listener imap {
    #port = 143
  inet_listener imaps {
    #port = 993
    ssl = yes
  # this is suboptimal since imap and imaps will also accept nopass
  inet_listener imap-nopass {
    port = 144

service pop3-login {
  inet_listener pop3 {
    #port = 110
  inet_listener pop3s {
    #port = 995
    #ssl = yes
service lmtp {
  unix_listener lmtp {
    #mode = 0666
  # Create inet listener only if you can't use the above UNIX socket
  inet_listener lmtp {
    # Avoid making LMTP visible for the entire internet
    address =
    port = 24
service imap {
  executable = imap postlogin
service auth {
  # auth_socket_path points to this userdb socket by default. It's typically
  # used by dovecot-lda, doveadm, possibly imap process, etc. Its default
  # permissions make it readable only by root, but you may need to relax these
  # permissions. Users that have access to this socket are able to get a list
  # of all usernames and get results of everyone's userdb lookups.
  unix_listener /var/spool/postfix/private/auth {
    mode = 0660
    user = postfix
    group = postfix
service postlogin {
  executable = script-login -d rawlog
  unix_listener postlogin {

# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
ssl = yes
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem

quota_full_tempfail = yes
protocol lda {
  # Space separated list of plugins to load (default is global mail_plugins).
  #mail_plugins = $mail_plugins

protocol imap {
  mail_plugins = $mail_plugins autocreate imap_acl imap_quota
protocol lmtp {
  mail_plugins = $mail_plugins sieve

service managesieve-login {
  inet_listener sieve {
    port = 4190
    address =
service managesieve {
protocol sieve {

plugin {
  acl = vfile
  acl_shared_dict = file:/var/spool/dovecot/shared-mailboxes.db

  quota_rule = *:storage=2G
  quota_rule2 = Trash:storage=+100M
  quota = dict:::file:%h/dovecot-quota

  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve

  autocreate = Trash
  autosubscribe = Trash
  autocreate2 = Drafts
  autosubscribe2 = Drafts
  autocreate3 = Sent

and here's my dovecot ldap conf:

hosts =
dn = cn=administrator,cn=Users,dc=xxx,dc=com
dnpass = xxxx
base = cn=Users,dc=xxx,dc=com
auth_bind = yes
pass_filter = (cn=%n)
user_filter = (cn=%n)
user_attrs = cn=home=/var/spool/dovecot/%$


Hmm, there doesn't seem to be anything really strange there, I 'might' have an idea, but to confirm it, can you post the exact samba-tool command you are using to create users.



samba-tool user add test
openchange_newuser --create test

The above commands give me a user that has great access via Outlook, IMAP, and web.


OK, this is what I 'think' is happening, when you create a user on windows, you enter the users first name, last name etc, with samba-tool you are just supplying the username. So if you were creating a user called 'Test User' on windows, you would end up with the cn of 'Test User' whilst creating the same user with samba-tool, you would end up with the cn of 'Test'. This is probably your problem, you are using 'cn' in your dovecot ldap conf, so it is looking for a 'cn' that may not exist in the format you think, try changing 'cn' to 'samaccountname'


Hi, are trying to do local and virtual mail deliver ?
I am a bit out of touch with postfix/dovecot, but this may point you in the right direction:

It might help if could post your postfix


Archive powered by MHonArc 2.6.18.

Top of page