General discussion on installation and configuration of SOGo

Text archives Help


Re: [SOGo] Adding users via Windows Admin Tools doesn't work


Chronological Thread 
  • From: Rowland Penny < >
  • To:
  • Subject: Re: [SOGo] Adding users via Windows Admin Tools doesn't work
  • Date: Tue, 11 Aug 2015 16:08:11 +0100

On 10/08/15 20:38, Gerald Brandt wrote:
Hi Rowland,

I changed dovecots ldap file to the following:

# cat /etc/dovecot/dovecot-ldap.conf.ext

hosts = 127.0.0.1:389
dn = cn=administrator,cn=Users,dc=erlphase,dc=com
dnpass = xxxx
base = cn=Users,dc=erlphase,dc=com
auth_bind = yes
pass_filter = (samaccountname=%n)
user_filter = (samaccountname=%n)
user_attrs = cn=home=/var/spool/dovecot/%$

And I can now log in via IMAP and Web nicely.  However, sending email locally has issues.  If I send to , I see the following in the logs:

Aug 10 14:33:01 pdc postfix/cleanup[2138]: 4422DE10FF: message-id=<654-55c8fc80-3-57a4d200@35647971>
Aug 10 14:33:01 pdc postfix/qmgr[1236]: 4422DE10FF: from=< >, size=502, nrcpt=2 (queue active)
Aug 10 14:33:01 pdc postfix/smtpd[2036]: disconnect from localhost[127.0.0.1]
Aug 10 14:33:01 pdc dovecot: lmtp(2145): Connect from 127.0.0.1
Aug 10 14:33:01 pdc dovecot: auth: ldap( ,127.0.0.1): unknown user
Aug 10 14:33:01 pdc dovecot: lmtp(2146): Connect from 127.0.0.1
Aug 10 14:33:01 pdc dovecot: auth: ldap( ,127.0.0.1): unknown user
Aug 10 14:33:01 pdc postfix/lmtp[2143]: 4422DE10FF: to=< >, orig_to=< >, relay=127.0.0.1[127.0.0.1]:24, delay=0.13, delays=0.09/0.02/0.01/0.01, dsn=5.1.1, status=bounced (host 127.0.0.1[127.0.0.1] said: 550 5.1.1 < > User doesn't exist: (in reply to RCPT TO command))



It takes the user 'gbr' and tries to send to firstname (Gerald) and lastname (Brandt) as separate users.

Gerald


On 2015-07-25 03:12 AM, Rowland Penny wrote:
On 24/07/15 23:03, Gerald Brandt wrote:


On 2015-07-24 03:44 PM, Rowland Penny wrote:
On 24/07/15 19:13, Gerald Brandt wrote:

On 2015-07-24 10:57 AM, Rowland Penny wrote:
On 24/07/15 16:17, Gerald Brandt wrote:
Hi,

I added two users to my SAMBA/SOGo/Openchange server via the Windows tools from Windows 7.  I then went to the Linux server and ran opechnage_newuser -- create user.

When the user connects via Outlook (2003), they can send and receive emails, calendar, etc.

When the user connects via IMAP, they can't login.  Dovecot can't find the user in LDAP.

When the user connects voa the SOGo web interface, login takes awhile, and the user is presented with no email folders.


I added a user with samba-tool user add and the openchange_newuser --create, and all three (Outlook, IMAP, and web) work perfectly.

Should I file a bug report with Openchnage on this?  With SOGo?

Thanks,
Gerald


Hi, can you post you dovecot ldap conf file (suitably sanitized of course) also what version of samba4 you are using.

Rowland


Hi,

I'm using everything from the inverse repo.  Dovecot authorizes fine when I use samba-tool to add a user.  Samba version is 4.1.18. 

I use a script to build my Samba/SOGo/Openchange install.  You can see my script at http://majentis.com/?p=344 . It has every config file I use.

Here's my dovecot.conf

# Enable installed protocols
!include_try /usr/share/dovecot/protocols.d/*.protocol

postmaster_address=

# AUTH
disable_plaintext_auth = yes
auth_master_user_separator = *
auth_mechanisms = plain login

# master users
#passdb {
#  driver = passwd-file
#  master = yes
#  args = /etc/dovecot/master-users

  # Unless you're using PAM, you probably still want the destination user to
  # be looked up from passdb that it really exists. pass=yes does that.
  #pass = yes
#}

# ldap users
passdb {
  driver = ldap
  args = /etc/dovecot/dovecot-ldap.conf.ext
}

userdb {
  driver = ldap
  args = /etc/dovecot/dovecot-ldap.conf.ext
}

# trust on 127.0.0.1
passdb {
 driver = static
 args = nopassword=y allow_nets=127.0.0.1/32
}


# LOGGING
auth_verbose = yes
mail_debug = no
plugin {
  # Events to log. Also available: flag_change append
  #mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  # Available fields: uid, box, msgid, from, subject, size, vsize, flags
  # size and vsize are available only for expunge and copy events.
  #mail_log_fields = uid box msgid size
}

# MAIL and NAMESPACES
mail_location = maildir:~/maildir
mail_uid = vmail
mail_gid = vmail
mail_plugins = acl quota

namespace {
  type = private
  separator = /
  prefix =
  inbox = yes

  mailbox INBOX {
    auto = create
  }
}
namespace {
  type = shared
  separator = /
  prefix = shared/%%u/
  location = maildir:%%h/maildir:INDEX=~/maildir/shared/%%u
  subscriptions = no
  list = children
}


# MASTER
service imap-login {
  inet_listener imap {
    #port = 143
  }
  inet_listener imaps {
    #port = 993
    ssl = yes
  }
  # this is suboptimal since imap and imaps will also accept nopass
  inet_listener imap-nopass {
    port = 144
  }

}
service pop3-login {
  inet_listener pop3 {
    #port = 110
  }
  inet_listener pop3s {
    #port = 995
    #ssl = yes
  }
}
service lmtp {
  unix_listener lmtp {
    #mode = 0666
  }
  # Create inet listener only if you can't use the above UNIX socket
  inet_listener lmtp {
    # Avoid making LMTP visible for the entire internet
    address = 127.0.0.1
    port = 24
  }
}
service imap {
  executable = imap postlogin
}
service auth {
  # auth_socket_path points to this userdb socket by default. It's typically
  # used by dovecot-lda, doveadm, possibly imap process, etc. Its default
  # permissions make it readable only by root, but you may need to relax these
  # permissions. Users that have access to this socket are able to get a list
  # of all usernames and get results of everyone's userdb lookups.
  unix_listener /var/spool/postfix/private/auth {
    mode = 0660
    user = postfix
    group = postfix
  }
}
service postlogin {
  executable = script-login -d rawlog
  unix_listener postlogin {
  }
}

# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
ssl = yes
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem

# LDA
quota_full_tempfail = yes
protocol lda {
  # Space separated list of plugins to load (default is global mail_plugins).
  #mail_plugins = $mail_plugins
}

# PROTOCOLS
protocol imap {
  mail_plugins = $mail_plugins autocreate imap_acl imap_quota
}
protocol lmtp {
  mail_plugins = $mail_plugins sieve
}

service managesieve-login {
  inet_listener sieve {
    port = 4190
    address = 127.0.0.1
  }
}
service managesieve {
}
protocol sieve {
}

plugin {
  acl = vfile
  acl_shared_dict = file:/var/spool/dovecot/shared-mailboxes.db

  quota_rule = *:storage=2G
  quota_rule2 = Trash:storage=+100M
  quota = dict:::file:%h/dovecot-quota

  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve

  autocreate = Trash
  autosubscribe = Trash
  autocreate2 = Drafts
  autosubscribe2 = Drafts
  autocreate3 = Sent
}

and here's my dovecot ldap conf:

hosts = 127.0.0.1:389
dn = cn=administrator,cn=Users,dc=xxx,dc=com
dnpass = xxxx
base = cn=Users,dc=xxx,dc=com
auth_bind = yes
pass_filter = (cn=%n)
user_filter = (cn=%n)
user_attrs = cn=home=/var/spool/dovecot/%$
 


Gerald

Hmm, there doesn't seem to be anything really strange there, I 'might' have an idea, but to confirm it, can you post the exact samba-tool command you are using to create users.

Rowland


Hi,

samba-tool user add test
openchange_newuser --create test

The above commands give me a user that has great access via Outlook, IMAP, and web.

Gerald

OK, this is what I 'think' is happening, when you create a user on windows, you enter the users first name, last name etc, with samba-tool you are just supplying the username. So if you were creating a user called 'Test User' on windows, you would end up with the cn of 'Test User' whilst creating the same user with samba-tool, you would end up with the cn of 'Test'. This is probably your problem, you are using 'cn' in your dovecot ldap conf, so it is looking for a 'cn' that may not exist in the format you think, try changing 'cn' to 'samaccountname'

Rowland


Hi, are trying to do local and virtual mail deliver ?
I am a bit out of touch with postfix/dovecot, but this may point you in the right direction:

http://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP

It might help if could post your postfix main.cf

Rowland




Archive powered by MHonArc 2.6.18.

Top of page