[SOGo] BTS activities for Thursday, March 28 2013
Title: BTS activities for Thursday, March 28 2013 BTS Activities Home page: http://www.sogo.nu/bugs Project: SOGo For the period covering: Thursday, March 28 2013 idlast updatestatus (resolution)categorysummary 2278 2013-03-28 09:42:37 new (open) Funambol SOGo Connector Events synchronized from Nokia E72 phone are synchronized, alarms not 2132 2013-03-28 11:11:24 updated (open) Web Preferences sieve script not activated 2277 2013-03-28 05:50:51 new (open) with external server Connector (17.0.3) won't resolve address if it is redirected 2190 2013-03-28 11:14:22 closed (fixed) OpenChange backend omitted characters when converting from RTF (OL2010)
[SOGo] Cannot get SOGo/OpenChange working with Cyrus-IMAP
Dear SOGo Group, I am having difficulty getting SOGo/OpenChange to work with Outlook 2010. SOGo itself works through its web interface, but email with Outlook does not. I have been messing around with it for days without success, so I thought I would ask for some help. Setup: Server is running CentOS 6.4 with Postfix 2.6 and Cyrus-IMAP 2.4. The email system was setup and tested before starting with SOGo. I also had Samba4 from the SOGo repo already installed and AD setup and tested. DNS: Here I will call the server domain example.local, so AD is setup with domain EXAMPLE, realm example.local. The server is also hosting a real world domain example.com, so there is a split DNS setup. The example.local is managed by Samba using BIND with DLZ plugin, and example.com has traditional BIND zone files. All setup and tested. The users are in Samba4 AD, but will have u...@example.com as their email address. Postfix is setup with example.com as a virtual mailbox domain and delivers mail to Cyrus-IMAP. I used Cyrus-IMAP because, being a sealed system makes it well suited to virtual domains. It authenticates users by SASL (saslauthd) configured for PAM. The /etc/pam.d/imap file uses pam_krb5 to authenticate email users by Kerberos against AD. All works. I installed SOGo following the guide with MySQL database backend. For LDAP authentication I used the template in the Outlook configuration guide. Side note: I read somewhere that the SOGo configuration is being changed to a proper “sogo.conf” file rather than using that awful “defaults” method, but maybe it was only for Debian. Can this be done for RHEL/CentOS? I got so sick of it I actually wrote a script to do the config. Is anyone aware that running ‘defaults –u sogo’ blows away the existing file?I learned that the hard way. When finished I started SOGo and could login from the web interface with my EXAMPLE\testuser AD account. Calendar, contacts and email (as testu...@example.com) all worked perfectly. I then followed the Outlook configuration guide to install and configure the SOGo/OpenChange packages. The only part I did not follow initially was under the IMAP trust section. It reads like a couple of lines thrown in there as an afterthought, and with no example to follow, so it did not make sense at the time. I will come back to this. All steps appeared to work OK. Adding testuser to OpenChange initially failed with “not found”. I discovered from the code that it only looks in CN=Users, but my users are under OU=People in order to apply group policy. When I moved testuser it worked OK and I could see the extended attributes. I assume that, after this step, users could be moved back to an OU without any issues? I left testuser in CN=Users for now. At the end the services start OK and I login as testuser from a VM client joined to the EXAMPLE domain. I create the Outlook profile and start Outlook. It appears to work – Outlook says it is connected to Exchange, but there is no mail folder creation and no email visible. However, the calendar and contact items are there. Eventually Outlook says it is disconnected, and Samba is rather unhappy and appears to have stopped working and must be restarted. If I run the “Test Email AutoConfiguration” utility it fails. The Apache logs show requests for “autodiscover” returning 401 or 502 errors. But I had setup DNS for autodiscover. In DNS Manager I tried both methods – using a SRV entry and adding a CNAME alias. I also added an alias to the example.com DNS just in case. In the maillog I see cyrus-imap errors for badlogin, SASL(-13), authentication failure. This, with the 401 error, suggests SOGo/OpenChange will not connect to Cyrus-IMAP. I revisited the IMAP trust section and attempted to use ‘sasl_pwcheck_method = alwaystrue’. However, I found that on EL this is not available because the option is not enabled at compile. So I downloaded the cyrus-sasl source RPM, rebuilt it with ‘--enable-alwaystrue’ and installed it. I could now use the ‘imtest’ utility to authenticate as testuser with any password. Seems OK. I setup ‘cyrus.conf’ with separate imap services, one bound to 127.0.0.1 and the other to the server IP, using different ‘imapd.conf’ files. The only difference being one has ‘sasl_pwcheck_method = saslauthd’ and the other ‘sasl_pwcheck_method = alwaystrue’. I tried again with Outlook, but this time it hangs at the splash screen. It will not open at all. There is no information in the logs to tell me what is happening. Only in the maillog shows testuser successfully logged in from 127.0.0.1, and then connection closed, but the messages appear together only when I cancel Outlook. I also realised that the guide talks about Cyrus-IMAP 2.4, but the packaged EL version is 2.3, so I found a stable 2.4 source RPM, built it and upgraded, but nothing changed. It works from SOGo web but not Outlook/OpenChange. I am really at a loss. I am considering swap
[SOGo] "\r" in Vcard after import from LDIF
Hi I think think is a bug, VCARD import appends a "\r" after email ! example: LDIF File: dn: mail=per...@domain.com objectclass: top objectclass: person objectclass: organizationalPerson objectclass: inetOrgPerson objectclass: mozillaAbPersonAlpha mail: per...@domain.com modifytimestamp: 0 Result in sogo Database: BEGIN:VCARD UID:5BE-5151E800-3F-2D712180 VERSION:3.0 CLASS:PUBLIC PROFILE:VCARD PRODID:-//Inverse inc./SOGo 2.0.4b//EN EMAIL;TYPE=work:per...@domain.com\r END:VCARD -- Gerhard -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Ubuntu 12.04 + igestis
Hi Tom, That's right, keep Samba4, then for the base tree, put example.local (not dc=User...). Then you will get Administrator@example.local automatically at next step, so keep it. Then you should able to login. I will try ASAP to update my tutorial to explain that, thank for your request. Best regards. Olivier. 2013/3/28 Mag.(FH) Thomas E. Janisch > Hello all! > > I'm installing Samba4+Sogo+Openchange according to the Documentation > http://iabsis.com/EN/article/35-7/iGestis-installation-optional. > > My problem is, that I have no idea how to configure igestis. When prompted > for the settings during installation I've entered : > Samba 4 > Set a root-PW > Used the default address for the directory uris: > ldapi://%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldapi > Entered for the base tree: cn=Users,dc=example,dc=local > And get a default value for the admin-account: > Administrator@cn=Users,dc=example,dc=local > After entering the PW set for provisioning of samba, i always get an > NT_STATUS_LOGON_FAILURE > I have no idea, what to change, as the logs do not show anything referring > to this problem. > > Here are the settings I've used to provision: > samba-tool domain provision --domain=MYDOMAIN --adminpass=my-pass > --dns-backend=SAMBA_INTERNAL --server-role=dc --function-level=2008_R2 > --use-xattr=yes --use-rfc2307 --realm=example.local > > Any ideas or suggestions? > Regards, > Tom. > > > -- > users@sogo.nu > https://inverse.ca/sogo/lists > -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] Ubuntu 12.04 + igestis
Hello all! I'm installing Samba4+Sogo+Openchange according to the Documentation http://iabsis.com/EN/article/35-7/iGestis-installation-optional. My problem is, that I have no idea how to configure igestis. When prompted for the settings during installation I've entered : Samba 4 Set a root-PW Used the default address for the directory uris: ldapi://%2Fvar%2Flib%2Fsamba%2Fprivate%2Fldapi Entered for the base tree: cn=Users,dc=example,dc=local And get a default value for the admin-account: Administrator@cn=Users,dc=example,dc=local After entering the PW set for provisioning of samba, i always get an NT_STATUS_LOGON_FAILURE I have no idea, what to change, as the logs do not show anything referring to this problem. Here are the settings I've used to provision: samba-tool domain provision --domain=MYDOMAIN --adminpass=my-pass --dns-backend=SAMBA_INTERNAL --server-role=dc --function-level=2008_R2 --use-xattr=yes --use-rfc2307 --realm=example.local Any ideas or suggestions? Regards, Tom. -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] LDAP address book from active directory - show all fields -> SearchFieldNames
Hi, thank you for your answer, it is in documentation... My bad. But it is not working to me, please can you check my syntax? I added to usersource like this: { CNFieldName = cn; IDFieldName = cn; SearchFieldNames = ( sn, displayName, telephoneNumber, mobile, facsimileTelephoneNumber, homePhone, pager, ipPhone, wWWHomePage, title, streetAddress, st, postOfficeBox, postalCode, physicalDeliveryOfficeName, description, countryCode, co, department, company ); UIDFieldName = sAMAccountName; baseDN = "DC=OU-NEM,DC=CZ"; bindDN = "s...@ou-nem.cz"; bindFields = ( sAMAccountName ); bindPassword = deleted; canAuthenticate = NO; displayName = "Active Directory"; filter = " objectClass = user AND mail = * "; hostname = 192.168.89.244; id = directory; isAddressBook = YES; *mapping = (** **"o = company",** **"ou = department"** **);** *port = 389; scope = SUB; type = ldap; } but, it is not working. I have wrong syntax? Ldap does not find anything and waited too long for answer. in defaults write sogod SOGoUserSources '( { ... mapping = ("o = company", "ou = department"); } )' sogo.log: Mar 28 14:35:28 sogod [31669]: [ERROR] <0x0x7f118fe2e630[NGLdapAttribute]> cound not convert value of objectSid to string Mar 28 14:35:28 sogod [31669]: [ERROR] <0x0x7f118fd28de0[NGLdapAttribute]> cound not convert value of userCertificate to string Mar 28 14:35:28 sogod [31669]: [ERROR] <0x0x7f118fe2db70[NGLdapAttribute]> cound not convert value of objectGUID to string EXCEPTION: *NAME:NSInvalidArgumentException* REASON:GSMutableArray(instance) *does not recognize allKeys* INFO:(n$ Mar 28 14:35:28 sogod [31640]: <0x0x7f118fb87ab0[WOWatchDogChild]> child 31669 exited Mar 28 14:35:28 sogod [31640]: <0x0x7f118fb87ab0[WOWatchDogChild]> (terminated due to signal 6) Mar 28 14:35:28 sogod [31640]: <0x0x7f118fb87ab0[WOWatchDogChild]> avoiding to respawn child before 2013-03-28 14:35:33 +0100 S pozdravem Martin Krpata, DiS. Oddělení IT Orlickoústecká nemocnice, a.s. Dne 28.3.2013 13:29, Francis Lachapelle napsal(a): Hi Martin On 2013-03-28, at 2:36 AM, Martin Krpata wrote: i would like to use address book from Active Directory and it's look like that some fields have another name and cannot be showed in address book. Like for example wWWHomePage, department, company. These names of fields are in Active Directory 2003 LDAP. I tryed fill sogo contact and export to ldif. It has some another field names that come from LDAP Active Directory, for example: AD wWWHomePage / LDIF mozillahomeurl AD company / LDIF o AD department / LDIF ou You can add a mapping parameter to your users source: mapping = { o = company; ou = department; mozillahomeur = wWWHomePage; }; It is possible to enable field translation, or say to sogo get right fields? my config: { CNFieldName = cn; IDFieldName = cn; SearchFieldNames = ( sn, displayName, telephoneNumber, mobile, facsimileTelephoneNumber, homePhone, pager, ipPhone, wWWHomePage, title, streetAddress, st, postOfficeBox, postalCode, physicalDeliveryOfficeName, description, countryCode, co, department, company ); UIDFieldName = sAMAccountName; baseDN = "DC=OU-NEM,DC=CZ"; bindDN = "s...@ou-nem.cz"; bindFields = ( sAMAccountName ); bindPassword = deleted; canAuthenticate = NO; displayName = "Active Directory"; filter = " objectClass = user AND mail = ''*'' "; hostname = 192.168.89.244; id = directory; isAddressBook = YES; port = 389; scope = SUB; type = ldap; } http://imageshack.us/photo/my-images/571/sogoaddressbookfromad.png/ -- S pozdravem Martin Krpata, DiS. Oddělení IT Orlickoústecká nemocnice, a.s. -- flachape...@inverse.ca :: +1.514.755.3640 :: http://www.inverse.ca Inverse :: Leaders behind SOGo (http://sogo.nu) and PacketFence (http://packetfence.org) -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] hide "Contacts"
Hello, I can hide "mail module", but i want also hide the "Contacts module"... Is it possible? it works for "Mail" but not for "Contacts" with (in SOGoUserSources) : ModulesConstraints = { Calendar = { }; Contacts = { uid = admin; }; Mail = { uid = admin; }; }; thank you, Arnaud -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] LDAP address book from active directory - show all fields -> SearchFieldNames
Hi Martin On 2013-03-28, at 2:36 AM, Martin Krpata wrote: > i would like to use address book from Active Directory and it's look like > that some fields have another name and cannot be showed in address book. Like > for example wWWHomePage, department, company. These names of fields are in > Active Directory 2003 LDAP. > > I tryed fill sogo contact and export to ldif. It has some another field names > that come from LDAP Active Directory, for example: > AD wWWHomePage / LDIF mozillahomeurl > AD company / LDIF o > AD department / LDIF ou You can add a mapping parameter to your users source: mapping = { o = company; ou = department; mozillahomeur = wWWHomePage; }; > It is possible to enable field translation, or say to sogo get right fields? > > my config: > { >CNFieldName = cn; >IDFieldName = cn; >SearchFieldNames = ( >sn, >displayName, >telephoneNumber, >mobile, >facsimileTelephoneNumber, >homePhone, >pager, >ipPhone, >wWWHomePage, >title, >streetAddress, >st, >postOfficeBox, >postalCode, >physicalDeliveryOfficeName, >description, >countryCode, >co, >department, >company >); >UIDFieldName = sAMAccountName; >baseDN = "DC=OU-NEM,DC=CZ"; >bindDN = "s...@ou-nem.cz"; >bindFields = ( >sAMAccountName >); >bindPassword = deleted; >canAuthenticate = NO; >displayName = "Active Directory"; >filter = " objectClass = user AND mail = ''*'' "; >hostname = 192.168.89.244; >id = directory; >isAddressBook = YES; >port = 389; >scope = SUB; >type = ldap; >} > > http://imageshack.us/photo/my-images/571/sogoaddressbookfromad.png/ > > -- > S pozdravem > Martin Krpata, DiS. > Oddělení IT > Orlickoústecká nemocnice, a.s. -- flachape...@inverse.ca :: +1.514.755.3640 :: http://www.inverse.ca Inverse :: Leaders behind SOGo (http://sogo.nu) and PacketFence (http://packetfence.org) -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Address book problems
Hi all, I do have the exact same issue with one addressbook for only one user. After checking the mysql database, everything seems fine. The only relevant output in the sogo.log is the 204 (no content) http code. I have put the "MySQL4DebugEnabled" in my sogo conf, nothing relevant. As Sven, the last time i had this problem it disappears like it comes. Do you know better about this issue or do i need to install the debug packages of SOPE/SOGo/GNUstep? Thanks in advance Nicolas FABRE SOGo 2.0.3, debian squeeze Le 10/09/2012 12:04, Sven Schwedas a écrit : Hi, we've been having problems with one of our address books (others work fine) for a few days: 1. I can't subscribe: If I try, the UI adds the address book, but won't show any content, nor show the subscription after a refresh localhost - - [10/Sep/2012:11:52:11 GMT] "POST /SOGo/so/USER1/Contacts/long-uuid/subscribe HTTP/1.1" 204 0/0 0.151 - - 0 localhost - - [10/Sep/2012:11:52:16 GMT] "POST /SOGo/so/USER2/Contacts/user1_same-long-uuid/view?noframe=1&sort=c_cn&asc=true HTTP/1.1" 404 208/0 0.215 - - 0 2. I can't copy the address book: If I (using USER1) ex- and import the address book into an empty one, the importer just dies: EXCEPTION: NAME:NSInvalidArgumentException REASON:GSMutableString(instance) does not recognize count INFO:(nil) The ldif is about 260KiB big and 10k lines long, not going to manually check it. Is there some kind of validator? (SOGo 1.3.18a, but the problem already existed with earlier versions, btw.) -- users@sogo.nu https://inverse.ca/sogo/lists