Re: [SOGo] MFA settings
Hello On 08.12.21 22:00, mj (li...@merit.unu.edu) wrote: > Hi Chistian, > > Op 08-12-2021 om 18:17 schreef Christian Mack > (christian.m...@uni-konstanz.de): >> How does the user get its TOTP initializon vector then? >> She/he can not login without it, but can only scan the QR code while >> logged into SOGo ;-) > > Well obviously it would mean: After the admin forces it, on the next > login, those users would be required to setup and activate MFA. > Good point. Like enforcing password changes. You could open an enhancement request for that on https://sogo.nu/bugs/ >> What for? >> Either you want to protect your account with 2FA or not. >> You can use long sessions, therefore only login once a day. > > You could require MFA from WAN, and not require it from LAN/VPN, for > example. That's not unusual. >> But I understand from your replies that you don't see it that way ;-) > Yes, in my opinion that habit is a relict of times, when you could trust your own network and all devices on it. In times of bring-your-own-device and using private Smartphones all the time, this does not apply anymore. Every client can be infected, and should be treated as such. I know, security is annoying. Kind regards, Christian Mack -- Christian Mack Universität Konstanz Kommunikations-, Informations-, Medienzentrum (KIM) Abteilung IT-Dienste Forschung und Lehre 78457 Konstanz +49 7531 88-4416 smime.p7s Description: S/MIME Cryptographic Signature
Re: [SOGo] Connection interface of SOGO not load
Hello
Which browser are you using?
Did you clean the browsers cache?
Kind regards,
Christian Mack
On 08.12.21 17:57, HYVERNAT Philippe (p.hyver...@outlook.fr) wrote:
> Hello,
>
> i reuse this list because i have another problem when the page og sogo
> is loading. It displays only characters on a white font.
>
> Logs of Apache24, Sogo53,mysql8 are all ok !
>
> Somebody can help me ?
>
> Thanks by advance
>
>
> HYVERNAT Philippe,
>
>
> Nom d'utilisateur person Mot de passe email
> language Choisir ... العربية Euskara Български Català 简体中文 正體中文
> Hrvatski Česky Dansk (Danmark) Nederlands English Suomi Français Deutsch
> עברית Magyar Íslenska bahasa Indonesia Italiano 日本語 Latviešu Lietuvių
> Македонски Crnogorski Norsk bokmål Norsk nynorsk Polski Português
> Português brasileiro Română Русский Српски Srpski Slovensky Slovenščina
> Español (Argentina) Español (España) Svenska Türkçe (Türkiye) Українська
> Cymraeg
> Se souvenir de moi
> info arrow_forward
> Authentification en cours
> Code de vérification lock
> Saisissez le code de vérification à 6 chiffres de votre application TOTP.
> arrow_backward arrow_forward
> warning
> Bienvenue {{app.cn}}
> priority_high
> Two-factor authentication has been disabled. Visit the Preferences
> module to restore two-factor authentication and reconfigure your TOTP
> application.
> Continue
> watch_later
> Votre mot de passe est expiré, veuillez entrer un nouveau mot de passe
> Current password Nouveau mot de passe Confirmation
> Passwords don't match
> Change
> warning
> Bienvenue {{app.cn}}
> priority_high
> {{app.errorMessage}}
> Changez votre mot de passe Continue
> done
> Bienvenue {{app.cn}}
> done
> {{app.errorMessage}}
> Continue
> error
> {{app.errorMessage}}
> Réessayer
--
Christian Mack
Universität Konstanz
Kommunikations-, Informations-, Medienzentrum (KIM)
Abteilung IT-Dienste Forschung und Lehre
78457 Konstanz
+49 7531 88-4416
smime.p7s
Description: S/MIME Cryptographic Signature
[SOGo] BTS activities for Wednesday, December 08 2021
Title: BTS activities for Wednesday, December 08 2021 BTS Activities Home page: https://sogo.nu/bugs Project: SOGo For the period covering: Wednesday, December 08 2021 idlast updatestatus (resolution)categorysummary 5354 2021-12-08 13:36:03 updated (open) Backend Calendar Can not edit event in shared calendar on Android despite set permissions 5441 2021-12-08 05:18:24 updated (open) Web Calendar Sorting calendar events - searching for past events function missing -- users@sogo.nuhttps://inverse.ca/sogo/lists
Re: [SOGo] MFA settings
Hi Chistian, Op 08-12-2021 om 18:17 schreef Christian Mack (christian.m...@uni-konstanz.de): How does the user get its TOTP initializon vector then? She/he can not login without it, but can only scan the QR code while logged into SOGo ;-) Well obviously it would mean: After the admin forces it, on the next login, those users would be required to setup and activate MFA. What for? Either you want to protect your account with 2FA or not. You can use long sessions, therefore only login once a day. You could require MFA from WAN, and not require it from LAN/VPN, for example. That's not unusual. But I understand from your replies that you don't see it that way ;-) Thanks! MJ -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] openLDAP and groups ACLs not working
Hello,
here is the debug with LDAPDebugEnabled and SOGODebugRequest
enabled.
it seems to look for the members of the group, but at the end it
seems only to subscribe the group
("subscribeUsers?uids=testposixgro...@mydomain.net"), not the
members themselves. Is that the reason? When I subscribe a user
(not a group), I see the correct
subscribeusers?uids=it5@MYDOMAIN...)
kind regards
Dec 08 13:32:51 sogod [599764]: |SOGo| starting method 'GET' on
uri
'/SOGo/so/postmas...@mydomain.net/Calendar/924D3-61B0F880-1-39D7A0C0/acls'
Dec 08 13:32:51 sogod [599764]: |SOGo| request took 0.003679
seconds to execute
Dec 08 13:32:51 sogod [599764]: 141.94.27.175 "GET
/SOGo/so/postmas...@mydomain.net/Calendar/924D3-61B0F880-1-39D7A0C0/acls
HTTP/1.0" 200 115/0 0.005 - - 0 - 16
Dec 08 13:32:52 sogod [599764]: |SOGo| starting method 'GET' on
uri
'/SOGo/so/postmas...@mydomain.net/Calendar/924D3-61B0F880-1-39D7A0C0/UIxAclEditor'
Dec 08 13:32:52 sogod [599764]: |SOGo| request took 0.002767
seconds to execute
Dec 08 13:32:52 sogod [599764]: 141.94.27.175 "GET
/SOGo/so/postmas...@mydomain.net/Calendar/924D3-61B0F880-1-39D7A0C0/UIxAclEditor
HTTP/1.0" 200 1464/0 0.004 4277 65% 0 - 16
Dec 08 13:32:56 sogod [599764]: |SOGo| starting method 'GET' on
uri '/SOGo/so/postmas...@mydomain.net/usersSearch?search=posi'
Dec 08 13:32:56 sogod [599764]:
<0x0x5621b6747f30[NGLdapConnection]> Using ldap_initialize
for LDAP URL: ldap://127.0.0.1:389
2021-12-08 13:32:56.006 sogod[599764:599764] -[NGLdapConnection
_searchAtBaseDN:qualifier:attributes:scope:]: search at base
'domainname=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net' filter
'(&(|(sn=*posi*)(displayname=*posi*)(cn=*posi*)(mail=*posi*)(telephonenumber=*posi*))(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=sogo))'
for attrs '*'
Dec 08 13:32:56 sogod [599764]:
<0x0x5621b67b3dd0[NGLdapConnection]> Using ldap_initialize
for LDAP URL: ldap://127.0.0.1:389
2021-12-08 13:32:56.008 sogod[599764:599764] -[NGLdapConnection
_searchAtBaseDN:qualifier:attributes:scope:]: search at base
'domainname=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net' filter
'(|(&(|(sn=*posi*)(displayname=*posi*)(cn=*posi*)(mail=*posi*)(telephonenumber=*posi*))(objectClass=posixGroup))(objectClass=groupOfNames))'
for attrs '*'
Dec 08 13:32:56 sogod [599764]: |SOGo| request took 0.008024
seconds to execute
Dec 08 13:32:56 sogod [599764]: 141.94.27.175 "GET
/SOGo/so/postmas...@mydomain.net/usersSearch?search=posi HTTP/1.0"
200 340/0 0.010 - - 0 - 16
Dec 08 13:33:02 sogod [599764]: |SOGo| starting method 'GET' on
uri '/SOGo/so/postmas...@mydomain.net/usersSearch?search=posi'
Dec 08 13:33:02 sogod [599764]:
<0x0x5621b67ba0e0[NGLdapConnection]> Using ldap_initialize
for LDAP URL: ldap://127.0.0.1:389
2021-12-08 13:33:02.696 sogod[599764:599764] -[NGLdapConnection
_searchAtBaseDN:qualifier:attributes:scope:]: search at base
'domainname=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net' filter
'(&(|(sn=*posi*)(displayname=*posi*)(cn=*posi*)(mail=*posi*)(telephonenumber=*posi*))(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=sogo))'
for attrs '*'
Dec 08 13:33:02 sogod [599764]:
<0x0x5621b682dd70[NGLdapConnection]> Using ldap_initialize
for LDAP URL: ldap://127.0.0.1:389
2021-12-08 13:33:02.698 sogod[599764:599764] -[NGLdapConnection
_searchAtBaseDN:qualifier:attributes:scope:]: search at base
'domainname=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net' filter
'(|(&(|(sn=*posi*)(displayname=*posi*)(cn=*posi*)(mail=*posi*)(telephonenumber=*posi*))(objectClass=posixGroup))(objectClass=groupOfNames))'
for attrs '*'
Dec 08 13:33:02 sogod [599764]: |SOGo| request took 0.008022
seconds to execute
Dec 08 13:33:02 sogod [599764]: 141.94.27.175 "GET
/SOGo/so/postmas...@mydomain.net/usersSearch?search=posi HTTP/1.0"
200 340/0 0.009 - - 0 - 16
Dec 08 13:33:02 sogod [599764]: |SOGo| starting method 'GET' on
uri
'/SOGo/so/postmas...@mydomain.net/Calendar/924D3-61B0F880-1-39D7A0C0/addUserInAcls?uid=testposixgro...@mydomain.net'
Dec 08 13:33:02 sogod [599764]:
<0x0x5621b69ee5c0[NGLdapConnection]> Using ldap_initialize
for LDAP URL: ldap://127.0.0.1:389
2021-12-08 13:33:02.732 sogod[599764:599764] -[NGLdapConnection
_searchAtBaseDN:qualifier:attributes:scope:]: search at base
'domainname=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net' filter
'(&(|(mail=testposixgro...@mydomain.net)(mail=testposixgro...@mydomain.net))(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=sogo))'
for attrs '*'
Dec 08 13:33:02 sogod [599764]:
[SOGo] Connection interface of SOGO not load
Hello,
i reuse this list because i have another problem when the page og sogo
is loading. It displays only characters on a white font.
Logs of Apache24, Sogo53,mysql8 are all ok !
Somebody can help me ?
Thanks by advance
HYVERNAT Philippe,
Nom d'utilisateur person Mot de passe email
language Choisir ... العربية Euskara Български Català 简体中文 正體中文
Hrvatski Česky Dansk (Danmark) Nederlands English Suomi Français Deutsch
עברית Magyar Íslenska bahasa Indonesia Italiano 日本語 Latviešu Lietuvių
Македонски Crnogorski Norsk bokmål Norsk nynorsk Polski Português
Português brasileiro Română Русский Српски Srpski Slovensky Slovenščina
Español (Argentina) Español (España) Svenska Türkçe (Türkiye) Українська
Cymraeg
Se souvenir de moi
info arrow_forward
Authentification en cours
Code de vérification lock
Saisissez le code de vérification à 6 chiffres de votre application TOTP.
arrow_backward arrow_forward
warning
Bienvenue {{app.cn}}
priority_high
Two-factor authentication has been disabled. Visit the Preferences
module to restore two-factor authentication and reconfigure your TOTP
application.
Continue
watch_later
Votre mot de passe est expiré, veuillez entrer un nouveau mot de passe
Current password Nouveau mot de passe Confirmation
Passwords don't match
Change
warning
Bienvenue {{app.cn}}
priority_high
{{app.errorMessage}}
Changez votre mot de passe Continue
done
Bienvenue {{app.cn}}
done
{{app.errorMessage}}
Continue
error
{{app.errorMessage}}
Réessayer
--
users@sogo.nu
https://inverse.ca/sogo/lists
Re: [SOGo] No local time zone specified
Hello,
Thanks for your answer, in fact it was a parse error in the conf file.
The log isn't very explicit...
i forget to put double cotes to the bind password
Nothing in relation with the TimeZone...
Thanks
Le 08/12/2021 à 08:55, mj (li...@merit.unu.edu) a écrit :
Hi,
Just a thought: are you sure your /usr/local/etc/sogo/sogo.conf is
formatted correctly?
I have used "plparse /usr/local/etc/sogo/sogo.conf" in the past to
make sure is did not get corrupted.
MJ
Op 07-12-2021 om 23:01 schreef HYVERNAT Philippe (p.hyver...@outlook.fr):
Hello,
I am a newbie to Sogo and i installed it (v.5.3) on a FreeBSD 13 box
via port tree.
i configure sogo.conf and when i want to launch the sogod service,
here is the errors :
# service sogod onestart
*Starting sogod.**
**Throwing 0x804676d88, in flight exception: 0**
**Exception caught by C++: 0**
**Throwing 0x804677358, in flight exception: 0x804676d88**
**Exception caught by C++: 0**
**2021-12-07 20:57:01.609 sogod[71303:100517] No local time zone
specified.**
**2021-12-07 20:57:01.609 sogod[71303:100517] Using time zone with
absolute offset 0.**
**2021-12-07 20:57:01.608 sogod[71303:100517] File NSDictionary.m:
672. In -[NSDictionary initWithContentsOfFile:] Contents of file
'/usr/local/etc/sogo/sogo.conf' does not contain a dictionary**
**<0x0x803c925c8[SOGoStartupLogger]> Cannot read configuration from
'/usr/local/etc/sogo/sogo.conf'. Aborting**
**/usr/local/etc/rc.d/sogod: WARNING: failed to start sogod*
Here is the directory :
root@sogo1:/usr/local/etc/sogo # ls -la
total 38
-rw-r--r-- 1 root wheel 3458 Dec 7 16:19 SOGo-Apache.conf
-rw-r--r-- 1 root wheel 3280 Dec 7 13:50 SOGo-Apache.conf.sample
-rw-r--r-- 1 root wheel 2372 Dec 7 13:50 SOGo-apple-ab.Apache.conf
-rw-r--r-- 1 root wheel 2372 Dec 7 13:50
SOGo-apple-ab.Apache.conf.sample
-rw--- 1 sogod sogod 18 Dec 7 13:50 ealarms-notify.creds
-rw--- 1 sogod sogod 18 Dec 7 13:50
ealarms-notify.creds.sample
-rw--- 1 sogod sogod 18 Dec 7 13:50 expire-autoreply.creds
-rw--- 1 sogod sogod 18 Dec 7 13:50
expire-autoreply.creds.sample
-rw-r--r-- 1 sogod sogod 6168 Dec 7 19:58 sogo.conf
-rw-r--r-- 1 root wheel 5132 Dec 7 13:50 sogo.conf.sample
Here is the configuration : (I replaced ip and pass by "X")
SOGoProfileURL =
"mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_user_profile";
OCSFolderInfoURL =
"mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_folder_info";
OCSSessionsFolderURL =
"mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_sessions_folder";
OCSEMailAlarmsFolderURL =
"mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_alamrs_folder";
OCSStoreURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_store";
OCSAclURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_acl";
OCSCacheFolderURL =
"mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_cache_folder";
OCSQuickAppointment =
"mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_quick_appointment";
OCSQuickContact =
"mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_quick_contact";
/*MYSQL Unicode Complicance*/
MySQL4Encoding = "utf8mb4";
/* Mail */
SOGoDraftsFolderName = Drafts;
SOGoSentFolderName = Sent;
SOGoTrashFolderName = Trash;
SOGoJunkFolderName = Junk;
SOGoIMAPServer = "imaps://X.X.X.X:993";
SOGoSieveServer = "sieve://X.X.X.X:4190";
SOGoSieveFolderEncoding = UTF-8;
SOGoSMTPServer = "smtp://X.X.X.X";
SOGoMailDomain = test.fr;
SOGoMailingMechanism = smtp;
SOGoForceExternalLoginWithEmail = YES;
SOGoMailSpoolPath = /var/spool/sogo;
NGImap4ConnectionStringSeparator = "/";
SOGoMailMessageCheck = every_5_minutes;
SOGoFirstDayOfWeek = 1;
SOGoMailComposeMessageType = "html";
/* Notifications */
SOGoAppointmentSendEMailNotifications = YES;
SOGoACLsSendEMailNotifications = YES;
SOGoFoldersSendEMailNotifications = YES;
/* Authentication */
SOGoPasswordChangeEnabled = YES;
/* Authorize user to connect with domain name */
SOGoEnableDomainBasedUID = YES;
/* LDAP authentication example */
SOGoUserSources = (
{
type = ldap;
CNFieldName = cn;
UIDFieldName = uid;
IDFieldName = mail; // first field of the DN for direct binds
bindFields = (uid, mail); // array of fields to use for
indirect binds
baseDN = "ou=%d,dc=test,dc=fr";
bindDN = "uid=admin,ou=users,dc=test,dc=fr";
bindPassword = X;
canAuthenticate = YES;
filter = "(o='test' AND mail='*' AND status <> 'inactive')";
displayName = "Shared Addresses";
hostname = "ldap://X.X.X.X:389;;
id = public;
isAddressBook = YES;
}
);
SOGoPageTitle = SOGo;
SOGoVacationEnabled = YES;
SOGoForwardEnabled = YES;
SOGoSieveScriptsEnabled = YES;
SOGoMailAuxiliaryUserAccountsEnabled = YES;
SOGoTrustProxyAuthentication = NO;
SOGoXSRFValidationEnabled = NO;
/* General - SOGoTimeZone *MUST* be defined */
SOGoTimeZone = Europe/London;
Re: [SOGo] MFA settings
Hello Am 08.12.21 um 09:19 schrieb mj (li...@merit.unu.edu): > Hi, > > We are looking at the MFA settings in SOGo, and it seems to work fine. > > However, it seems a bit basic: you can only turn it on and off yourself > for your own account. Unless we miss something? > > Are there also settings like: > > - admin forced mandatory MFA for all or specific users? How does the user get its TOTP initializon vector then? She/he can not login without it, but can only scan the QR code while logged into SOGo ;-) > - define 'trusted' IP ranges that are excluded from MFA? > What for? Either you want to protect your account with 2FA or not. You can use long sessions, therefore only login once a day. > I've searched the docs on > https://www.sogo.nu/files/docs/SOGoInstallationGuide.html but it doesn't > mention any config for MFA. > Correct, there are none. Kind regards, Christian Mack -- Christian Mack Universität Konstanz Kommunikations-, Informations-, Medienzentrum (KIM) Abteilung IT-Dienste Forschung und Lehre 78457 Konstanz +49 7531 88-4416 smime.p7s Description: S/MIME Cryptographic Signature
[SOGo] openLDAP and groups ACLs not working
Dear SOGo community,
I've installed SOGo 5.3.0 (@shiva2.inverse 202112070624) with
iRedmail-OpenLDAP, and I'm trying to get LDAP groups working (we
already use SOGo in combination with Active Directory and groups
work perfectly) - however, we are moving our mail + SOGo away from
AD.
So far, groups show up in SOGo for e.g. a resource to be shared
with. There is no error message in sogo.log. However, group members
are not subscribed, nor do they see the shared resource when
searching for resources of the sharer.
I suspect it is a mapping issue between how iRedmail identifies
"users"/mailboxes (mail=), and how SOGo can identify them by the
memberuid/member attribute (uid=, or cn= instead of mail=...
?).
So something is missing here. Ideally, I can manage group ACLs
without touching the attributes of the iRedmail mailboxes/users, so
in case of updates/LDAP changes, the group memberships stay active.
E.g. by using posixGroup or groupOfNames objectClasses.
A) This is the SOGoUserSources to get the groups:
{
// Used for groups
type = ldap;
id = groups;
canAuthenticate = YES;
isAddressBook = NO;
displayName = "LDAP Authentication";
hostname = "ldap://127.0.0.1:389";
baseDN = "ou=Groups,domainName=%d,o=domains,dc=MYDOMAIN,dc=net";
bindDN = "cn=vmail,dc=MYDOMAIN,dc=net";
bindPassword = "";
filter = "objectClass=posixGroup OR objectClass=groupOfNames";
#scope = SUB;
// always keep binding to the LDAP server using the DN of the
// currently authenticated user. bindDN and bindPassword are still
// required to find DN of the user.
// Note: with default LDAP acl configured by iRedMail, user doesn't
// have privilege to query o=domains,dc=MYDOMAIN,dc=net.
// so this doesn't work.
bindAsCurrentUser = YES;
mapping = {
uid = ("mail");
};
// The algorithm used for password encryption when changing
// passwords without Password Policies enabled.
// Possible values are: plain, crypt, md5-crypt, ssha, ssha512.
userPasswordAlgorithm = ssha512;
#GroupObjectClasses = (posixGroup);
CNFieldName = cn;
IDFieldName = cn;
// value of UIDFieldName must be unique on entire server
UIDFieldName = cn;
}
B) these are example 2 LDAP groups which show up in SOGo as
groups, but resources are not shared to the members of those
groups:
# Entry 1 (posixGroup)
dn:
cn=posix6,ou=Groups,domainName=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net
cn: posix6
gidnumber: 500
mail: posix6
memberuid: it6
memberuid:
mail=i...@mydomain.net,ou=Users,domainName=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net
memberuid:
cn=i...@mydomain.net,ou=Users,domainName=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net
objectclass: posixGroup
objectclass: top
# Entry 1: groupOfNames
dn:
cn=grpnames2@localhost,ou=Groups,domainName=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net
cn: grpnames2@localhost
member:
cn=i...@mydomain.net,ou=Users,domainName=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net
member:
cn=i...@mydomain.net,ou=Users,domainName=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net
objectclass: groupOfNames
objectclass: top
C) this is how a mailbox/user is identified in iRedmail:
# Entry 1: mail=i...@mydomain.net,ou=Users,domainName=MYDOMAIN
dn:
mail=i...@mydomain.net,ou=Users,domainName=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net
accountstatus: active
amavislocal: TRUE
cn: IT6
enabledservice: sogo
enabledservice: imap
enabledservice: sievetls
enabledservice: sievesecured
enabledservice: lmtp
enabledservice: dsync
enabledservice: shadowaddress
enabledservice: indexer-worker
enabledservice: sieve
enabledservice: imaptls
enabledservice: senderbcc
enabledservice: managesievesecured
enabledservice: deliver
enabledservice: recipientbcc
enabledservice: mail
enabledservice: smtpsecured
enabledservice: lib-storage
enabledservice: sogoactivesync
enabledservice: smtp
enabledservice: sogowebmail
enabledservice: smtptls
enabledservice: lda
enabledservice: displayedInGlobalAddressBook
enabledservice: imapsecured
enabledservice: doveadm
enabledservice: forward
enabledservice: quota-status
enabledservice: sogocalendar
enabledservice: managesievetls
enabledservice: internal
enabledservice: managesieve
homedirectory: /var/vmail/vmail1/MYDOMAIN.net/i/t/6/it6-2021.
12.08.15.26.38/
mail: i...@mydomain.net
mailboxfolder: Maildir
mailboxformat: maildir
mailquota: 5368709120
objectclass: inetOrgPerson
objectclass:
Re: [SOGo] No local time zone specified
On Tue, Dec 07, 2021 at 11:01:06PM +0100, HYVERNAT Philippe wrote: > **2021-12-07 20:57:01.609 sogod[71303:100517] No local time zone > specified.** > **2021-12-07 20:57:01.609 sogod[71303:100517] Using time zone with absolute > offset 0.** Beyond the unexpected /usr/local/etc/sogo/sogo.conf content, note that current release of GNUstep base libraries do not cope with timezone files v2+. I contributed code to support v2 and v3, but it will only be released in upcoming GNUstep Base 1.29.0. If your system has v2 TZ files (file(1) can tell you), you will need to replace it by a v1 file from an older FreeBSD release. -- Emmanuel Dreyfus m...@netbsd.org -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] MFA settings
Hi, We are looking at the MFA settings in SOGo, and it seems to work fine. However, it seems a bit basic: you can only turn it on and off yourself for your own account. Unless we miss something? Are there also settings like: - admin forced mandatory MFA for all or specific users? - define 'trusted' IP ranges that are excluded from MFA? I've searched the docs on https://www.sogo.nu/files/docs/SOGoInstallationGuide.html but it doesn't mention any config for MFA. Thanks, MJ -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] No local time zone specified
Hi,
Just a thought: are you sure your /usr/local/etc/sogo/sogo.conf is
formatted correctly?
I have used "plparse /usr/local/etc/sogo/sogo.conf" in the past to make
sure is did not get corrupted.
MJ
Op 07-12-2021 om 23:01 schreef HYVERNAT Philippe (p.hyver...@outlook.fr):
Hello,
I am a newbie to Sogo and i installed it (v.5.3) on a FreeBSD 13 box via
port tree.
i configure sogo.conf and when i want to launch the sogod service, here
is the errors :
# service sogod onestart
*Starting sogod.**
**Throwing 0x804676d88, in flight exception: 0**
**Exception caught by C++: 0**
**Throwing 0x804677358, in flight exception: 0x804676d88**
**Exception caught by C++: 0**
**2021-12-07 20:57:01.609 sogod[71303:100517] No local time zone
specified.**
**2021-12-07 20:57:01.609 sogod[71303:100517] Using time zone with
absolute offset 0.**
**2021-12-07 20:57:01.608 sogod[71303:100517] File NSDictionary.m: 672.
In -[NSDictionary initWithContentsOfFile:] Contents of file
'/usr/local/etc/sogo/sogo.conf' does not contain a dictionary**
**<0x0x803c925c8[SOGoStartupLogger]> Cannot read configuration from
'/usr/local/etc/sogo/sogo.conf'. Aborting**
**/usr/local/etc/rc.d/sogod: WARNING: failed to start sogod*
Here is the directory :
root@sogo1:/usr/local/etc/sogo # ls -la
total 38
-rw-r--r-- 1 root wheel 3458 Dec 7 16:19 SOGo-Apache.conf
-rw-r--r-- 1 root wheel 3280 Dec 7 13:50 SOGo-Apache.conf.sample
-rw-r--r-- 1 root wheel 2372 Dec 7 13:50 SOGo-apple-ab.Apache.conf
-rw-r--r-- 1 root wheel 2372 Dec 7 13:50
SOGo-apple-ab.Apache.conf.sample
-rw--- 1 sogod sogod 18 Dec 7 13:50 ealarms-notify.creds
-rw--- 1 sogod sogod 18 Dec 7 13:50 ealarms-notify.creds.sample
-rw--- 1 sogod sogod 18 Dec 7 13:50 expire-autoreply.creds
-rw--- 1 sogod sogod 18 Dec 7 13:50 expire-autoreply.creds.sample
-rw-r--r-- 1 sogod sogod 6168 Dec 7 19:58 sogo.conf
-rw-r--r-- 1 root wheel 5132 Dec 7 13:50 sogo.conf.sample
Here is the configuration : (I replaced ip and pass by "X")
SOGoProfileURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_user_profile";
OCSFolderInfoURL =
"mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_folder_info";
OCSSessionsFolderURL =
"mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_sessions_folder";
OCSEMailAlarmsFolderURL =
"mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_alamrs_folder";
OCSStoreURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_store";
OCSAclURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_acl";
OCSCacheFolderURL =
"mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_cache_folder";
OCSQuickAppointment =
"mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_quick_appointment";
OCSQuickContact =
"mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_quick_contact";
/*MYSQL Unicode Complicance*/
MySQL4Encoding = "utf8mb4";
/* Mail */
SOGoDraftsFolderName = Drafts;
SOGoSentFolderName = Sent;
SOGoTrashFolderName = Trash;
SOGoJunkFolderName = Junk;
SOGoIMAPServer = "imaps://X.X.X.X:993";
SOGoSieveServer = "sieve://X.X.X.X:4190";
SOGoSieveFolderEncoding = UTF-8;
SOGoSMTPServer = "smtp://X.X.X.X";
SOGoMailDomain = test.fr;
SOGoMailingMechanism = smtp;
SOGoForceExternalLoginWithEmail = YES;
SOGoMailSpoolPath = /var/spool/sogo;
NGImap4ConnectionStringSeparator = "/";
SOGoMailMessageCheck = every_5_minutes;
SOGoFirstDayOfWeek = 1;
SOGoMailComposeMessageType = "html";
/* Notifications */
SOGoAppointmentSendEMailNotifications = YES;
SOGoACLsSendEMailNotifications = YES;
SOGoFoldersSendEMailNotifications = YES;
/* Authentication */
SOGoPasswordChangeEnabled = YES;
/* Authorize user to connect with domain name */
SOGoEnableDomainBasedUID = YES;
/* LDAP authentication example */
SOGoUserSources = (
{
type = ldap;
CNFieldName = cn;
UIDFieldName = uid;
IDFieldName = mail; // first field of the DN for direct binds
bindFields = (uid, mail); // array of fields to use for indirect
binds
baseDN = "ou=%d,dc=test,dc=fr";
bindDN = "uid=admin,ou=users,dc=test,dc=fr";
bindPassword = X;
canAuthenticate = YES;
filter = "(o='test' AND mail='*' AND status <> 'inactive')";
displayName = "Shared Addresses";
hostname = "ldap://X.X.X.X:389;;
id = public;
isAddressBook = YES;
}
);
SOGoPageTitle = SOGo;
SOGoVacationEnabled = YES;
SOGoForwardEnabled = YES;
SOGoSieveScriptsEnabled = YES;
SOGoMailAuxiliaryUserAccountsEnabled = YES;
SOGoTrustProxyAuthentication = NO;
SOGoXSRFValidationEnabled = NO;
/* General - SOGoTimeZone *MUST* be defined */
SOGoTimeZone = Europe/London;
SOGoLanguage = French;
SOGoCalendarDefaultRoles = (
PublicDAndTViewer,
ConfidentialDAndTViewer
);
//SOGoSuperUsernames = (sogo1, sogo2); // This is an array - keep the
parens!
SxVMemLimit = 384;
WOPidFile = "/var/run/sogo/sogo.pid";
SOGoMemcachedHost =
Re: [SOGo] No local time zone specified
Hello
The error states, that your sogo.conf file is either malformed or not
accessible.
Check access privileges for user sogo and then check sogo.conf with plparse.
Also you should check your locale.
Kind regards,
Christian Mack
Am 07.12.21 um 23:01 schrieb HYVERNAT Philippe (p.hyver...@outlook.fr):
> Hello,
>
> I am a newbie to Sogo and i installed it (v.5.3) on a FreeBSD 13 box via
> port tree.
>
> i configure sogo.conf and when i want to launch the sogod service, here
> is the errors :
>
>
>
> # service sogod onestart
>
> *Starting sogod.**
> **Throwing 0x804676d88, in flight exception: 0**
> **Exception caught by C++: 0**
> **Throwing 0x804677358, in flight exception: 0x804676d88**
> **Exception caught by C++: 0**
> **2021-12-07 20:57:01.609 sogod[71303:100517] No local time zone
> specified.**
> **2021-12-07 20:57:01.609 sogod[71303:100517] Using time zone with
> absolute offset 0.**
> **2021-12-07 20:57:01.608 sogod[71303:100517] File NSDictionary.m: 672.
> In -[NSDictionary initWithContentsOfFile:] Contents of file
> '/usr/local/etc/sogo/sogo.conf' does not contain a dictionary**
> **<0x0x803c925c8[SOGoStartupLogger]> Cannot read configuration from
> '/usr/local/etc/sogo/sogo.conf'. Aborting**
> **/usr/local/etc/rc.d/sogod: WARNING: failed to start sogod*
>
>
>
> Here is the directory :
>
>
> root@sogo1:/usr/local/etc/sogo # ls -la
> total 38
> -rw-r--r-- 1 root wheel 3458 Dec 7 16:19 SOGo-Apache.conf
> -rw-r--r-- 1 root wheel 3280 Dec 7 13:50 SOGo-Apache.conf.sample
> -rw-r--r-- 1 root wheel 2372 Dec 7 13:50 SOGo-apple-ab.Apache.conf
> -rw-r--r-- 1 root wheel 2372 Dec 7 13:50
> SOGo-apple-ab.Apache.conf.sample
> -rw--- 1 sogod sogod 18 Dec 7 13:50 ealarms-notify.creds
> -rw--- 1 sogod sogod 18 Dec 7 13:50 ealarms-notify.creds.sample
> -rw--- 1 sogod sogod 18 Dec 7 13:50 expire-autoreply.creds
> -rw--- 1 sogod sogod 18 Dec 7 13:50 expire-autoreply.creds.sample
> -rw-r--r-- 1 sogod sogod 6168 Dec 7 19:58 sogo.conf
> -rw-r--r-- 1 root wheel 5132 Dec 7 13:50 sogo.conf.sample
>
>
>
> Here is the configuration : (I replaced ip and pass by "X")
>
>
> SOGoProfileURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_user_profile";
> OCSFolderInfoURL =
> "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_folder_info";
> OCSSessionsFolderURL =
> "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_sessions_folder";
> OCSEMailAlarmsFolderURL =
> "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_alamrs_folder";
> OCSStoreURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_store";
> OCSAclURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_acl";
> OCSCacheFolderURL =
> "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_cache_folder";
> OCSQuickAppointment =
> "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_quick_appointment";
> OCSQuickContact =
> "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_quick_contact";
>
> /*MYSQL Unicode Complicance*/
> MySQL4Encoding = "utf8mb4";
>
>
> /* Mail */
> SOGoDraftsFolderName = Drafts;
> SOGoSentFolderName = Sent;
> SOGoTrashFolderName = Trash;
> SOGoJunkFolderName = Junk;
> SOGoIMAPServer = "imaps://X.X.X.X:993";
> SOGoSieveServer = "sieve://X.X.X.X:4190";
> SOGoSieveFolderEncoding = UTF-8;
> SOGoSMTPServer = "smtp://X.X.X.X";
> SOGoMailDomain = test.fr;
> SOGoMailingMechanism = smtp;
> SOGoForceExternalLoginWithEmail = YES;
> SOGoMailSpoolPath = /var/spool/sogo;
> NGImap4ConnectionStringSeparator = "/";
> SOGoMailMessageCheck = every_5_minutes;
> SOGoFirstDayOfWeek = 1;
> SOGoMailComposeMessageType = "html";
>
> /* Notifications */
> SOGoAppointmentSendEMailNotifications = YES;
> SOGoACLsSendEMailNotifications = YES;
> SOGoFoldersSendEMailNotifications = YES;
>
> /* Authentication */
> SOGoPasswordChangeEnabled = YES;
>
> /* Authorize user to connect with domain name */
> SOGoEnableDomainBasedUID = YES;
>
> /* LDAP authentication example */
>
>
> SOGoUserSources = (
> {
> type = ldap;
> CNFieldName = cn;
> UIDFieldName = uid;
> IDFieldName = mail; // first field of the DN for direct binds
> bindFields = (uid, mail); // array of fields to use for indirect
> binds
> baseDN = "ou=%d,dc=test,dc=fr";
> bindDN = "uid=admin,ou=users,dc=test,dc=fr";
> bindPassword = X;
> canAuthenticate = YES;
> filter = "(o='test' AND mail='*' AND status <> 'inactive')";
> displayName = "Shared Addresses";
> hostname = "ldap://X.X.X.X:389;;
> id = public;
> isAddressBook = YES;
> }
> );
>
>
> SOGoPageTitle = SOGo;
> SOGoVacationEnabled = YES;
> SOGoForwardEnabled = YES;
> SOGoSieveScriptsEnabled = YES;
> SOGoMailAuxiliaryUserAccountsEnabled = YES;
> SOGoTrustProxyAuthentication = NO;
> SOGoXSRFValidationEnabled = NO;
>
> /* General - SOGoTimeZone *MUST* be defined */
> SOGoTimeZone = Europe/London;
> SOGoLanguage = French;
> SOGoCalendarDefaultRoles = (
>
