Re: [SOGo] MFA settings
Hello On 08.12.21 22:00, mj (li...@merit.unu.edu) wrote: > Hi Chistian, > > Op 08-12-2021 om 18:17 schreef Christian Mack > (christian.m...@uni-konstanz.de): >> How does the user get its TOTP initializon vector then? >> She/he can not login without it, but can only scan the QR code while >> logged into SOGo ;-) > > Well obviously it would mean: After the admin forces it, on the next > login, those users would be required to setup and activate MFA. > Good point. Like enforcing password changes. You could open an enhancement request for that on https://sogo.nu/bugs/ >> What for? >> Either you want to protect your account with 2FA or not. >> You can use long sessions, therefore only login once a day. > > You could require MFA from WAN, and not require it from LAN/VPN, for > example. That's not unusual. >> But I understand from your replies that you don't see it that way ;-) > Yes, in my opinion that habit is a relict of times, when you could trust your own network and all devices on it. In times of bring-your-own-device and using private Smartphones all the time, this does not apply anymore. Every client can be infected, and should be treated as such. I know, security is annoying. Kind regards, Christian Mack -- Christian Mack Universität Konstanz Kommunikations-, Informations-, Medienzentrum (KIM) Abteilung IT-Dienste Forschung und Lehre 78457 Konstanz +49 7531 88-4416 smime.p7s Description: S/MIME Cryptographic Signature
Re: [SOGo] Connection interface of SOGO not load
Hello Which browser are you using? Did you clean the browsers cache? Kind regards, Christian Mack On 08.12.21 17:57, HYVERNAT Philippe (p.hyver...@outlook.fr) wrote: > Hello, > > i reuse this list because i have another problem when the page og sogo > is loading. It displays only characters on a white font. > > Logs of Apache24, Sogo53,mysql8 are all ok ! > > Somebody can help me ? > > Thanks by advance > > > HYVERNAT Philippe, > > > Nom d'utilisateur person Mot de passe email > language Choisir ... العربية Euskara Български Català 简体中文 正體中文 > Hrvatski Česky Dansk (Danmark) Nederlands English Suomi Français Deutsch > עברית Magyar Íslenska bahasa Indonesia Italiano 日本語 Latviešu Lietuvių > Македонски Crnogorski Norsk bokmål Norsk nynorsk Polski Português > Português brasileiro Română Русский Српски Srpski Slovensky Slovenščina > Español (Argentina) Español (España) Svenska Türkçe (Türkiye) Українська > Cymraeg > Se souvenir de moi > info arrow_forward > Authentification en cours > Code de vérification lock > Saisissez le code de vérification à 6 chiffres de votre application TOTP. > arrow_backward arrow_forward > warning > Bienvenue {{app.cn}} > priority_high > Two-factor authentication has been disabled. Visit the Preferences > module to restore two-factor authentication and reconfigure your TOTP > application. > Continue > watch_later > Votre mot de passe est expiré, veuillez entrer un nouveau mot de passe > Current password Nouveau mot de passe Confirmation > Passwords don't match > Change > warning > Bienvenue {{app.cn}} > priority_high > {{app.errorMessage}} > Changez votre mot de passe Continue > done > Bienvenue {{app.cn}} > done > {{app.errorMessage}} > Continue > error > {{app.errorMessage}} > Réessayer -- Christian Mack Universität Konstanz Kommunikations-, Informations-, Medienzentrum (KIM) Abteilung IT-Dienste Forschung und Lehre 78457 Konstanz +49 7531 88-4416 smime.p7s Description: S/MIME Cryptographic Signature
[SOGo] BTS activities for Wednesday, December 08 2021
Title: BTS activities for Wednesday, December 08 2021 BTS Activities Home page: https://sogo.nu/bugs Project: SOGo For the period covering: Wednesday, December 08 2021 idlast updatestatus (resolution)categorysummary 5354 2021-12-08 13:36:03 updated (open) Backend Calendar Can not edit event in shared calendar on Android despite set permissions 5441 2021-12-08 05:18:24 updated (open) Web Calendar Sorting calendar events - searching for past events function missing -- users@sogo.nuhttps://inverse.ca/sogo/lists
Re: [SOGo] MFA settings
Hi Chistian, Op 08-12-2021 om 18:17 schreef Christian Mack (christian.m...@uni-konstanz.de): How does the user get its TOTP initializon vector then? She/he can not login without it, but can only scan the QR code while logged into SOGo ;-) Well obviously it would mean: After the admin forces it, on the next login, those users would be required to setup and activate MFA. What for? Either you want to protect your account with 2FA or not. You can use long sessions, therefore only login once a day. You could require MFA from WAN, and not require it from LAN/VPN, for example. That's not unusual. But I understand from your replies that you don't see it that way ;-) Thanks! MJ -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] openLDAP and groups ACLs not working
Hello, here is the debug with LDAPDebugEnabled and SOGODebugRequest enabled. it seems to look for the members of the group, but at the end it seems only to subscribe the group ("subscribeUsers?uids=testposixgro...@mydomain.net"), not the members themselves. Is that the reason? When I subscribe a user (not a group), I see the correct subscribeusers?uids=it5@MYDOMAIN...) kind regards Dec 08 13:32:51 sogod [599764]: |SOGo| starting method 'GET' on uri '/SOGo/so/postmas...@mydomain.net/Calendar/924D3-61B0F880-1-39D7A0C0/acls' Dec 08 13:32:51 sogod [599764]: |SOGo| request took 0.003679 seconds to execute Dec 08 13:32:51 sogod [599764]: 141.94.27.175 "GET /SOGo/so/postmas...@mydomain.net/Calendar/924D3-61B0F880-1-39D7A0C0/acls HTTP/1.0" 200 115/0 0.005 - - 0 - 16 Dec 08 13:32:52 sogod [599764]: |SOGo| starting method 'GET' on uri '/SOGo/so/postmas...@mydomain.net/Calendar/924D3-61B0F880-1-39D7A0C0/UIxAclEditor' Dec 08 13:32:52 sogod [599764]: |SOGo| request took 0.002767 seconds to execute Dec 08 13:32:52 sogod [599764]: 141.94.27.175 "GET /SOGo/so/postmas...@mydomain.net/Calendar/924D3-61B0F880-1-39D7A0C0/UIxAclEditor HTTP/1.0" 200 1464/0 0.004 4277 65% 0 - 16 Dec 08 13:32:56 sogod [599764]: |SOGo| starting method 'GET' on uri '/SOGo/so/postmas...@mydomain.net/usersSearch?search=posi' Dec 08 13:32:56 sogod [599764]: <0x0x5621b6747f30[NGLdapConnection]> Using ldap_initialize for LDAP URL: ldap://127.0.0.1:389 2021-12-08 13:32:56.006 sogod[599764:599764] -[NGLdapConnection _searchAtBaseDN:qualifier:attributes:scope:]: search at base 'domainname=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net' filter '(&(|(sn=*posi*)(displayname=*posi*)(cn=*posi*)(mail=*posi*)(telephonenumber=*posi*))(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=sogo))' for attrs '*' Dec 08 13:32:56 sogod [599764]: <0x0x5621b67b3dd0[NGLdapConnection]> Using ldap_initialize for LDAP URL: ldap://127.0.0.1:389 2021-12-08 13:32:56.008 sogod[599764:599764] -[NGLdapConnection _searchAtBaseDN:qualifier:attributes:scope:]: search at base 'domainname=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net' filter '(|(&(|(sn=*posi*)(displayname=*posi*)(cn=*posi*)(mail=*posi*)(telephonenumber=*posi*))(objectClass=posixGroup))(objectClass=groupOfNames))' for attrs '*' Dec 08 13:32:56 sogod [599764]: |SOGo| request took 0.008024 seconds to execute Dec 08 13:32:56 sogod [599764]: 141.94.27.175 "GET /SOGo/so/postmas...@mydomain.net/usersSearch?search=posi HTTP/1.0" 200 340/0 0.010 - - 0 - 16 Dec 08 13:33:02 sogod [599764]: |SOGo| starting method 'GET' on uri '/SOGo/so/postmas...@mydomain.net/usersSearch?search=posi' Dec 08 13:33:02 sogod [599764]: <0x0x5621b67ba0e0[NGLdapConnection]> Using ldap_initialize for LDAP URL: ldap://127.0.0.1:389 2021-12-08 13:33:02.696 sogod[599764:599764] -[NGLdapConnection _searchAtBaseDN:qualifier:attributes:scope:]: search at base 'domainname=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net' filter '(&(|(sn=*posi*)(displayname=*posi*)(cn=*posi*)(mail=*posi*)(telephonenumber=*posi*))(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=sogo))' for attrs '*' Dec 08 13:33:02 sogod [599764]: <0x0x5621b682dd70[NGLdapConnection]> Using ldap_initialize for LDAP URL: ldap://127.0.0.1:389 2021-12-08 13:33:02.698 sogod[599764:599764] -[NGLdapConnection _searchAtBaseDN:qualifier:attributes:scope:]: search at base 'domainname=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net' filter '(|(&(|(sn=*posi*)(displayname=*posi*)(cn=*posi*)(mail=*posi*)(telephonenumber=*posi*))(objectClass=posixGroup))(objectClass=groupOfNames))' for attrs '*' Dec 08 13:33:02 sogod [599764]: |SOGo| request took 0.008022 seconds to execute Dec 08 13:33:02 sogod [599764]: 141.94.27.175 "GET /SOGo/so/postmas...@mydomain.net/usersSearch?search=posi HTTP/1.0" 200 340/0 0.009 - - 0 - 16 Dec 08 13:33:02 sogod [599764]: |SOGo| starting method 'GET' on uri '/SOGo/so/postmas...@mydomain.net/Calendar/924D3-61B0F880-1-39D7A0C0/addUserInAcls?uid=testposixgro...@mydomain.net' Dec 08 13:33:02 sogod [599764]: <0x0x5621b69ee5c0[NGLdapConnection]> Using ldap_initialize for LDAP URL: ldap://127.0.0.1:389 2021-12-08 13:33:02.732 sogod[599764:599764] -[NGLdapConnection _searchAtBaseDN:qualifier:attributes:scope:]: search at base 'domainname=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net' filter '(&(|(mail=testposixgro...@mydomain.net)(mail=testposixgro...@mydomain.net))(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=sogo))' for attrs '*' Dec 08 13:33:02 sogod [599764]:
[SOGo] Connection interface of SOGO not load
Hello, i reuse this list because i have another problem when the page og sogo is loading. It displays only characters on a white font. Logs of Apache24, Sogo53,mysql8 are all ok ! Somebody can help me ? Thanks by advance HYVERNAT Philippe, Nom d'utilisateur person Mot de passe email language Choisir ... العربية Euskara Български Català 简体中文 正體中文 Hrvatski Česky Dansk (Danmark) Nederlands English Suomi Français Deutsch עברית Magyar Íslenska bahasa Indonesia Italiano 日本語 Latviešu Lietuvių Македонски Crnogorski Norsk bokmål Norsk nynorsk Polski Português Português brasileiro Română Русский Српски Srpski Slovensky Slovenščina Español (Argentina) Español (España) Svenska Türkçe (Türkiye) Українська Cymraeg Se souvenir de moi info arrow_forward Authentification en cours Code de vérification lock Saisissez le code de vérification à 6 chiffres de votre application TOTP. arrow_backward arrow_forward warning Bienvenue {{app.cn}} priority_high Two-factor authentication has been disabled. Visit the Preferences module to restore two-factor authentication and reconfigure your TOTP application. Continue watch_later Votre mot de passe est expiré, veuillez entrer un nouveau mot de passe Current password Nouveau mot de passe Confirmation Passwords don't match Change warning Bienvenue {{app.cn}} priority_high {{app.errorMessage}} Changez votre mot de passe Continue done Bienvenue {{app.cn}} done {{app.errorMessage}} Continue error {{app.errorMessage}} Réessayer -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] No local time zone specified
Hello, Thanks for your answer, in fact it was a parse error in the conf file. The log isn't very explicit... i forget to put double cotes to the bind password Nothing in relation with the TimeZone... Thanks Le 08/12/2021 à 08:55, mj (li...@merit.unu.edu) a écrit : Hi, Just a thought: are you sure your /usr/local/etc/sogo/sogo.conf is formatted correctly? I have used "plparse /usr/local/etc/sogo/sogo.conf" in the past to make sure is did not get corrupted. MJ Op 07-12-2021 om 23:01 schreef HYVERNAT Philippe (p.hyver...@outlook.fr): Hello, I am a newbie to Sogo and i installed it (v.5.3) on a FreeBSD 13 box via port tree. i configure sogo.conf and when i want to launch the sogod service, here is the errors : # service sogod onestart *Starting sogod.** **Throwing 0x804676d88, in flight exception: 0** **Exception caught by C++: 0** **Throwing 0x804677358, in flight exception: 0x804676d88** **Exception caught by C++: 0** **2021-12-07 20:57:01.609 sogod[71303:100517] No local time zone specified.** **2021-12-07 20:57:01.609 sogod[71303:100517] Using time zone with absolute offset 0.** **2021-12-07 20:57:01.608 sogod[71303:100517] File NSDictionary.m: 672. In -[NSDictionary initWithContentsOfFile:] Contents of file '/usr/local/etc/sogo/sogo.conf' does not contain a dictionary** **<0x0x803c925c8[SOGoStartupLogger]> Cannot read configuration from '/usr/local/etc/sogo/sogo.conf'. Aborting** **/usr/local/etc/rc.d/sogod: WARNING: failed to start sogod* Here is the directory : root@sogo1:/usr/local/etc/sogo # ls -la total 38 -rw-r--r-- 1 root wheel 3458 Dec 7 16:19 SOGo-Apache.conf -rw-r--r-- 1 root wheel 3280 Dec 7 13:50 SOGo-Apache.conf.sample -rw-r--r-- 1 root wheel 2372 Dec 7 13:50 SOGo-apple-ab.Apache.conf -rw-r--r-- 1 root wheel 2372 Dec 7 13:50 SOGo-apple-ab.Apache.conf.sample -rw--- 1 sogod sogod 18 Dec 7 13:50 ealarms-notify.creds -rw--- 1 sogod sogod 18 Dec 7 13:50 ealarms-notify.creds.sample -rw--- 1 sogod sogod 18 Dec 7 13:50 expire-autoreply.creds -rw--- 1 sogod sogod 18 Dec 7 13:50 expire-autoreply.creds.sample -rw-r--r-- 1 sogod sogod 6168 Dec 7 19:58 sogo.conf -rw-r--r-- 1 root wheel 5132 Dec 7 13:50 sogo.conf.sample Here is the configuration : (I replaced ip and pass by "X") SOGoProfileURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_user_profile"; OCSFolderInfoURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_folder_info"; OCSSessionsFolderURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_sessions_folder"; OCSEMailAlarmsFolderURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_alamrs_folder"; OCSStoreURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_store"; OCSAclURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_acl"; OCSCacheFolderURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_cache_folder"; OCSQuickAppointment = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_quick_appointment"; OCSQuickContact = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_quick_contact"; /*MYSQL Unicode Complicance*/ MySQL4Encoding = "utf8mb4"; /* Mail */ SOGoDraftsFolderName = Drafts; SOGoSentFolderName = Sent; SOGoTrashFolderName = Trash; SOGoJunkFolderName = Junk; SOGoIMAPServer = "imaps://X.X.X.X:993"; SOGoSieveServer = "sieve://X.X.X.X:4190"; SOGoSieveFolderEncoding = UTF-8; SOGoSMTPServer = "smtp://X.X.X.X"; SOGoMailDomain = test.fr; SOGoMailingMechanism = smtp; SOGoForceExternalLoginWithEmail = YES; SOGoMailSpoolPath = /var/spool/sogo; NGImap4ConnectionStringSeparator = "/"; SOGoMailMessageCheck = every_5_minutes; SOGoFirstDayOfWeek = 1; SOGoMailComposeMessageType = "html"; /* Notifications */ SOGoAppointmentSendEMailNotifications = YES; SOGoACLsSendEMailNotifications = YES; SOGoFoldersSendEMailNotifications = YES; /* Authentication */ SOGoPasswordChangeEnabled = YES; /* Authorize user to connect with domain name */ SOGoEnableDomainBasedUID = YES; /* LDAP authentication example */ SOGoUserSources = ( { type = ldap; CNFieldName = cn; UIDFieldName = uid; IDFieldName = mail; // first field of the DN for direct binds bindFields = (uid, mail); // array of fields to use for indirect binds baseDN = "ou=%d,dc=test,dc=fr"; bindDN = "uid=admin,ou=users,dc=test,dc=fr"; bindPassword = X; canAuthenticate = YES; filter = "(o='test' AND mail='*' AND status <> 'inactive')"; displayName = "Shared Addresses"; hostname = "ldap://X.X.X.X:389;; id = public; isAddressBook = YES; } ); SOGoPageTitle = SOGo; SOGoVacationEnabled = YES; SOGoForwardEnabled = YES; SOGoSieveScriptsEnabled = YES; SOGoMailAuxiliaryUserAccountsEnabled = YES; SOGoTrustProxyAuthentication = NO; SOGoXSRFValidationEnabled = NO; /* General - SOGoTimeZone *MUST* be defined */ SOGoTimeZone = Europe/London;
Re: [SOGo] MFA settings
Hello Am 08.12.21 um 09:19 schrieb mj (li...@merit.unu.edu): > Hi, > > We are looking at the MFA settings in SOGo, and it seems to work fine. > > However, it seems a bit basic: you can only turn it on and off yourself > for your own account. Unless we miss something? > > Are there also settings like: > > - admin forced mandatory MFA for all or specific users? How does the user get its TOTP initializon vector then? She/he can not login without it, but can only scan the QR code while logged into SOGo ;-) > - define 'trusted' IP ranges that are excluded from MFA? > What for? Either you want to protect your account with 2FA or not. You can use long sessions, therefore only login once a day. > I've searched the docs on > https://www.sogo.nu/files/docs/SOGoInstallationGuide.html but it doesn't > mention any config for MFA. > Correct, there are none. Kind regards, Christian Mack -- Christian Mack Universität Konstanz Kommunikations-, Informations-, Medienzentrum (KIM) Abteilung IT-Dienste Forschung und Lehre 78457 Konstanz +49 7531 88-4416 smime.p7s Description: S/MIME Cryptographic Signature
[SOGo] openLDAP and groups ACLs not working
Dear SOGo community, I've installed SOGo 5.3.0 (@shiva2.inverse 202112070624) with iRedmail-OpenLDAP, and I'm trying to get LDAP groups working (we already use SOGo in combination with Active Directory and groups work perfectly) - however, we are moving our mail + SOGo away from AD. So far, groups show up in SOGo for e.g. a resource to be shared with. There is no error message in sogo.log. However, group members are not subscribed, nor do they see the shared resource when searching for resources of the sharer. I suspect it is a mapping issue between how iRedmail identifies "users"/mailboxes (mail=), and how SOGo can identify them by the memberuid/member attribute (uid=, or cn= instead of mail=... ?). So something is missing here. Ideally, I can manage group ACLs without touching the attributes of the iRedmail mailboxes/users, so in case of updates/LDAP changes, the group memberships stay active. E.g. by using posixGroup or groupOfNames objectClasses. A) This is the SOGoUserSources to get the groups: { // Used for groups type = ldap; id = groups; canAuthenticate = YES; isAddressBook = NO; displayName = "LDAP Authentication"; hostname = "ldap://127.0.0.1:389"; baseDN = "ou=Groups,domainName=%d,o=domains,dc=MYDOMAIN,dc=net"; bindDN = "cn=vmail,dc=MYDOMAIN,dc=net"; bindPassword = ""; filter = "objectClass=posixGroup OR objectClass=groupOfNames"; #scope = SUB; // always keep binding to the LDAP server using the DN of the // currently authenticated user. bindDN and bindPassword are still // required to find DN of the user. // Note: with default LDAP acl configured by iRedMail, user doesn't // have privilege to query o=domains,dc=MYDOMAIN,dc=net. // so this doesn't work. bindAsCurrentUser = YES; mapping = { uid = ("mail"); }; // The algorithm used for password encryption when changing // passwords without Password Policies enabled. // Possible values are: plain, crypt, md5-crypt, ssha, ssha512. userPasswordAlgorithm = ssha512; #GroupObjectClasses = (posixGroup); CNFieldName = cn; IDFieldName = cn; // value of UIDFieldName must be unique on entire server UIDFieldName = cn; } B) these are example 2 LDAP groups which show up in SOGo as groups, but resources are not shared to the members of those groups: # Entry 1 (posixGroup) dn: cn=posix6,ou=Groups,domainName=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net cn: posix6 gidnumber: 500 mail: posix6 memberuid: it6 memberuid: mail=i...@mydomain.net,ou=Users,domainName=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net memberuid: cn=i...@mydomain.net,ou=Users,domainName=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net objectclass: posixGroup objectclass: top # Entry 1: groupOfNames dn: cn=grpnames2@localhost,ou=Groups,domainName=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net cn: grpnames2@localhost member: cn=i...@mydomain.net,ou=Users,domainName=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net member: cn=i...@mydomain.net,ou=Users,domainName=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net objectclass: groupOfNames objectclass: top C) this is how a mailbox/user is identified in iRedmail: # Entry 1: mail=i...@mydomain.net,ou=Users,domainName=MYDOMAIN dn: mail=i...@mydomain.net,ou=Users,domainName=MYDOMAIN.net,o=domains,dc=MYDOMAIN,dc=net accountstatus: active amavislocal: TRUE cn: IT6 enabledservice: sogo enabledservice: imap enabledservice: sievetls enabledservice: sievesecured enabledservice: lmtp enabledservice: dsync enabledservice: shadowaddress enabledservice: indexer-worker enabledservice: sieve enabledservice: imaptls enabledservice: senderbcc enabledservice: managesievesecured enabledservice: deliver enabledservice: recipientbcc enabledservice: mail enabledservice: smtpsecured enabledservice: lib-storage enabledservice: sogoactivesync enabledservice: smtp enabledservice: sogowebmail enabledservice: smtptls enabledservice: lda enabledservice: displayedInGlobalAddressBook enabledservice: imapsecured enabledservice: doveadm enabledservice: forward enabledservice: quota-status enabledservice: sogocalendar enabledservice: managesievetls enabledservice: internal enabledservice: managesieve homedirectory: /var/vmail/vmail1/MYDOMAIN.net/i/t/6/it6-2021. 12.08.15.26.38/ mail: i...@mydomain.net mailboxfolder: Maildir mailboxformat: maildir mailquota: 5368709120 objectclass: inetOrgPerson objectclass:
Re: [SOGo] No local time zone specified
On Tue, Dec 07, 2021 at 11:01:06PM +0100, HYVERNAT Philippe wrote: > **2021-12-07 20:57:01.609 sogod[71303:100517] No local time zone > specified.** > **2021-12-07 20:57:01.609 sogod[71303:100517] Using time zone with absolute > offset 0.** Beyond the unexpected /usr/local/etc/sogo/sogo.conf content, note that current release of GNUstep base libraries do not cope with timezone files v2+. I contributed code to support v2 and v3, but it will only be released in upcoming GNUstep Base 1.29.0. If your system has v2 TZ files (file(1) can tell you), you will need to replace it by a v1 file from an older FreeBSD release. -- Emmanuel Dreyfus m...@netbsd.org -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] MFA settings
Hi, We are looking at the MFA settings in SOGo, and it seems to work fine. However, it seems a bit basic: you can only turn it on and off yourself for your own account. Unless we miss something? Are there also settings like: - admin forced mandatory MFA for all or specific users? - define 'trusted' IP ranges that are excluded from MFA? I've searched the docs on https://www.sogo.nu/files/docs/SOGoInstallationGuide.html but it doesn't mention any config for MFA. Thanks, MJ -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] No local time zone specified
Hi, Just a thought: are you sure your /usr/local/etc/sogo/sogo.conf is formatted correctly? I have used "plparse /usr/local/etc/sogo/sogo.conf" in the past to make sure is did not get corrupted. MJ Op 07-12-2021 om 23:01 schreef HYVERNAT Philippe (p.hyver...@outlook.fr): Hello, I am a newbie to Sogo and i installed it (v.5.3) on a FreeBSD 13 box via port tree. i configure sogo.conf and when i want to launch the sogod service, here is the errors : # service sogod onestart *Starting sogod.** **Throwing 0x804676d88, in flight exception: 0** **Exception caught by C++: 0** **Throwing 0x804677358, in flight exception: 0x804676d88** **Exception caught by C++: 0** **2021-12-07 20:57:01.609 sogod[71303:100517] No local time zone specified.** **2021-12-07 20:57:01.609 sogod[71303:100517] Using time zone with absolute offset 0.** **2021-12-07 20:57:01.608 sogod[71303:100517] File NSDictionary.m: 672. In -[NSDictionary initWithContentsOfFile:] Contents of file '/usr/local/etc/sogo/sogo.conf' does not contain a dictionary** **<0x0x803c925c8[SOGoStartupLogger]> Cannot read configuration from '/usr/local/etc/sogo/sogo.conf'. Aborting** **/usr/local/etc/rc.d/sogod: WARNING: failed to start sogod* Here is the directory : root@sogo1:/usr/local/etc/sogo # ls -la total 38 -rw-r--r-- 1 root wheel 3458 Dec 7 16:19 SOGo-Apache.conf -rw-r--r-- 1 root wheel 3280 Dec 7 13:50 SOGo-Apache.conf.sample -rw-r--r-- 1 root wheel 2372 Dec 7 13:50 SOGo-apple-ab.Apache.conf -rw-r--r-- 1 root wheel 2372 Dec 7 13:50 SOGo-apple-ab.Apache.conf.sample -rw--- 1 sogod sogod 18 Dec 7 13:50 ealarms-notify.creds -rw--- 1 sogod sogod 18 Dec 7 13:50 ealarms-notify.creds.sample -rw--- 1 sogod sogod 18 Dec 7 13:50 expire-autoreply.creds -rw--- 1 sogod sogod 18 Dec 7 13:50 expire-autoreply.creds.sample -rw-r--r-- 1 sogod sogod 6168 Dec 7 19:58 sogo.conf -rw-r--r-- 1 root wheel 5132 Dec 7 13:50 sogo.conf.sample Here is the configuration : (I replaced ip and pass by "X") SOGoProfileURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_user_profile"; OCSFolderInfoURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_folder_info"; OCSSessionsFolderURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_sessions_folder"; OCSEMailAlarmsFolderURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_alamrs_folder"; OCSStoreURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_store"; OCSAclURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_acl"; OCSCacheFolderURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_cache_folder"; OCSQuickAppointment = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_quick_appointment"; OCSQuickContact = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_quick_contact"; /*MYSQL Unicode Complicance*/ MySQL4Encoding = "utf8mb4"; /* Mail */ SOGoDraftsFolderName = Drafts; SOGoSentFolderName = Sent; SOGoTrashFolderName = Trash; SOGoJunkFolderName = Junk; SOGoIMAPServer = "imaps://X.X.X.X:993"; SOGoSieveServer = "sieve://X.X.X.X:4190"; SOGoSieveFolderEncoding = UTF-8; SOGoSMTPServer = "smtp://X.X.X.X"; SOGoMailDomain = test.fr; SOGoMailingMechanism = smtp; SOGoForceExternalLoginWithEmail = YES; SOGoMailSpoolPath = /var/spool/sogo; NGImap4ConnectionStringSeparator = "/"; SOGoMailMessageCheck = every_5_minutes; SOGoFirstDayOfWeek = 1; SOGoMailComposeMessageType = "html"; /* Notifications */ SOGoAppointmentSendEMailNotifications = YES; SOGoACLsSendEMailNotifications = YES; SOGoFoldersSendEMailNotifications = YES; /* Authentication */ SOGoPasswordChangeEnabled = YES; /* Authorize user to connect with domain name */ SOGoEnableDomainBasedUID = YES; /* LDAP authentication example */ SOGoUserSources = ( { type = ldap; CNFieldName = cn; UIDFieldName = uid; IDFieldName = mail; // first field of the DN for direct binds bindFields = (uid, mail); // array of fields to use for indirect binds baseDN = "ou=%d,dc=test,dc=fr"; bindDN = "uid=admin,ou=users,dc=test,dc=fr"; bindPassword = X; canAuthenticate = YES; filter = "(o='test' AND mail='*' AND status <> 'inactive')"; displayName = "Shared Addresses"; hostname = "ldap://X.X.X.X:389;; id = public; isAddressBook = YES; } ); SOGoPageTitle = SOGo; SOGoVacationEnabled = YES; SOGoForwardEnabled = YES; SOGoSieveScriptsEnabled = YES; SOGoMailAuxiliaryUserAccountsEnabled = YES; SOGoTrustProxyAuthentication = NO; SOGoXSRFValidationEnabled = NO; /* General - SOGoTimeZone *MUST* be defined */ SOGoTimeZone = Europe/London; SOGoLanguage = French; SOGoCalendarDefaultRoles = ( PublicDAndTViewer, ConfidentialDAndTViewer ); //SOGoSuperUsernames = (sogo1, sogo2); // This is an array - keep the parens! SxVMemLimit = 384; WOPidFile = "/var/run/sogo/sogo.pid"; SOGoMemcachedHost =
Re: [SOGo] No local time zone specified
Hello The error states, that your sogo.conf file is either malformed or not accessible. Check access privileges for user sogo and then check sogo.conf with plparse. Also you should check your locale. Kind regards, Christian Mack Am 07.12.21 um 23:01 schrieb HYVERNAT Philippe (p.hyver...@outlook.fr): > Hello, > > I am a newbie to Sogo and i installed it (v.5.3) on a FreeBSD 13 box via > port tree. > > i configure sogo.conf and when i want to launch the sogod service, here > is the errors : > > > > # service sogod onestart > > *Starting sogod.** > **Throwing 0x804676d88, in flight exception: 0** > **Exception caught by C++: 0** > **Throwing 0x804677358, in flight exception: 0x804676d88** > **Exception caught by C++: 0** > **2021-12-07 20:57:01.609 sogod[71303:100517] No local time zone > specified.** > **2021-12-07 20:57:01.609 sogod[71303:100517] Using time zone with > absolute offset 0.** > **2021-12-07 20:57:01.608 sogod[71303:100517] File NSDictionary.m: 672. > In -[NSDictionary initWithContentsOfFile:] Contents of file > '/usr/local/etc/sogo/sogo.conf' does not contain a dictionary** > **<0x0x803c925c8[SOGoStartupLogger]> Cannot read configuration from > '/usr/local/etc/sogo/sogo.conf'. Aborting** > **/usr/local/etc/rc.d/sogod: WARNING: failed to start sogod* > > > > Here is the directory : > > > root@sogo1:/usr/local/etc/sogo # ls -la > total 38 > -rw-r--r-- 1 root wheel 3458 Dec 7 16:19 SOGo-Apache.conf > -rw-r--r-- 1 root wheel 3280 Dec 7 13:50 SOGo-Apache.conf.sample > -rw-r--r-- 1 root wheel 2372 Dec 7 13:50 SOGo-apple-ab.Apache.conf > -rw-r--r-- 1 root wheel 2372 Dec 7 13:50 > SOGo-apple-ab.Apache.conf.sample > -rw--- 1 sogod sogod 18 Dec 7 13:50 ealarms-notify.creds > -rw--- 1 sogod sogod 18 Dec 7 13:50 ealarms-notify.creds.sample > -rw--- 1 sogod sogod 18 Dec 7 13:50 expire-autoreply.creds > -rw--- 1 sogod sogod 18 Dec 7 13:50 expire-autoreply.creds.sample > -rw-r--r-- 1 sogod sogod 6168 Dec 7 19:58 sogo.conf > -rw-r--r-- 1 root wheel 5132 Dec 7 13:50 sogo.conf.sample > > > > Here is the configuration : (I replaced ip and pass by "X") > > > SOGoProfileURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_user_profile"; > OCSFolderInfoURL = > "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_folder_info"; > OCSSessionsFolderURL = > "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_sessions_folder"; > OCSEMailAlarmsFolderURL = > "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_alamrs_folder"; > OCSStoreURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_store"; > OCSAclURL = "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_acl"; > OCSCacheFolderURL = > "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_cache_folder"; > OCSQuickAppointment = > "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_quick_appointment"; > OCSQuickContact = > "mysql://sogo:sogo@X.X.X.X:3306/sogo/sogo_quick_contact"; > > /*MYSQL Unicode Complicance*/ > MySQL4Encoding = "utf8mb4"; > > > /* Mail */ > SOGoDraftsFolderName = Drafts; > SOGoSentFolderName = Sent; > SOGoTrashFolderName = Trash; > SOGoJunkFolderName = Junk; > SOGoIMAPServer = "imaps://X.X.X.X:993"; > SOGoSieveServer = "sieve://X.X.X.X:4190"; > SOGoSieveFolderEncoding = UTF-8; > SOGoSMTPServer = "smtp://X.X.X.X"; > SOGoMailDomain = test.fr; > SOGoMailingMechanism = smtp; > SOGoForceExternalLoginWithEmail = YES; > SOGoMailSpoolPath = /var/spool/sogo; > NGImap4ConnectionStringSeparator = "/"; > SOGoMailMessageCheck = every_5_minutes; > SOGoFirstDayOfWeek = 1; > SOGoMailComposeMessageType = "html"; > > /* Notifications */ > SOGoAppointmentSendEMailNotifications = YES; > SOGoACLsSendEMailNotifications = YES; > SOGoFoldersSendEMailNotifications = YES; > > /* Authentication */ > SOGoPasswordChangeEnabled = YES; > > /* Authorize user to connect with domain name */ > SOGoEnableDomainBasedUID = YES; > > /* LDAP authentication example */ > > > SOGoUserSources = ( > { > type = ldap; > CNFieldName = cn; > UIDFieldName = uid; > IDFieldName = mail; // first field of the DN for direct binds > bindFields = (uid, mail); // array of fields to use for indirect > binds > baseDN = "ou=%d,dc=test,dc=fr"; > bindDN = "uid=admin,ou=users,dc=test,dc=fr"; > bindPassword = X; > canAuthenticate = YES; > filter = "(o='test' AND mail='*' AND status <> 'inactive')"; > displayName = "Shared Addresses"; > hostname = "ldap://X.X.X.X:389;; > id = public; > isAddressBook = YES; > } > ); > > > SOGoPageTitle = SOGo; > SOGoVacationEnabled = YES; > SOGoForwardEnabled = YES; > SOGoSieveScriptsEnabled = YES; > SOGoMailAuxiliaryUserAccountsEnabled = YES; > SOGoTrustProxyAuthentication = NO; > SOGoXSRFValidationEnabled = NO; > > /* General - SOGoTimeZone *MUST* be defined */ > SOGoTimeZone = Europe/London; > SOGoLanguage = French; > SOGoCalendarDefaultRoles = ( >