[SOGo] BTS activities for Monday, February 05 2024

2024-02-05 Thread SOGo reporter 
Title: BTS activities for Monday, February 05 2024





  
BTS Activities

  Home page: https://bugs.sogo.nu
  Project: SOGo
  For the period covering: Monday, February 05 2024

  
  
idlast updatestatus (resolution)categorysummary
	
	
	  
	
5830
	2024-02-05 12:14:08
	updated (open)
	with SOGo
	In Thunderbird + SOGo Caldav calendar, recurring event schedule is not updated as expected
	
	  
	
5877
	2024-02-05 14:44:02
	assigned (open)
	Web Mail
	Unremovable Attachments When Forwarding and Replying to Emails
	
	  
	
5918
	2024-02-05 21:35:53
	assigned (open)
	with SOGo
	Problem update

AW: [SOGo] Activesync Error

2024-02-05 Thread "Raoul Schroeder" 
Hi Rob,

 

Yeah, that makes sense. Not too familiar with reverse proxy setups myself, but 
this page struck me as helpful:

 

https://serverfault.com/questions/1105912/apache-2-4-reverse-proxy-forward-credentials-basic-auth

 

 

 

Von: users-requ...@sogo.nu  Im Auftrag von "Robert 
Himics"
Gesendet: Montag, 5. Februar 2024 03:39
An: users@sogo.nu
Cc: r...@himicsfamily.com
Betreff: RE: [SOGo] Activesync Error

 

Thanks for the Help So Far - I believe I'm getting very close to having 
ActiveSync working. I have validated the apache sogo.conf File on My internal 
SOGo Groupware Server with what Raoul Schroeder Provided

As a Recap -- This is what I have 

Internet Facing Server Apache 2.4 which Proxies to a separate SOGo groupware 
server. (I intend to have a few Different Domains Connecting to the Internal 
SOGo Groupware

This is what I see in the Apache Log File

101.11.11.179 - - [04/Feb/2024:21:05:31 -0500] "OPTIONS 
/Microsoft-Server-ActiveSync/ HTTP/1.1" 401 381
[Sun Feb 04 21:05:31.249762 2024] [authn_file:error] [pid 8073:tid 8242] 
[client 101.11.11.179:48450] AH01619: AuthUserFile not specified in the 
configuration
101.11.11.179 -   u...@domain.com [04/Feb/2024:21:05:31 
-0500] "OPTIONS /Microsoft-Server-ActiveSync/ HTTP/1.1" 500 533

I believe I'm having an issue with the validation of the user credential the 
Internal Apache Server is Blocking the access and It's not getting to the 
Internal SOGo Groupware Server

Green Highlighted Section may be the issue 

Below are the Two Apache Server's configuration files for SOGo

==

Internet Facing Apache 2.4 Server has the Following:

==

RequestHeader set "x-webobjects-server-port" "443"

RequestHeader set "x-webobjects-server-name" "katherineangela.com"
RequestHeader set "x-webobjects-server-url" "  
http://katherineangela.com;

## Proxy Additions to enable access to Internal Mail Svr Web Client (SOGo)

Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
Header set Pragma "no-cache"

SetEnv proxy-nokeepalive 1
#SetEnv proxy-initial-not-pooled 1

SSLProxyEngine On
ProxyRequests Off
ProxyPreserveHost On
ProxyTimeout 720
ProxyVia Full

SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off

CheckSpelling on

RequestHeader edit Transfer-Encoding Chunked chunked early
RequestHeader unset Accept-Encoding

 


   ProxyPass   
https://vmailsvrint.domain.net/Microsoft-Server-ActiveSync acquire=3000 
retry=60 connectiontimeout=600 timeout=4000
   ProxyPassReverse  
 
https://vmailsvrint.domain.net/Microsoft-Server-ActiveSync
   SSLRequireSSL
   AllowMethods GET POST OPTIONS

   #Require all granted  ## May Not be needed
   Header setifempty MS-Server-ActiveSync "2.5,12.0,12.1,14.0,14.1"
   Header setifempty MS-ASProtocolVersions "2.5,12.0,12.1,14.0,14.1"

   
 RequestHeader set "x-webobjects-server-port" "443"
 SetEnvIf Host (.*) HTTP_HOST=$1
 RequestHeader set "x-webobjects-server-name" "%{HTTP_HOST}e" 
env=HTTP_HOST
 RequestHeader set "x-webobjects-server-url" " 
 https://%{HTTP_HOST}e; env=HTTP_HOST

 RequestHeader unset "x-webobjects-remote-user"

 RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
   



==

Internal Apache 2.4 Server has the Following:

==

Alias /SOGo.woa/WebServerResources/ \
  /usr/lib64/GNUstep/SOGo/WebServerResources/
Alias /SOGo/WebServerResources/ \
  /usr/lib64/GNUstep/SOGo/WebServerResources/


AllowOverride None


Order deny,allow
Allow from all

= 2.4>
Require all granted


# Explicitly allow caching of static content to avoid browser specific 
behavior.
# A resource's URL MUST change in order to have the client load the new 
version.

  ExpiresActive On
  ExpiresDefault "access plus 1 year"



# Don't send the Referer header for cross-origin requests
Header always set Referrer-Policy "same-origin"


  # Don't cache dynamic content
  Header set Cache-Control "max-age=0, no-cache, no-store"


## Uncomment the following to enable proxy-side authentication, you will then
## need to set the "SOGoTrustProxyAuthentication" SOGo user default to YES and
## adjust the "x-webobjects-remote-user" proxy header in the "Proxy" section
## below.
#
## For full proxy-side authentication:
#
#  AuthName "SOGo"
#