Re: [SOGo] SOGo v5.10.0 integration with Windows Server 2016 based domain
Am 07.05.2024 um 16:40:58 Uhr schrieb Roman: > and also, if I run the command from a Linux machine: > ldapsearch -H ldap://home.arpa:389 -D "us...@home.arpa" -w > "Lenovo777" -b "DC=home,DC=arpa". > then I get a correct response, so it is probably correct. Can you check the logs at the Windows Server and check for the difference? -- kind regards Marco Send unsolicited bulk mail to 1715092858mu...@cartoonies.org
Re: [SOGo] SOGo v5.10.0 integration with Windows Server 2016 based domain
If I run the command "dsquery user -name * -limit 0" on a domain controller, I get the following output: PS C:\Users\Administrator\Desktop> dsquery user -name * -limit 0"CN=Administrator,CN=Users,DC=home,DC=arpa.""CN=Guest,CN=Users,DC=home,DC=arpa.""CN=DefaultAccount,CN=Users,DC=home,DC=arpa.""CN=krbtgt,CN=Users,DC=home,DC=arpa.""CN=user1,CN=Users,DC=home,DC=arpa.""CN=user2,CN=Users,DC=home,DC=arpa.""CN=user3,OU=test,DC=home,DC=arpa."PS C:\Users\Administrator\Desktop> and also, if I run the command from a Linux machine:ldapsearch -H ldap://home.arpa:389 -D "us...@home.arpa" -w "Lenovo777" -b "DC=home,DC=arpa". then I get a correct response, so it is probably correct. Translated with www.DeepL.com/Translator (free version) 07.05.2024, 16:39, "Marco Moock (m...@dorfdsl.de)" :Am 07.05.2024 um 12:46:02 Uhr schrieb "Rom@n": For test purpose I didn't create anything in domain controller except user1 with domain admin privileges and user2 with regular user privileges, no OU created, everything is default for Windows Server 2016.I think you should ask at a place for LDAP/MS AD discussions.This is most likely a problem on your LDAP server. Maybe the bindDNisn't set up properly.
Re: [SOGo] SOGo v5.10.0 integration with Windows Server 2016 based domain
Am 07.05.2024 um 12:46:02 Uhr schrieb "Rom@n": > For test purpose I didn't create anything in domain controller except > user1 with domain admin privileges and user2 with regular user > privileges, no OU created, everything is default for Windows Server > 2016. I think you should ask at a place for LDAP/MS AD discussions. This is most likely a problem on your LDAP server. Maybe the bindDN isn't set up properly.
Re: [SOGo] SOGo v5.10.0 integration with Windows Server 2016 based domain
Am 07.05.2024 um 09:26:46 Uhr schrieb Roman:
> 1) Deployed a Windows Server 2016 based domain "ldap.local" [...]
This is the first mistake. ".local" is intended for multicast DNS and
DNS resolution will fail if it is not connected to the same link. It
may fallback to unicast DNS then. Use "home.arpa" or other domains
reserved for private use.
> NAME:LDAPException REASON:operation bind failed: Invalid credentials
> (0x31) INFO:{"error_code" = 49; login =
> "uid=user1,ou=users,dc=ldap,dc=local"; }
Your bindDN seems to be wrong.
Is that the place where the users are located?
--
Gruß
Marco
Send unsolicited bulk mail to 1715066806mu...@cartoonies.org
[SOGo] SOGo v5.10.0 integration with Windows Server 2016 based domain
Hi everyone, Please help to configure authorization with LDAP server based on Windows Server 2016.Recently I have configured SOGo with SQL (Postgres) authentication and it was able to login into SOGo web interface, but I have to migrate to Windows Server 2016 Active Directory and it became a huge challenge. In order to perform this I did the following:1) Deployed a Windows Server 2016 based domain "ldap.local" with default settings and created "user1" LDAP account and added domain controller administrator rights to this user.2) Commented out the working SOGoUserSources settings for SQL and added SOGoUserSources LDAP settings for “user1” account instead according to official guide.3) Changed SOGoSuperUsernames from postrgres to user1 But apparently these changes are not enough to correctly configure LDAP integration.Any insights or suggestions would be greatly appreciated! Thank you very much for your precious time and help. Below I will attach the logs I get when trying to authorize with LDAP "user1" account and contents of the “sogo.conf” file with functional SQL (postgres) authorization settings commented out and added SOGoUserSources LDAP settings for “user1” account instead: May 07 05:50:49 sogod [152]: version 5.10.0 (build @localhost 202404270249) -- startingMay 07 05:50:49 sogod [152]: vmem size check enabled: shutting down app when vmem > 384 MB. Currently at 82 MBMay 07 05:50:49 sogod [152]: <0x0x55beb1c68aa0[SOGoProductLoader]> SOGo products loaded from '/usr/local/lib/GNUstep/SOGo':May 07 05:50:49 sogod [152]: <0x0x55beb1c68aa0[SOGoProductLoader]> AdministrationUI.SOGo, Appointments.SOGo, CommonUI.SOGo, Contacts.SOGo, ContactsUI.SOGo, MailPartViewers.SOGo, Mailer.SOGo, MailerUI.SOGo, MainUI.SOGo, PreferencesUI.SOGo, SchedulerUI.SOGoMay 07 05:50:49 sogod [152]: <0x0x55beb1c68aa0[SOGoProductLoader]> SOGo products loaded from '/usr/lib/GNUstep/SOGo':May 07 05:50:49 sogod [152]: <0x0x55beb1c68aa0[SOGoProductLoader]> AdministrationUI.SOGo, Appointments.SOGo, CommonUI.SOGo, Contacts.SOGo, ContactsUI.SOGo, MailPartViewers.SOGo, Mailer.SOGo, MailerUI.SOGo, MainUI.SOGo, PreferencesUI.SOGo, SchedulerUI.SOGoMay 07 05:50:49 sogod [152]: All products loaded - current memory usage at 91 MBMay 07 05:50:49 sogod [152]: <0x0x55beb1c97a00[WOWatchDog]> listening on 127.0.0.1:2May 07 05:50:49 sogod [152]: <0x0x55beb1c97a00[WOWatchDog]> watchdog process pid: 152May 07 05:50:49 sogod [152]: <0x0x7f0b0b345420[WOWatchDogChild]> watchdog request timeout set to 10 minutesMay 07 05:50:49 sogod [152]: <0x0x55beb1c97a00[WOWatchDog]> preparing 8 childrenMay 07 05:50:49 sogod [152]: <0x0x55beb1c97a00[WOWatchDog]> child spawned with pid 153May 07 05:50:49 sogod [152]: <0x0x55beb1c97a00[WOWatchDog]> child spawned with pid 154May 07 05:50:49 sogod [152]: <0x0x55beb1c97a00[WOWatchDog]> child spawned with pid 155May 07 05:50:49 sogod [152]: <0x0x55beb1c97a00[WOWatchDog]> child spawned with pid 156May 07 05:50:49 sogod [152]: <0x0x55beb1c97a00[WOWatchDog]> child spawned with pid 157May 07 05:50:49 sogod [152]: <0x0x55beb1c97a00[WOWatchDog]> child spawned with pid 158May 07 05:50:49 sogod [152]: <0x0x55beb1c97a00[WOWatchDog]> child spawned with pid 159May 07 05:50:49 sogod [152]: <0x0x55beb1c97a00[WOWatchDog]> child spawned with pid 160May 07 05:50:49 sogod [156]: <0x0x55beb1f2e2e0[WOHttpAdaptor]> notified the watchdog that we are readyMay 07 05:50:49 sogod [153]: <0x0x55beb1f2e2c0[WOHttpAdaptor]> notified the watchdog that we are readyMay 07 05:50:49 sogod [155]: <0x0x55beb1f2e2c0[WOHttpAdaptor]> notified the watchdog that we are readyMay 07 05:50:49 sogod [159]: <0x0x55beb1f2e2d0[WOHttpAdaptor]> notified the watchdog that we are readyMay 07 05:50:49 sogod [158]: <0x0x55beb1f2e2d0[WOHttpAdaptor]> notified the watchdog that we are readyMay 07 05:50:49 sogod [157]: <0x0x55beb1f2dea0[WOHttpAdaptor]> notified the watchdog that we are readyMay 07 05:50:49 sogod [160]: <0x0x55beb1f2dea0[WOHttpAdaptor]> notified the watchdog that we are readyMay 07 05:50:49 sogod [154]: <0x0x55beb1f2dea0[WOHttpAdaptor]> notified the watchdog that we are readyMay 07 05:50:59 sogod [154]: |SOGo| starting method 'GET' on uri '/SOGo/'May 07 05:50:59 sogod [154]: <0x0x55beb1f8bd30[SOGoCache]> Cache cleanup interval set every 300.00 secondsMay 07 05:50:59 sogod [154]: <0x0x55beb1f8bd30[SOGoCache]> Using host(s) '192.168.5.229' as server(s)May 07 05:50:59 sogod [154]: [WARN] <0x0x7f0b0b363160[WOxElemBuilder]> could not locate builders: WOxExtElemBuilder,WOxExtElemBuilderMay 07 05:50:59 sogod [154]: |SOGo| request took 0.042288 seconds to executeMay 07 05:50:59 sogod [154]: 51.15.104.199, 192.168.5.9 "GET /SOGo/ HTTP/1.1" 200 9137/0 0.044 37167 75% 5M - 11May 07 05:51:09 sogod [154]: |SOGo| starting method 'POST' on uri '/SOGo/connect'May 07 05:51:09 sogod [154]: <0x0x55beb1f8b890[LDAPSource]> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{"error_code" = 49; login = "uid=user1,ou=users,dc=ldap,dc=local"; }May 07
