RE: SSO Issues
Sorry, I should say that it is the same issue when I try the login.php page as well. Cameron Robitaille Network Administrator Waypoint Centre for Mental Health Care Advancing Understanding. Improving Lives. 500 Church Street Penetanguishene ON L9M 1G3 (705) 549-3181 ext. 2834 crobitai...@waypointcentre.ca This electronic transmission and accompanying attachments may contain privileged or confidential information intended only for the use of the individual or organization named above. Any distribution, copy or action taken in reliance of the contents of this communication by anyone other than the intended recipient(s) is Strictly Prohibited. If you have received this communication in error, please notify the sender at the above email address and delete this email. -Original Message- From: s...@acts.hu Sent: April 16, 2020 4:40 PM To: Piler User Cc: Robitaille, Cameron Subject: Re: SSO Issues CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you are unsure, please delete the message. Hello Cameron, based on the ntlm logs the authentication is successful, and apache also says granted. Please check out the mail log as well as apache's error log for additional clues. Also check if you can login by using ldap authentication, ie. not using sso.php but rather the usual login.php. Janos On 2020-04-16 21:49, Robitaille, Cameron wrote: > > I am hoping there is an easy answer to this as I am about to pull my > hair out. I am installing to a new server in the hopes of migrating > from an existing install. > > I have everything installed and I can log in as the admin@local user. > I configured the LDAP auth with the SSO configuration and I can run > and get good results from manually running ntlm_auth with a valid > user. I copied the working config from the other server into my > config-site.php. When I try to SSO it just spins although the log > says: > > [Thu Apr 16 15:40:47.512194 2020] [:debug] [pid 4441] > mod_auth_ntlm_winbind.c(1041): [client 10.10.95.2:31200] doing ntlm > auth dance [Thu Apr 16 15:40:47.512209 2020] [:debug] [pid 4441] > mod_auth_ntlm_winbind.c(484): [client 10.10.95.2:31200] Using existing > auth helper 4591 [Thu Apr 16 15:40:47.512238 2020] [:debug] [pid 4441] > mod_auth_ntlm_winbind.c(703): [client 10.10.95.2:31200] parsing reply > from helper to KK > TlRMTVNTUAADGAAYAIBcAVwBmABYFgAWAFgSABIAbgD0AQAABYKIogoAukcPBEnAms1Y9ke05O4HIhc6wmMAcgBvAGIAaQB0AGEAaQBsAGwAZQBEADQANwA2ADYAMwA1ADAAVgB8kPWCQbl+hlzCxJzjB1b2AQEAAABUXDbtJhTWAV0K8qKcAAGzAAIAFABNAEgAQwBQAC4ATwBOAC4AQwBBAAEAEABNAEEASQBMAEEAUgBDAEgABAAiAHcAYQB5AHAAbwBpAG4AdABjAGUAbgB0AHIAZQAuAGMAYQADADQAbQBhAGkAbABhAHIAYwBoAC4AdwBhAHkAcABvAGkAbgB0AGMAZQBuAHQAcgBlAC4AYwBhAAcACABUXDbtJhTWAQYABAACCAAwADAAAQAgAAD2cE88eSCt3N1kv//zYg08RWAN2pKfP+fpHHmqo/q6ywoAEACb+cMBW3SC6HqWBNugfGr2CQA+AEgAVABUAFAALwBtAGEAaQBsAGEAcgBjAGgALgB3AGEAeQBwAG8AaQBuAHQAYwBlAG4AdAByAGUALgBjAGE=\n > [Thu Apr 16 15:40:47.519444 2020] [:debug] [pid 4441] > mod_auth_ntlm_winbind.c(741): [client 10.10.95.2:31200] got response: > AF MHCP.ON.CA\\user > [Thu Apr 16 15:40:47.519499 2020] [:debug] [pid 4441] > mod_auth_ntlm_winbind.c(787): [client 10.10.95.2:31200] authenticated > MHCP.ON.CA\\user [Thu Apr 16 15:40:47.519522 2020] [authz_core:debug] > [pid 4441] > mod_authz_core.c(809): [client 10.10.95.2:31200] AH01626: > authorization result of Require valid-user : granted [Thu Apr 16 > 15:40:47.519535 2020] [authz_core:debug] [pid 4441] > mod_authz_core.c(809): [client 10.10.95.2:31200] AH01626: > authorization result of : granted > > I would read this that it was successful but the page just spins and > nothing ever happens, the search never comes up. > > I am using version 1.38. Thanks, > > Cameron Robitaille > Network Administrator > Waypoint Centre for Mental Health Care Advancing Understanding. > Improving Lives. > > 500 Church Street > Penetanguishene ON L9M 1G3 > (705) 549-3181 ext. 2834 > crobitai...@waypointcentre.ca > > This electronic transmission and accompanying attachments may contain > privileged or confidential information intended only for the use of > the individual or organization named above. Any distribution, copy or > action taken in reliance of the contents of this communication by > anyone other than the intended recipient(s) is Strictly Prohibited. > If you have received this communication in error, please notify the > sender at the above email address and delete this email.
RE: SSO Issues
Hi: Thanks for the reply! The log I included was actually from the ssl_error_log, there isn't anything else in that log. The mailarchiver-error.log doesn't have anything related to this as well. What is interesting is when I did the installation, the web files weren't copied, I had to manually copy over the webui files and manually create the .htaccess. Is that normal or did something break on the install? I feel like the redirection isn't working quite as expected. Thanks, Cameron Robitaille Network Administrator Waypoint Centre for Mental Health Care Advancing Understanding. Improving Lives. 500 Church Street Penetanguishene ON L9M 1G3 (705) 549-3181 ext. 2834 crobitai...@waypointcentre.ca This electronic transmission and accompanying attachments may contain privileged or confidential information intended only for the use of the individual or organization named above. Any distribution, copy or action taken in reliance of the contents of this communication by anyone other than the intended recipient(s) is Strictly Prohibited. If you have received this communication in error, please notify the sender at the above email address and delete this email. -Original Message- From: s...@acts.hu Sent: April 16, 2020 4:40 PM To: Piler User Cc: Robitaille, Cameron Subject: Re: SSO Issues CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you are unsure, please delete the message. Hello Cameron, based on the ntlm logs the authentication is successful, and apache also says granted. Please check out the mail log as well as apache's error log for additional clues. Also check if you can login by using ldap authentication, ie. not using sso.php but rather the usual login.php. Janos On 2020-04-16 21:49, Robitaille, Cameron wrote: > > I am hoping there is an easy answer to this as I am about to pull my > hair out. I am installing to a new server in the hopes of migrating > from an existing install. > > I have everything installed and I can log in as the admin@local user. > I configured the LDAP auth with the SSO configuration and I can run > and get good results from manually running ntlm_auth with a valid > user. I copied the working config from the other server into my > config-site.php. When I try to SSO it just spins although the log > says: > > [Thu Apr 16 15:40:47.512194 2020] [:debug] [pid 4441] > mod_auth_ntlm_winbind.c(1041): [client 10.10.95.2:31200] doing ntlm > auth dance [Thu Apr 16 15:40:47.512209 2020] [:debug] [pid 4441] > mod_auth_ntlm_winbind.c(484): [client 10.10.95.2:31200] Using existing > auth helper 4591 [Thu Apr 16 15:40:47.512238 2020] [:debug] [pid 4441] > mod_auth_ntlm_winbind.c(703): [client 10.10.95.2:31200] parsing reply > from helper to KK > TlRMTVNTUAADGAAYAIBcAVwBmABYFgAWAFgSABIAbgD0AQAABYKIogoAukcPBEnAms1Y9ke05O4HIhc6wmMAcgBvAGIAaQB0AGEAaQBsAGwAZQBEADQANwA2ADYAMwA1ADAAVgB8kPWCQbl+hlzCxJzjB1b2AQEAAABUXDbtJhTWAV0K8qKcAAGzAAIAFABNAEgAQwBQAC4ATwBOAC4AQwBBAAEAEABNAEEASQBMAEEAUgBDAEgABAAiAHcAYQB5AHAAbwBpAG4AdABjAGUAbgB0AHIAZQAuAGMAYQADADQAbQBhAGkAbABhAHIAYwBoAC4AdwBhAHkAcABvAGkAbgB0AGMAZQBuAHQAcgBlAC4AYwBhAAcACABUXDbtJhTWAQYABAACCAAwADAAAQAgAAD2cE88eSCt3N1kv//zYg08RWAN2pKfP+fpHHmqo/q6ywoAEACb+cMBW3SC6HqWBNugfGr2CQA+AEgAVABUAFAALwBtAGEAaQBsAGEAcgBjAGgALgB3AGEAeQBwAG8AaQBuAHQAYwBlAG4AdAByAGUALgBjAGE=\n > [Thu Apr 16 15:40:47.519444 2020] [:debug] [pid 4441] > mod_auth_ntlm_winbind.c(741): [client 10.10.95.2:31200] got response: > AF MHCP.ON.CA\\user > [Thu Apr 16 15:40:47.519499 2020] [:debug] [pid 4441] > mod_auth_ntlm_winbind.c(787): [client 10.10.95.2:31200] authenticated > MHCP.ON.CA\\user [Thu Apr 16 15:40:47.519522 2020] [authz_core:debug] > [pid 4441] > mod_authz_core.c(809): [client 10.10.95.2:31200] AH01626: > authorization result of Require valid-user : granted [Thu Apr 16 > 15:40:47.519535 2020] [authz_core:debug] [pid 4441] > mod_authz_core.c(809): [client 10.10.95.2:31200] AH01626: > authorization result of : granted > > I would read this that it was successful but the page just spins and > nothing ever happens, the search never comes up. > > I am using version 1.38. Thanks, > > Cameron Robitaille > Network Administrator > Waypoint Centre for Mental Health Care Advancing Understanding. > Improving Lives. > > 500 Church Street > Penetanguishene ON L9M 1G3 > (705) 549-3181 ext. 2834 > crobitai...@waypointcentre.ca > > This electronic transmission and accompanying attachments may contain > privileged or confidential information intended only for the use of > the individual or organization named above. Any distribution, copy or > action taken in reliance of the contents of this communication by > anyone other than the intended recipient(s) is Strictly Prohibited. > If you have received this
Re: Piler - Backup and Restore
Hello Janos, thanks for your help. I checked everything according to your hints. All permissions were set correctly and after connecting to the database on both systems they were completely the same. I told you that no emals were shown in the auditor interface. After resetting the cache on all systems all older mails were shown but not todays email. I tried a „reindex -a“ an after the reindexing cronjob all - even todays email - were shown. Wonderful, thanks again :-) > Am 16.04.2020 um 08:24 schrieb s...@acts.hu: > > > > Hello, > > your scripts look fine by looking. Do the following to troubleshoot > the issue: > > check the permissions on /var/piler, piler should be able read it, > then /var/piler/sphinx dir and its contents must be read-writable > for piler. > > When you start searchd, verify that searchd runs as user piler, and > can read all the index files. It prints the indices it just read. > > Then try connecting to searchd: mysql -h 127.0.0.1 -P9306, and > run "select * from main1;". It should print 20 hits or so. > > Janos > > > > On 2020-04-16 03:07, BKH-Netz.de - Postfach wrote: >> Hi Janos, >> i’m trying to gat a working backup / restore script for my piler >> installations. >> But my efforts are more or less without a success … >> Perhaps you can give me a slight hint? >> My backup script looks like this: >> - - - - - - - >> systemctl stop rc.piler.service >> systemctl stop rc.searchd.service >> tar -cpzf SOMEVZ/piler.tar.gz -C /usr/local/etc/piler . >> tar -cpzf SOMEVZ//pilerstore.tar.gz -C /var/piler/store/00 . >> tar -cpzf SOMEVZ/sphinx.tar.gz /var/piler/sphinx/main[1-4]* >> mysqldump --single-transaction -h localhost -piler -p'mysecretpw' >> piler > SOMEVZ/pilerdb.sql >> systemctl start rc.piler.service >> systemctl start rc.searchd.service >> - - - - - - - >> My restore script looks like this: >> - - - - - - - >> systemctl stop rc.piler.service >> systemctl stop rc.searchd.service >> rm -r /usr/local/etc/piler >> rm -r /var/piler/store/00 >> rm /var/piler/sphinx/main[1-4]* >> mkdir -p /usr/local/etc/piler >> mkdir -p /var/piler/store/00 >> tar -xpzf SOMEVZ/piler.tar.gz -C /usr/local/etc/piler >> tar -xpzf SOMEVZ//pilerstore.tar.gz -C /var/piler/store/00 >> tar -xpzf SOMEVZ/sphinx.tar.gz -C / >> mysql -h localhost -upiler -p'mysecretpw' piler < SOMEVZ/pilerdb.sql >> systemctl start rc.piler.service >> systemctl start rc.searchd.service >> - - - - - - - >> All imported mails (figures) are show correctly inside the admin interface. >> Searching for mail in the auditor interface shows no emails at all. >> I guess this is a problem with sphinx database but i cant figure out … >> Can you give me a little help on this please? >> HW >
Re: SSO Issues
Hello Cameron, based on the ntlm logs the authentication is successful, and apache also says granted. Please check out the mail log as well as apache's error log for additional clues. Also check if you can login by using ldap authentication, ie. not using sso.php but rather the usual login.php. Janos On 2020-04-16 21:49, Robitaille, Cameron wrote: I am hoping there is an easy answer to this as I am about to pull my hair out. I am installing to a new server in the hopes of migrating from an existing install. I have everything installed and I can log in as the admin@local user. I configured the LDAP auth with the SSO configuration and I can run and get good results from manually running ntlm_auth with a valid user. I copied the working config from the other server into my config-site.php. When I try to SSO it just spins although the log says: [Thu Apr 16 15:40:47.512194 2020] [:debug] [pid 4441] mod_auth_ntlm_winbind.c(1041): [client 10.10.95.2:31200] doing ntlm auth dance [Thu Apr 16 15:40:47.512209 2020] [:debug] [pid 4441] mod_auth_ntlm_winbind.c(484): [client 10.10.95.2:31200] Using existing auth helper 4591 [Thu Apr 16 15:40:47.512238 2020] [:debug] [pid 4441] mod_auth_ntlm_winbind.c(703): [client 10.10.95.2:31200] parsing reply from helper to KK TlRMTVNTUAADGAAYAIBcAVwBmABYFgAWAFgSABIAbgD0AQAABYKIogoAukcPBEnAms1Y9ke05O4HIhc6wmMAcgBvAGIAaQB0AGEAaQBsAGwAZQBEADQANwA2ADYAMwA1ADAAVgB8kPWCQbl+hlzCxJzjB1b2AQEAAABUXDbtJhTWAV0K8qKcAAGzAAIAFABNAEgAQwBQAC4ATwBOAC4AQwBBAAEAEABNAEEASQBMAEEAUgBDAEgABAAiAHcAYQB5AHAAbwBpAG4AdABjAGUAbgB0AHIAZQAuAGMAYQADADQAbQBhAGkAbABhAHIAYwBoAC4AdwBhAHkAcABvAGkAbgB0AGMAZQBuAHQAcgBlAC4AYwBhAAcACABUXDbtJhTWAQYABAACCAAwADAAAQAgAAD2cE88eSCt3N1kv//zYg08RWAN2pKfP+fpHHmqo/q6ywoAEACb+cMBW3SC6HqWBNugfGr2CQA+AEgAVABUAFAALwBtAGEAaQBsAGEAcgBjAGgALgB3AGEAeQBwAG8AaQBuAHQAYwBlAG4AdAByAGUALgBjAGE=\n [Thu Apr 16 15:40:47.519444 2020] [:debug] [pid 4441] mod_auth_ntlm_winbind.c(741): [client 10.10.95.2:31200] got response: AF MHCP.ON.CA\\user [Thu Apr 16 15:40:47.519499 2020] [:debug] [pid 4441] mod_auth_ntlm_winbind.c(787): [client 10.10.95.2:31200] authenticated MHCP.ON.CA\\user [Thu Apr 16 15:40:47.519522 2020] [authz_core:debug] [pid 4441] mod_authz_core.c(809): [client 10.10.95.2:31200] AH01626: authorization result of Require valid-user : granted [Thu Apr 16 15:40:47.519535 2020] [authz_core:debug] [pid 4441] mod_authz_core.c(809): [client 10.10.95.2:31200] AH01626: authorization result of : granted I would read this that it was successful but the page just spins and nothing ever happens, the search never comes up. I am using version 1.38. Thanks, Cameron Robitaille Network Administrator Waypoint Centre for Mental Health Care Advancing Understanding. Improving Lives. 500 Church Street Penetanguishene ON L9M 1G3 (705) 549-3181 ext. 2834 crobitai...@waypointcentre.ca This electronic transmission and accompanying attachments may contain privileged or confidential information intended only for the use of the individual or organization named above. Any distribution, copy or action taken in reliance of the contents of this communication by anyone other than the intended recipient(s) is Strictly Prohibited. If you have received this communication in error, please notify the sender at the above email address and delete this email.
SSO Issues
Hi: I am hoping there is an easy answer to this as I am about to pull my hair out. I am installing to a new server in the hopes of migrating from an existing install. I have everything installed and I can log in as the admin@local user. I configured the LDAP auth with the SSO configuration and I can run and get good results from manually running ntlm_auth with a valid user. I copied the working config from the other server into my config-site.php. When I try to SSO it just spins although the log says: [Thu Apr 16 15:40:47.512194 2020] [:debug] [pid 4441] mod_auth_ntlm_winbind.c(1041): [client 10.10.95.2:31200] doing ntlm auth dance [Thu Apr 16 15:40:47.512209 2020] [:debug] [pid 4441] mod_auth_ntlm_winbind.c(484): [client 10.10.95.2:31200] Using existing auth helper 4591 [Thu Apr 16 15:40:47.512238 2020] [:debug] [pid 4441] mod_auth_ntlm_winbind.c(703): [client 10.10.95.2:31200] parsing reply from helper to KK TlRMTVNTUAADGAAYAIBcAVwBmABYFgAWAFgSABIAbgD0AQAABYKIogoAukcPBEnAms1Y9ke05O4HIhc6wmMAcgBvAGIAaQB0AGEAaQBsAGwAZQBEADQANwA2ADYAMwA1ADAAVgB8kPWCQbl+hlzCxJzjB1b2AQEAAABUXDbtJhTWAV0K8qKcAAGzAAIAFABNAEgAQwBQAC4ATwBOAC4AQwBBAAEAEABNAEEASQBMAEEAUgBDAEgABAAiAHcAYQB5AHAAbwBpAG4AdABjAGUAbgB0AHIAZQAuAGMAYQADADQAbQBhAGkAbABhAHIAYwBoAC4AdwBhAHkAcABvAGkAbgB0AGMAZQBuAHQAcgBlAC4AYwBhAAcACABUXDbtJhTWAQYABAACCAAwADAAAQAgAAD2cE88eSCt3N1kv//zYg08RWAN2pKfP+fpHHmqo/q6ywoAEACb+cMBW3SC6HqWBNugfGr2CQA+AEgAVABUAFAALwBtAGEAaQBsAGEAcgBjAGgALgB3AGEAeQBwAG8AaQBuAHQAYwBlAG4AdAByAGUALgBjAGE=\n [Thu Apr 16 15:40:47.519444 2020] [:debug] [pid 4441] mod_auth_ntlm_winbind.c(741): [client 10.10.95.2:31200] got response: AF MHCP.ON.CA\\user [Thu Apr 16 15:40:47.519499 2020] [:debug] [pid 4441] mod_auth_ntlm_winbind.c(787): [client 10.10.95.2:31200] authenticated MHCP.ON.CA\\user [Thu Apr 16 15:40:47.519522 2020] [authz_core:debug] [pid 4441] mod_authz_core.c(809): [client 10.10.95.2:31200] AH01626: authorization result of Require valid-user : granted [Thu Apr 16 15:40:47.519535 2020] [authz_core:debug] [pid 4441] mod_authz_core.c(809): [client 10.10.95.2:31200] AH01626: authorization result of : granted I would read this that it was successful but the page just spins and nothing ever happens, the search never comes up. I am using version 1.38. Thanks, Cameron Robitaille Network Administrator Waypoint Centre for Mental Health Care Advancing Understanding. Improving Lives. 500 Church Street Penetanguishene ON L9M 1G3 (705) 549-3181 ext. 2834 crobitai...@waypointcentre.ca This electronic transmission and accompanying attachments may contain privileged or confidential information intended only for the use of the individual or organization named above. Any distribution, copy or action taken in reliance of the contents of this communication by anyone other than the intended recipient(s) is Strictly Prohibited. If you have received this communication in error, please notify the sender at the above email address and delete this email.
Re: Piler - Backup and Restore
Hello, your scripts look fine by looking. Do the following to troubleshoot the issue: check the permissions on /var/piler, piler should be able read it, then /var/piler/sphinx dir and its contents must be read-writable for piler. When you start searchd, verify that searchd runs as user piler, and can read all the index files. It prints the indices it just read. Then try connecting to searchd: mysql -h 127.0.0.1 -P9306, and run "select * from main1;". It should print 20 hits or so. Janos On 2020-04-16 03:07, BKH-Netz.de - Postfach wrote: Hi Janos, i’m trying to gat a working backup / restore script for my piler installations. But my efforts are more or less without a success … Perhaps you can give me a slight hint? My backup script looks like this: - - - - - - - systemctl stop rc.piler.service systemctl stop rc.searchd.service tar -cpzf SOMEVZ/piler.tar.gz -C /usr/local/etc/piler . tar -cpzf SOMEVZ//pilerstore.tar.gz -C /var/piler/store/00 . tar -cpzf SOMEVZ/sphinx.tar.gz /var/piler/sphinx/main[1-4]* mysqldump --single-transaction -h localhost -piler -p'mysecretpw' piler > SOMEVZ/pilerdb.sql systemctl start rc.piler.service systemctl start rc.searchd.service - - - - - - - My restore script looks like this: - - - - - - - systemctl stop rc.piler.service systemctl stop rc.searchd.service rm -r /usr/local/etc/piler rm -r /var/piler/store/00 rm /var/piler/sphinx/main[1-4]* mkdir -p /usr/local/etc/piler mkdir -p /var/piler/store/00 tar -xpzf SOMEVZ/piler.tar.gz -C /usr/local/etc/piler tar -xpzf SOMEVZ//pilerstore.tar.gz -C /var/piler/store/00 tar -xpzf SOMEVZ/sphinx.tar.gz -C / mysql -h localhost -upiler -p'mysecretpw' piler < SOMEVZ/pilerdb.sql systemctl start rc.piler.service systemctl start rc.searchd.service - - - - - - - All imported mails (figures) are show correctly inside the admin interface. Searching for mail in the auditor interface shows no emails at all. I guess this is a problem with sphinx database but i cant figure out … Can you give me a little help on this please? HW
