[SOGo] BTS activities for Thursday, April 02 2015

2015-04-02 Thread SOGo reporter 
Title: BTS activities for Thursday, April 02 2015





  
BTS Activities

  Home page: http://www.sogo.nu/bugs
  Project: SOGo
  For the period covering: Thursday, April 02 2015

  
  
idlast updatestatus (resolution)categorysummary
	
	
	  
	
3147
	2015-04-02 20:35:57
	updated (open)
	Web Calendar
	Free/busy is shifted +1 day for events in week 30-Mar-15 to 5-Apr-15

Re: [SOGo] SOGo v3 status!

2015-04-02 Thread Zhang Huangbin 

> On Apr 3, 2015, at 2:59 AM, Schifano Alexandre  
> wrote:
> 
> but I saw one problem : with the langage menu, I can't scroll down : when
> I try, I scroll the whole page but not the menu

I experienced more issues with Safari browser (v8.0.4) on Mac, cannot
scroll many pages, including all pages in 'Preferences' after logged in.


Zhang Huangbin, founder of iRedMail project: http://www.iredmail.org/

-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Dovecot can't authenticate against Samba

2015-04-02 Thread Szládovics Péter 

2015-04-02 21:31 keltezéssel, Rowland Penny írta:

On 02/04/15 19:18, Szládovics Péter wrote:

2015-04-02 14:58 keltezéssel, Rowland Penny írta:

On 02/04/15 13:51, Szládovics Péter wrote:

2015-04-02 13:49 keltezéssel, Gerald Brandt írta:
These are the messages in the log file.  It looks like I'm not 
using the right credentials.


2015-04-02 06:44:49 master: Info: Dovecot v2.2.9 starting up (core 
dumps disabled)
2015-04-02 06:44:52 auth: Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind 
Failed: NT_STATUS_LOGON_FAILURE
2015-04-02 06:44:59 auth: Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind 
Failed: NT_STATUS_LOGON_FAILURE
2015-04-02 06:45:05 auth-worker(5304): Error: LDAP: binding failed 
(dn cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind 
Failed: NT_STATUS_LOGON_FAILURE
2015-04-02 06:45:43 imap-login: Info: Disconnected (auth failed, 1 
attempts in 44 secs): user=, method=PLAIN, rip=::1, 
lip=::1, secured, session=


Could you please give us your anonymized dovecot (and dovecot-ldap) 
conf? I think your problem there is in it.


He did, they are the first post, unless he has changed them.


Is it?

dn = cn=administrator,dc=erlphase,dc=com
base = dc=oc,dc=local

The accounts isn't on one branch of the tree (red). Will they see 
each other?
Ant this config isn't the live config, the log and the config is 
different (blue).


So I really need the actual config...






I pointed that out earlier and he has now posted them again, though 
they are different now.


Anyway, he could try this dovecot-ldap.conf:

hosts   = localhost:389
ldap_version= 3
auth_bind   = yes
dn  = administra...@erlphase.com
dnpass  = openchange1!
base= cn=users,dc=home,dc=lan
scope   = subtree
deref   = never
user_filter = 
(&(mail=%u)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
pass_filter = 
(&(mail=%u)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))

pass_attrs  = userPassword=password
default_pass_scheme = CRYPT
user_attrs  = 
=home=/var/vmail/%Ld/%Ln/Maildir/,=mail=maildir:/var/vmail/%Ld/%Ln/Maildir/


Okay.

So. Try this:

hosts = 127.0.0.1:389 # some system uses IPv6 address as localhost, and 
not sure the ldap is listening on it
dn = cn=administrator,cn=users,dc=home,dc=lan # erlphase.com is maybe 
not valid in this situation (I don't know it's userPrincipalName attribute)

dnpass = 
auth_bind = yes
tls = no
deref = never
ldap_version = 3
base = cn=users,dc=home,dc=lan
scope = subtree
user_attrs = =home=/var/vmail/%Ld/%Ln/Maildir/,=uid=5000,=gid=5000 # UID 
and GUID same as vmail user's UID and GUID number
user_filter = 
(&(sAMAccountName=%u)(objectClass=person)(!(userAccountControl=514))) # 
It is enough
pass_filter = 
(&(sAMAccountName=%u)(objectClass=person)(!(userAccountControl=514))) # 
Like previous

pass_attrs = userPassword=password,sAMAccountName=user # Let it be

# default_pass_scheme is unnecessary

test it with

$> telnet 127.0.0.1 143
> 1 login administrator openchange1!
> 1 logout

If you get '1 OK' after login, then it's OK.

After then you need to check the sogo.conf about the bind and user 
filter. The settings let the similar with dovecot's config.

Restart services what are modified, and try again the login.

PS: check your postfix's LDAP settings, and correct it too based on the 
working dovecot config. Word of advice: if you try to modify anything, 
then you need to modify only one thing in one time, then try, and check 
the logs, if it doesn't help. Don't modify more parameters at same time! 
Do backup from the config before save the modifications for easy 
correction the wrongest way than previous.

--
users@sogo.nu
https://inverse.ca/sogo/lists

[SOGo] Address & Contacts not showing

2015-04-02 Thread Robert Watson 
I'm able to login users but my address books aren't being pulled.  Using
samba4 AD as source.  Here's the UserSources section from my sogo.conf.  Am
I missing something?

{
id = OurHomeUsers;
displayName = "OurHome Addressbook";
canAuthenticate = NO;
isAddressBook = YES;
type = ldap;
CNFieldName = cn;
UIDFieldName = sAMAccountName;
baseDN = "CN=users,dc=ourhome,dc=net";
bindDN = "CN=ldap,CN=users,DC=ourhome,DC=net";
bindFields = (sAMAccountName, mail);
bindPassword = xx;
filter = "((objectClass='person' AND memberOf='CN=Domain
Admins,CN=Users,DC=ourhome,DC=net') OR \
   (objectClass='person' AND
memberOf='CN=OurFamily,CN=Users,DC=ourhome,DC=net') OR \
   (objectClass='person' AND
memberOf='CN=OurClan,CN=Users,DC=ourhome,DC=net') OR \
   (objectClass='person' AND
memberOf='CN=OurFriends,CN=Users,DC=ourhome,DC=net') OR \
   (objectClass='person' AND
memberOf='CN=OurVisitors,CN=Users,DC=ourhome,DC=net') OR \
   (objectClass='person' AND memberOf='CN=OurHome
Managers,CN=Users,DC=ourhome,DC=net') OR \
   (objectClass='person' AND memberOf='CN=OurHome
Administrators,CN=Users,DC=ourhome,DC=net'))";
},
{
id = OurHomeContacts;
displayName = "OurHome Contacts";
canAuthenticate = NO;
isAddressBook = YES;
type = ldap;
CNFieldName = cn;
UIDFieldName = sAMAccountName;
baseDN = "CN=users,dc=ourhome,dc=net";
bindDN = "CN=ldap,CN=users,DC=ourhome,DC=net";
bindFields = (sAMAccountName, mail);
bindPassword = xx;
filter = "(objectClass='contact')";
}
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] SOGo v3 status!

2015-04-02 Thread Schifano Alexandre 
Hi,

I tried to login but I have a error message about a wrong
username/password with the three accounts.
I also try from my smartphone. I was unable to login too, but I saw one
problem : with the langage menu, I can't scroll down : when I try, I
scroll the whole page but not the menu, like in css with
"position:fixed" (my web browser is Opera Mobile v12.). It could have
been better to simply use a simple "select" menu.
In a general way please keep it simple with not to much JS. Less there
are shiny effects with JS, the more it will be accessible, to a maximum
of web browser.

Best regards



On 02/04/2015 19:34, Ludovic Marcotte wrote:
> Hello,
> 
> As you most of you already know, we have been working on SOGo v3 for
> many months now.
> 
> We initially decided to use AngularJS, Ionic and Foundation for the new
> web interface. After prototyping the address book and mail modules with
> both Ionic (for phones) and Foundation (desktops/tablets), we decided to
> review our choices.
> 
> After more analysis, we decided to move away from dedicated templates
> for mobile devices (Ionic) and chose to build a responsive Web app with
> Angular Material (https://material.angularjs.org), the new shiny UI
> toolkit from the Angular team.
> 
> Angular Material follows the Google's Material Design specification
> (http://www.google.com/design/spec/material-design/introduction.html).
> The set of components it has matches our requirements, they are
> nice-looking and easily themable. It also allows us to have one
> interface for phones, tablets and desktops.
> 
> You can test the new v3 interface on http://demo.sogo.nu/SOGo/
> (sogo1/sogo2, sogo2/sogo2, sogo3/sogo3 username/password) with mobile
> phones, tablets or desktops. You'll see the GUI dynamically adjusting
> itself based on the device's screen size using flexbox. The address book
> and mail modules are quite usable. Don't spend too much time on the
> calendar module as we're actively working on it. We are also actively
> working on bringing the work we had completed with Ionic/Foundation -
> like calendar sharing dialogs, subscriptions dialogs and more. The
> preferences UI will also get properly formatted in the coming days - but
> it is working right now.
> 
> As mentioned in the past, your comments and ideas are welcome! If you
> even want to test it on your own servers, you can compile it from our v3
> branch on github.
> 
> Thanks and best regards,
> 
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Dovecot can't authenticate against Samba

2015-04-02 Thread Rowland Penny 

On 02/04/15 19:18, Szládovics Péter wrote:

2015-04-02 14:58 keltezéssel, Rowland Penny írta:

On 02/04/15 13:51, Szládovics Péter wrote:

2015-04-02 13:49 keltezéssel, Gerald Brandt írta:
These are the messages in the log file.  It looks like I'm not 
using the right credentials.


2015-04-02 06:44:49 master: Info: Dovecot v2.2.9 starting up (core 
dumps disabled)
2015-04-02 06:44:52 auth: Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind 
Failed: NT_STATUS_LOGON_FAILURE
2015-04-02 06:44:59 auth: Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind 
Failed: NT_STATUS_LOGON_FAILURE
2015-04-02 06:45:05 auth-worker(5304): Error: LDAP: binding failed 
(dn cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind 
Failed: NT_STATUS_LOGON_FAILURE
2015-04-02 06:45:43 imap-login: Info: Disconnected (auth failed, 1 
attempts in 44 secs): user=, method=PLAIN, rip=::1, 
lip=::1, secured, session=


Could you please give us your anonymized dovecot (and dovecot-ldap) 
conf? I think your problem there is in it.


He did, they are the first post, unless he has changed them.


Is it?

dn = cn=administrator,dc=erlphase,dc=com
base = dc=oc,dc=local

The accounts isn't on one branch of the tree (red). Will they see each 
other?
Ant this config isn't the live config, the log and the config is 
different (blue).


So I really need the actual config...






I pointed that out earlier and he has now posted them again, though they 
are different now.


Anyway, he could try this dovecot-ldap.conf:

hosts   = localhost:389
ldap_version= 3
auth_bind   = yes
dn  = administra...@erlphase.com
dnpass  = openchange1!
base= cn=users,dc=home,dc=lan
scope   = subtree
deref   = never
user_filter = 
(&(mail=%u)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
pass_filter = 
(&(mail=%u)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))

pass_attrs  = userPassword=password
default_pass_scheme = CRYPT
user_attrs  = 
=home=/var/vmail/%Ld/%Ln/Maildir/,=mail=maildir:/var/vmail/%Ld/%Ln/Maildir/



--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Dovecot can't authenticate against Samba

2015-04-02 Thread Szládovics Péter 

2015-04-02 14:58 keltezéssel, Rowland Penny írta:

On 02/04/15 13:51, Szládovics Péter wrote:

2015-04-02 13:49 keltezéssel, Gerald Brandt írta:
These are the messages in the log file.  It looks like I'm not using 
the right credentials.


2015-04-02 06:44:49 master: Info: Dovecot v2.2.9 starting up (core 
dumps disabled)
2015-04-02 06:44:52 auth: Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind 
Failed: NT_STATUS_LOGON_FAILURE
2015-04-02 06:44:59 auth: Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind 
Failed: NT_STATUS_LOGON_FAILURE
2015-04-02 06:45:05 auth-worker(5304): Error: LDAP: binding failed 
(dn cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind 
Failed: NT_STATUS_LOGON_FAILURE
2015-04-02 06:45:43 imap-login: Info: Disconnected (auth failed, 1 
attempts in 44 secs): user=, method=PLAIN, rip=::1, 
lip=::1, secured, session=


Could you please give us your anonymized dovecot (and dovecot-ldap) 
conf? I think your problem there is in it.


He did, they are the first post, unless he has changed them.


Is it?

dn = cn=administrator,dc=erlphase,dc=com
base = dc=oc,dc=local

The accounts isn't on one branch of the tree (red). Will they see each 
other?
Ant this config isn't the live config, the log and the config is 
different (blue).


So I really need the actual config...




--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] SOGo v3 status!

2015-04-02 Thread FoxNET 
Hello
There will be this version?
For themes
Yours

Michel
> Le 2 avr. 2015 à 19:34, Ludovic Marcotte  a écrit :
> 
> Hello,
> 
> As you most of you already know, we have been working on SOGo v3 for many 
> months now.
> 
> We initially decided to use AngularJS, Ionic and Foundation for the new web 
> interface. After prototyping the address book and mail modules with both 
> Ionic (for phones) and Foundation (desktops/tablets), we decided to review 
> our choices.
> 
> After more analysis, we decided to move away from dedicated templates for 
> mobile devices (Ionic) and chose to build a responsive Web app with Angular 
> Material (https://material.angularjs.org), the new shiny UI toolkit from the 
> Angular team.
> 
> Angular Material follows the Google's Material Design specification 
> (http://www.google.com/design/spec/material-design/introduction.html). The 
> set of components it has matches our requirements, they are nice-looking and 
> easily themable. It also allows us to have one interface for phones, tablets 
> and desktops.
> 
> You can test the new v3 interface on http://demo.sogo.nu/SOGo/ (sogo1/sogo2, 
> sogo2/sogo2, sogo3/sogo3 username/password) with mobile phones, tablets or 
> desktops. You'll see the GUI dynamically adjusting itself based on the 
> device's screen size using flexbox. The address book and mail modules are 
> quite usable. Don't spend too much time on the calendar module as we're 
> actively working on it. We are also actively working on bringing the work we 
> had completed with Ionic/Foundation - like calendar sharing dialogs, 
> subscriptions dialogs and more. The preferences UI will also get properly 
> formatted in the coming days - but it is working right now.
> 
> As mentioned in the past, your comments and ideas are welcome! If you even 
> want to test it on your own servers, you can compile it from our v3 branch on 
> github.
> 
> Thanks and best regards,
> 
> -- 
> Ludovic Marcotte
> lmarco...@inverse.ca  ::  +1.514.755.3630  ::  http://inverse.ca
> Inverse inc. :: Leaders behind SOGo (http://sogo.nu) and PacketFence 
> (http://packetfence.org)
> 
> -- 
> users@sogo.nu
> https://inverse.ca/sogo/lists
> 
> -- 
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
> 



smime.p7s
Description: S/MIME cryptographic signature

[SOGo] SOGo v3 status!

2015-04-02 Thread Ludovic Marcotte 

Hello,

As you most of you already know, we have been working on SOGo v3 for 
many months now.


We initially decided to use AngularJS, Ionic and Foundation for the new 
web interface. After prototyping the address book and mail modules with 
both Ionic (for phones) and Foundation (desktops/tablets), we decided to 
review our choices.


After more analysis, we decided to move away from dedicated templates 
for mobile devices (Ionic) and chose to build a responsive Web app with 
Angular Material (https://material.angularjs.org), the new shiny UI 
toolkit from the Angular team.


Angular Material follows the Google's Material Design specification 
(http://www.google.com/design/spec/material-design/introduction.html). 
The set of components it has matches our requirements, they are 
nice-looking and easily themable. It also allows us to have one 
interface for phones, tablets and desktops.


You can test the new v3 interface on http://demo.sogo.nu/SOGo/ 
(sogo1/sogo2, sogo2/sogo2, sogo3/sogo3 username/password) with mobile 
phones, tablets or desktops. You'll see the GUI dynamically adjusting 
itself based on the device's screen size using flexbox. The address book 
and mail modules are quite usable. Don't spend too much time on the 
calendar module as we're actively working on it. We are also actively 
working on bringing the work we had completed with Ionic/Foundation - 
like calendar sharing dialogs, subscriptions dialogs and more. The 
preferences UI will also get properly formatted in the coming days - but 
it is working right now.


As mentioned in the past, your comments and ideas are welcome! If you 
even want to test it on your own servers, you can compile it from our v3 
branch on github.


Thanks and best regards,

--
Ludovic Marcotte
lmarco...@inverse.ca  ::  +1.514.755.3630  ::  http://inverse.ca
Inverse inc. :: Leaders behind SOGo (http://sogo.nu) and PacketFence 
(http://packetfence.org)


--
users@sogo.nu
https://inverse.ca/sogo/lists

[SOGo] bug vs feature?

2015-04-02 Thread Robert Watson 
I was having trouble logging into sogo with a valid user/password.  Using a
samba4 AD for authentication and had created a OU structure for holding
users/groups.

*Situation 1* where user is memberOf  CN=OurFamily, OU=Family,OU=U
sers,OU=OurHome,DC=ourhome,DC=net
..Unable to login with valid user/password and got this message in logs
2015-04-01 19:22:48.961 sogod[2922] -[NGLdapConnection
_searchAtBaseDN:qualifier:attributes:scope:]: search at base '' filter
'(objectClass=*)' for attrs 'subschemaSubentry'
2015-04-01 19:22:48.962 sogod[2922] -[NGLdapConnection
_searchAtBaseDN:qualifier:attributes:scope:]: search at base
'CN=Aggregate,CN=Schema,CN=Configuration,DC=ourhome,DC=net' filter
'(objectClass=*)' for attrs 'objectclasses'
2015-04-01 19:22:48.982 sogod[2922] -[NGLdapConnection
_searchAtBaseDN:qualifier:attributes:scope:]: search at base
'cn=users,dc=ourhome,dc=net' filter
'(&(|(sAMAccountName=jqfamily)(mail=jqfamily))(&(objectClass=person)(memberOf=CN=OurFamily,OU=Family,OU=Users,OU=OurHome,DC=ourhome,DC=net)))'
for attrs 'dn'
Apr 01 19:22:48 sogod [2922]: SOGoRootPage Login from '10.20.30.10' for
user 'jqfamily' might not have worked - password policy: 65535  grace: -1
 expire: -1  bound: 0
Apr 01 19:2

*Situation 2* where same user is moved and now memberOf
CN=OurFamily,CN=Users,DC=ourhome,DC=net
...now able to login

Does SOGo require all users & groups to be within the CN=Users container?
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] ActiveSync on Samsung phone not working properly

2015-04-02 Thread Sean M. Pappalardo 

Hello again.

Thanks to Thomas Fuehrer's extensive help, SOGo 2.2.17a works with my 
Samsung phone running RoadSync 3.0. We hadn't tested E-mail sync 
extensively though and I found that if I delete an E-mail message on the 
phone, the next E-mail sync never completes and the phone chews up 
mobile data (if not connected to WiFi) until you stop it. (sogo.log just 
shows things like:


Apr 02 15:50:30 sogod [3352]: 
<0x0x7f6b3117e910[SOGoActiveSyncDispatcher]> Change detected, we push 
the content.
Apr 02 15:50:30 sogod [3352]: 71.117.107.179 "POST 
/synapse/Microsoft-Server-ActiveSync?User=spappalardo&DeviceId=31190931&DeviceType=RoadSyncClientV3&Cmd=Sync 
HTTP/1.1" 200 100/144 0.424 - - 0


...every 2-3 seconds.

Un-marking a message as deleted allows the sync to finish and quickly.

Any ideas as to why that might be happening?

Sincerely,
Sean M. Pappalardo
630-631-6188




smime.p7s
Description: S/MIME Cryptographic Signature

Re: [SOGo] Dovecot can't authenticate against Samba

2015-04-02 Thread Gerald Brandt 

On 2015-04-02 7:44 AM, Rowland Penny wrote:



You posted your /etc/dovecot/dovecot-ldap.conf file, this showed that 
your login DN is:


dn = cn=administrator,dc=erlphase,dc=com

The portion of your log shows:

Error: LDAP: binding failed (dn cn=admin,dc=erlphase,dc=com): Invalid 
credentials


Are you trying to bind with 'cn=admin' as shown in the log, or with 
'cn=administrator' ?


Your 'dovecot-ldap.conf' also shows your search base as:

base = dc=oc,dc=local

er, thats different from 'dc=erlphase,dc=com'

finally, did you really create ' Administrator' with samba-tool ?

Rowland


Hi,

I can see Samba running on port 389. and a 'samba-tool user list' shows 
me this:


# samba-tool user list
Administrator
JohnDoe
krbtgt
Guest
sogo

Okay, here's what I did...

Samba:

samba-tool domain provision --realm=erlphase.com --domain=ERLPHASE 
--adminpass='openchange1!' --server-role=dc --use-rfc2307 
--function-level=2008_R2



dovecot.conf

# cat /etc/dovecot/dovecot.conf
disable_plaintext_auth = no
log_path = /var/log/dovecot.message
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:/var/mail/%u
mail_privileged_group = mail

protocols = imap sieve

service auth {
#  unix_listener auth-master {
#group = vmail
#mode = 0600
#user = vmail
#  }
  unix_listener auth-userdb {
user = vmail
group = vmail
  }
#  user = root
}

ssl_cert = ldap://127.0.0.1
dn = "administra...@erlphase.com"
dnpass = "openchange1!"
sasl_bind = no
tls = no
ldap_version = 3
deref = never
scope = subtree
base = cn=Users,dc=erlphase,dc=com
auth_bind = yes
user_filter = (&(objectClass=user)(sAMAccountName=%u))
user_attrs = 
sAMAccountName=user,userPassword=password,=mail=maildir:/var/vmail/%Ld/%n, 
=home=/var$

pass_filter = (&(objectClass=user)(sAMAccountName=%u))
pass_attrs = sAMAccountName=user,userPassword=password


Gerald

--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Dovecot can't authenticate against Samba

2015-04-02 Thread Rowland Penny 

On 02/04/15 13:51, Szládovics Péter wrote:

2015-04-02 13:49 keltezéssel, Gerald Brandt írta:
These are the messages in the log file.  It looks like I'm not using 
the right credentials.


2015-04-02 06:44:49 master: Info: Dovecot v2.2.9 starting up (core 
dumps disabled)
2015-04-02 06:44:52 auth: Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind 
Failed: NT_STATUS_LOGON_FAILURE
2015-04-02 06:44:59 auth: Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind 
Failed: NT_STATUS_LOGON_FAILURE
2015-04-02 06:45:05 auth-worker(5304): Error: LDAP: binding failed 
(dn cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind 
Failed: NT_STATUS_LOGON_FAILURE
2015-04-02 06:45:43 imap-login: Info: Disconnected (auth failed, 1 
attempts in 44 secs): user=, method=PLAIN, rip=::1, lip=::1, 
secured, session=


Could you please give us your anonymized dovecot (and dovecot-ldap) 
conf? I think your problem there is in it.


He did, they are the first post, unless he has changed them.

--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Dovecot can't authenticate against Samba

2015-04-02 Thread Szládovics Péter 

2015-04-02 13:49 keltezéssel, Gerald Brandt írta:
These are the messages in the log file.  It looks like I'm not using 
the right credentials.


2015-04-02 06:44:49 master: Info: Dovecot v2.2.9 starting up (core 
dumps disabled)
2015-04-02 06:44:52 auth: Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind Failed: 
NT_STATUS_LOGON_FAILURE
2015-04-02 06:44:59 auth: Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind Failed: 
NT_STATUS_LOGON_FAILURE
2015-04-02 06:45:05 auth-worker(5304): Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind Failed: 
NT_STATUS_LOGON_FAILURE
2015-04-02 06:45:43 imap-login: Info: Disconnected (auth failed, 1 
attempts in 44 secs): user=, method=PLAIN, rip=::1, lip=::1, 
secured, session=


Could you please give us your anonymized dovecot (and dovecot-ldap) 
conf? I think your problem there is in it.

--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Dovecot can't authenticate against Samba

2015-04-02 Thread Rowland Penny 

On 02/04/15 12:49, Gerald Brandt wrote:
These are the messages in the log file.  It looks like I'm not using 
the right credentials.


2015-04-02 06:44:49 master: Info: Dovecot v2.2.9 starting up (core 
dumps disabled)
2015-04-02 06:44:52 auth: Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind Failed: 
NT_STATUS_LOGON_FAILURE
2015-04-02 06:44:59 auth: Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind Failed: 
NT_STATUS_LOGON_FAILURE
2015-04-02 06:45:05 auth-worker(5304): Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind Failed: 
NT_STATUS_LOGON_FAILURE
2015-04-02 06:45:43 imap-login: Info: Disconnected (auth failed, 1 
attempts in 44 secs): user=, method=PLAIN, rip=::1, lip=::1, 
secured, session=


I passed in an admin password when I provisioned the domain, and I 
created two users with samba-tool, Administrator and JohnDoe.


Gerald

On 2015-04-02 2:32 AM, Dániel L. wrote:

Hi Gerald,

What do you see in the logs, when trying to login?

Open another terminal and check this:
tail -f /var/log/mail.log | grep dovecot

rgrds,
Daniel

2015-04-02 5:09 GMT+02:00 Gerald Brandt >:


Hi,

I've been following the Openchange 'cookbook' on getting
Sogo/Openchange installed, using the inverse PPA.

I've just completed the Dovecot section, and I can't get Dovecot
to authenticate at all.

# nc localhost 143
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID
ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot (Ubuntu) ready.
1 LOGIN JohnDoe openchange123
1 NO [UNAVAILABLE] Temporary authentication failure.
[ubuntu:2015-04-02 03:00:36]


This is my /etc/dovecot/dovecot.conf file:

# cat /etc/dovecot/dovecot.conf
disable_plaintext_auth = no
log_path = /var/log/dovecot.message
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:/var/mail/%u
mail_privileged_group = mail
passdb {
  args = /etc/dovecot/dovecot-ldap.conf
  driver = ldap
}
passdb {
  driver = pam
}
protocols = imap
service auth {
  unix_listener auth-master {
group = vmail
mode = 0600
user = vmail
  }
  unix_listener auth-userdb {
user = vmail
  }
  user = root
}
ssl_cert = ldap://localhost
dn = cn=administrator,dc=erlphase,dc=com
dnpass = openchange1!
tls = no
ldap_version = 3
base = dc=oc,dc=local
scope = subtree
user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid
user_filter = (uid=%u)
pass_attrs = uid=user,userPassword=password
pass_filter = (uid=%u)


Any helpful hints or directions I could look would be appreciated.

Gerald
-- 
users@sogo.nu 

https://inverse.ca/sogo/lists





--
Gerald Brandt
Majentis Technologies
204-229-6595
g...@majentis.com



You posted your /etc/dovecot/dovecot-ldap.conf file, this showed that 
your login DN is:


dn = cn=administrator,dc=erlphase,dc=com

The portion of your log shows:

Error: LDAP: binding failed (dn cn=admin,dc=erlphase,dc=com): Invalid 
credentials


Are you trying to bind with 'cn=admin' as shown in the log, or with 
'cn=administrator' ?


Your 'dovecot-ldap.conf' also shows your search base as:

base = dc=oc,dc=local

er, thats different from 'dc=erlphase,dc=com'

finally, did you really create ' Administrator' with samba-tool ?

Rowland
--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Dovecot can't authenticate against Samba

2015-04-02 Thread Gerald Brandt 
These are the messages in the log file.  It looks like I'm not using the 
right credentials.


2015-04-02 06:44:49 master: Info: Dovecot v2.2.9 starting up (core dumps 
disabled)
2015-04-02 06:44:52 auth: Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind Failed: 
NT_STATUS_LOGON_FAILURE
2015-04-02 06:44:59 auth: Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind Failed: 
NT_STATUS_LOGON_FAILURE
2015-04-02 06:45:05 auth-worker(5304): Error: LDAP: binding failed (dn 
cn=admin,dc=erlphase,dc=com): Invalid credentials, Simple Bind Failed: 
NT_STATUS_LOGON_FAILURE
2015-04-02 06:45:43 imap-login: Info: Disconnected (auth failed, 1 
attempts in 44 secs): user=, method=PLAIN, rip=::1, lip=::1, 
secured, session=


I passed in an admin password when I provisioned the domain, and I 
created two users with samba-tool, Administrator and JohnDoe.


Gerald

On 2015-04-02 2:32 AM, Dániel L. wrote:

Hi Gerald,

What do you see in the logs, when trying to login?

Open another terminal and check this:
tail -f /var/log/mail.log | grep dovecot

rgrds,
Daniel

2015-04-02 5:09 GMT+02:00 Gerald Brandt >:


Hi,

I've been following the Openchange 'cookbook' on getting
Sogo/Openchange installed, using the inverse PPA.

I've just completed the Dovecot section, and I can't get Dovecot
to authenticate at all.

# nc localhost 143
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID
ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot (Ubuntu) ready.
1 LOGIN JohnDoe openchange123
1 NO [UNAVAILABLE] Temporary authentication failure.
[ubuntu:2015-04-02 03:00:36]


This is my /etc/dovecot/dovecot.conf file:

# cat /etc/dovecot/dovecot.conf
disable_plaintext_auth = no
log_path = /var/log/dovecot.message
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:/var/mail/%u
mail_privileged_group = mail
passdb {
  args = /etc/dovecot/dovecot-ldap.conf
  driver = ldap
}
passdb {
  driver = pam
}
protocols = imap
service auth {
  unix_listener auth-master {
group = vmail
mode = 0600
user = vmail
  }
  unix_listener auth-userdb {
user = vmail
  }
  user = root
}
ssl_cert = ldap://localhost
dn = cn=administrator,dc=erlphase,dc=com
dnpass = openchange1!
tls = no
ldap_version = 3
base = dc=oc,dc=local
scope = subtree
user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid
user_filter = (uid=%u)
pass_attrs = uid=user,userPassword=password
pass_filter = (uid=%u)


Any helpful hints or directions I could look would be appreciated.

Gerald
-- 
users@sogo.nu 

https://inverse.ca/sogo/lists





--
Gerald Brandt
Majentis Technologies
204-229-6595
g...@majentis.com

--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] don't understand ldap log message

2015-04-02 Thread Zhang Huangbin 

> On Apr 2, 2015, at 10:30 AM, Robert Watson  wrote:
> 
> might not have worked - password policy: 65535  grace: -1  expire: -1  bound: > 0
> Apr 01 19:2

Agree. This SOGo log doesn't help troubleshoot at all, hope SOGo
can log detailed technical info in error message. for example, if user
cannot login with unsupported password scheme, please log this is
"unsupported password scheme".

I have one customer reported this same error message before (with MySQL
backend, not LDAP), and turned out SOGo doesn't support salted MD5
without a '{CRYPT}' prefix.

- doesn't work: $1$u3DY5Q4P$211IcRyO.HbuVhBjtkWgT/
- works: {CRYPT}$1$u3DY5Q4P$211IcRyO.HbuVhBjtkWgT/


Zhang Huangbin, founder of iRedMail project: http://www.iredmail.org/

-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Aw: Re: [SOGo] Dovecot can't authenticate against Samba

2015-04-02 Thread Daniel Müller 

What I did to make it work:

First fill in the email-field  into the users domain (ADUC)  properties. So omly users who have a email-adress set  can authenticate. ex:t...@tplk.loc

 

dovecot-ldap.conf:

 


hosts = my.samba.adc:389
dn = cn=mypassword,cn=users,dc=my,dc=domain
dnpass = password

auth_bind = yes
ldap_version = 3

base = cn=Users,dc=tplk,dc=loc
scope = subtree
user_filter = (mail=%u) ###<--- just look for the user in this field
pass_filter = (mail=%u)
pass_attrs = mail=%u,= userPassword=password

 

Good Luck

Daniel


 

Gesendet: Donnerstag, 02. April 2015 um 09:32 Uhr
Von: "Dániel L." 
An: users@sogo.nu
Betreff: Re: [SOGo] Dovecot can't authenticate against Samba






Hi Gerald,
 
What do you see in the logs, when trying to login?
 

Open another terminal and check this:
tail -f /var/log/mail.log | grep dovecot
 
rgrds,
Daniel

 
2015-04-02 5:09 GMT+02:00 Gerald Brandt :

Hi,

I've been following the Openchange 'cookbook' on getting Sogo/Openchange installed, using the inverse PPA.

I've just completed the Dovecot section, and I can't get Dovecot to authenticate at all.

# nc localhost 143
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot (Ubuntu) ready.
1 LOGIN JohnDoe openchange123
1 NO [UNAVAILABLE] Temporary authentication failure. [ubuntu:2015-04-02 03:00:36]


This is my /etc/dovecot/dovecot.conf file:

# cat /etc/dovecot/dovecot.conf
disable_plaintext_auth = no
log_path = /var/log/dovecot.message
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:/var/mail/%u
mail_privileged_group = mail
passdb {
  args = /etc/dovecot/dovecot-ldap.conf
  driver = ldap
}
passdb {
  driver = pam
}
protocols = imap
service auth {
  unix_listener auth-master {
    group = vmail
    mode = 0600
    user = vmail
  }
  unix_listener auth-userdb {
    user = vmail
  }
  user = root
}
ssl_cert = 
ssl_key = 
userdb {
  args = /etc/dovecot/dovecot-ldap.conf
  driver = ldap
}
userdb {
  driver = passwd
}
protocol lda {
  hostname = oc.local
  log_path = /var/log/dovecot.message
  postmaster_address = postmaster@oc.local
}

protocol pop3 {
  pop3_uidl_format = %08Xu%08Xv
}


and this is my /etc/dovecot/dovecot-ldap.conf file:

# cat /etc/dovecot/dovecot-ldap.conf
uris = ldap://localhost
dn = cn=administrator,dc=erlphase,dc=com
dnpass = openchange1!
tls = no
ldap_version = 3
base = dc=oc,dc=local
scope = subtree
user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid
user_filter = (uid=%u)
pass_attrs = uid=user,userPassword=password
pass_filter = (uid=%u)


Any helpful hints or directions I could look would be appreciated.

Gerald
--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Dovecot can't authenticate against Samba

2015-04-02 Thread Dániel L . 
Hi Gerald,

What do you see in the logs, when trying to login?

Open another terminal and check this:
tail -f /var/log/mail.log | grep dovecot

rgrds,
Daniel

2015-04-02 5:09 GMT+02:00 Gerald Brandt :

> Hi,
>
> I've been following the Openchange 'cookbook' on getting Sogo/Openchange
> installed, using the inverse PPA.
>
> I've just completed the Dovecot section, and I can't get Dovecot to
> authenticate at all.
>
> # nc localhost 143
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
> STARTTLS AUTH=PLAIN] Dovecot (Ubuntu) ready.
> 1 LOGIN JohnDoe openchange123
> 1 NO [UNAVAILABLE] Temporary authentication failure. [ubuntu:2015-04-02
> 03:00:36]
>
>
> This is my /etc/dovecot/dovecot.conf file:
>
> # cat /etc/dovecot/dovecot.conf
> disable_plaintext_auth = no
> log_path = /var/log/dovecot.message
> log_timestamp = "%Y-%m-%d %H:%M:%S "
> mail_location = maildir:/var/mail/%u
> mail_privileged_group = mail
> passdb {
>   args = /etc/dovecot/dovecot-ldap.conf
>   driver = ldap
> }
> passdb {
>   driver = pam
> }
> protocols = imap
> service auth {
>   unix_listener auth-master {
> group = vmail
> mode = 0600
> user = vmail
>   }
>   unix_listener auth-userdb {
> user = vmail
>   }
>   user = root
> }
> ssl_cert =  ssl_key =  userdb {
>   args = /etc/dovecot/dovecot-ldap.conf
>   driver = ldap
> }
> userdb {
>   driver = passwd
> }
> protocol lda {
>   hostname = oc.local
>   log_path = /var/log/dovecot.message
>   postmaster_address = postmaster@oc.local
> }
>
> protocol pop3 {
>   pop3_uidl_format = %08Xu%08Xv
> }
>
>
> and this is my /etc/dovecot/dovecot-ldap.conf file:
>
> # cat /etc/dovecot/dovecot-ldap.conf
> uris = ldap://localhost
> dn = cn=administrator,dc=erlphase,dc=com
> dnpass = openchange1!
> tls = no
> ldap_version = 3
> base = dc=oc,dc=local
> scope = subtree
> user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid
> user_filter = (uid=%u)
> pass_attrs = uid=user,userPassword=password
> pass_filter = (uid=%u)
>
>
> Any helpful hints or directions I could look would be appreciated.
>
> Gerald
> --
> users@sogo.nu
> https://inverse.ca/sogo/lists
>
-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Native Outlook support / cannot se existing imap mails

2015-04-02 Thread Dániel L . 
Hello SOGo Users,

Openchange failed to login to the IMAP server, but this was not in the logs,
i have had to run samba in command line daemon mode to debug this.

Your IMAP server have to accept ANY password from localhost to any existing
user,
or you have to store your password in cleartext in
/var/lib/samba/private/mapistore//password file.

Now i got this working OK with outlook 2007, but there is some character
encoding problem,
becouse outlook displays every email in utf8, even iso ones.

regards,
Daniel

2015-03-30 15:49 GMT+02:00 Dániel L. :

> It looks like openchange doesnt even contact the imap server when I open
> Outlook.
>
> 2015-03-28 21:59 GMT+01:00 Szládovics Péter :
>
>> 2015-03-27 19:13 keltezéssel, Dániel L. írta:
>>
>>> My courier-imap version was this:4.10.0-20120615-1 .
>>> Then I realised, there is no qresync support in courier,
>>> so I made a dovecot imap proxy.
>>> No results.
>>>
>>
>> I think dovecot supports the 'autosubscribe' function, what maybe help on
>> you.
>> --
>> users@sogo.nu
>> https://inverse.ca/sogo/lists
>>
>
>
-- 
users@sogo.nu
https://inverse.ca/sogo/lists