Re: [SOGo] SOGo with Zentyal ADDC
I've managed to take a step forward. The problem was as silly as password expiration... maybe Zentyal set a password expiration during upgrade, maybe bad luck wanted the passwords to expire the same day I upgraded Zentyal... However now, when I login, I am redirected to: https://localhost/(null):/SOGo/so/direzione/Mail which (obviously) yelds a 404. Why that "(null)"? What should be in its place? -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGo with Zentyal ADDC
Lucio, There's a free software from Apache called Apache Directory Studio: * http://directory.apache.org/studio/downloads.html After installing, you can test if your LDAP is working using their LDAP Browser. This will be of some value to know if LDAP is working at all (not just with SOGo). It is important you know the answer to this. Instructions on how to use the LDAP Browser can be found here: http://directory.apache.org/studio/users-guide.html If you can browse your servers LDAP directory using this product than the problem is not your LDAP setup. The problem would then be rooted in your SOGo configuration and LDAP handshake Sincerely, Jay Inside there is On 1/30/2018 4:06 PM, Lucio Crusca (lu...@sulweb.org) wrote: Il 30/01/2018 09:07, Jay Lepore" (j...@compumatter.com) ha scritto: * samba-tool dbcheck --fix * sudo apt-get remove zentyal-samba * sudo apt-get update (may have to disable ipv6 in some cases with sudo echo "1" > /proc/sys/net/ipv6/conf/all/disable_ipv6) * sudo apt-get install -reinstall zentyal-core * sudo apt-get install zentyal-samba * sudo zs samba start or restart Tried the full sequence. Still no dice. -- Sincerely, Jay Lepore Owner CompuMatter Ofc: 360 299 2428 Email: j...@compumatter.com -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGo with Zentyal ADDC
Lucio, I simply don't know. I never fly without a net if it is important. Such things can cause brain damage as you know. I do not remember the result of this I only know that it IS one of the things that I performed. My advice is to clone your drive before you pull the trigger. That's the way I proceed with such unknowns. If it's a raid and clone not easily doable, than at least a full back of all samba / zentyal configs I always clone prior to major upsets ;-) Jay On 1/30/2018 12:17 PM, Lucio Crusca (lu...@sulweb.org) wrote: Il 30/01/2018 09:07, Jay Lepore" (j...@compumatter.com) ha scritto: * samba-tool dbcheck --fix ... after some rows of output and some "none" replies I entered to the various "Fix?" questions, I got this output from the command above: Checked 324 objects (294 errors) Is it reasonably safe to let it fix those errors? -- Sincerely, Jay Lepore Owner CompuMatter Ofc: 360 299 2428 Email: j...@compumatter.com -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGo with Zentyal ADDC
Il 30/01/2018 09:07, Jay Lepore" (j...@compumatter.com) ha scritto: * samba-tool dbcheck --fix * sudo apt-get remove zentyal-samba * sudo apt-get update (may have to disable ipv6 in some cases with sudo echo "1" > /proc/sys/net/ipv6/conf/all/disable_ipv6) * sudo apt-get install -reinstall zentyal-core * sudo apt-get install zentyal-samba * sudo zs samba start or restart Tried the full sequence. Still no dice. -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGo with Zentyal ADDC
Il 30/01/2018 09:07, Jay Lepore" (j...@compumatter.com) ha scritto: * samba-tool dbcheck --fix ... after some rows of output and some "none" replies I entered to the various "Fix?" questions, I got this output from the command above: Checked 324 objects (294 errors) Is it reasonably safe to let it fix those errors? -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGo with Zentyal ADDC
Just one more on this. For sure Zentyal 5.0+ supports LDAP. Use it every day with multiple applications. Jabber, Resourcespace, SOGo and more. No problems Jay On 1/29/2018 2:09 PM, Lucio Crusca (lu...@sulweb.org) wrote: Il 29/01/2018 22:24, "Dennis Lloyd"" (dll...@sgvfr.com) ha scritto: This is not a SoGo issue... Zentyal removed LDAP support in version 5. Could you please elaborate on that? Assuming you are right, what's the point of bundling SOGo with Zentyal 5 if they can't work together? Anyway, Zentyal 5 documentation seems to imply that it supports LDAP: https://wiki.zentyal.org/wiki/En/5.0/Users,_Computers_and_File_Sharing#LDAP_configuration_options -- Sincerely, Jay Lepore Owner CompuMatter Ofc: 360 299 2428 Email: j...@compumatter.com -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGo with Zentyal ADDC
Lucio, Some notes of mine of record. I hope they are of some value... Jay CompuMatter At some point in the process I did a complete removal of all things zentyal samba and then reinstalled them. * samba-tool dbcheck --fix * sudo apt-get remove zentyal-samba * sudo apt-get update (may have to disable ipv6 in some cases with sudo echo "1" > /proc/sys/net/ipv6/conf/all/disable_ipv6) * sudo apt-get install -reinstall zentyal-core * sudo apt-get install zentyal-samba * sudo zs samba start or restart Those are some steps I took in my process On 1/29/2018 2:59 PM, Lucio Crusca (lu...@sulweb.org) wrote: Il 29/01/2018 23:08, Jay Lepore" (j...@compumatter.com) ha scritto: I'm running Zentyal 5.0.10 And SOGo logins work fine with built in LDAP From a command line sudo pdbedit -L -v should give you a list of existing LDAP users maintained by Zentyal It does, so it seems Samba is working. That's actually no news, because domain logons do work correctly. Once when LDAP was not working I had to run * /usr/share/zentyal/unconfigure-module samba I'm not sure about what that command is supposed to do, other than disabling the Samba module, however I've run it, then enabled the Samba module again from the Zentyal web interface, but nothing changed: SOGo keeps refusing correct credentials. To fix samba problems. It's been a while but it seems that 'reconfigured' everything and *things worked after that*. You'll have to Google it. Have you got any other details by any chance? Googling "reconfigure samba" or "reconfigure everything" yelds quite a lot of pages about general configuration procedures and I suspect most of them aren't the solution. -- Sincerely, Jay Lepore Owner CompuMatter Ofc: 360 299 2428 Email: j...@compumatter.com -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGo with Zentyal ADDC
Il 29/01/2018 23:08, Jay Lepore" (j...@compumatter.com) ha scritto: I'm running Zentyal 5.0.10 And SOGo logins work fine with built in LDAP From a command line sudo pdbedit -L -v should give you a list of existing LDAP users maintained by Zentyal It does, so it seems Samba is working. That's actually no news, because domain logons do work correctly. Once when LDAP was not working I had to run * /usr/share/zentyal/unconfigure-module samba I'm not sure about what that command is supposed to do, other than disabling the Samba module, however I've run it, then enabled the Samba module again from the Zentyal web interface, but nothing changed: SOGo keeps refusing correct credentials. To fix samba problems. It's been a while but it seems that 'reconfigured' everything and *things worked after that*. You'll have to Google it. Have you got any other details by any chance? Googling "reconfigure samba" or "reconfigure everything" yelds quite a lot of pages about general configuration procedures and I suspect most of them aren't the solution. -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGo with Zentyal ADDC
I'm running Zentyal 5.0.10 And SOGo logins work fine with built in LDAP From a command line sudo pdbedit -L -v should give you a list of existing LDAP users maintained by Zentyal Once when LDAP was not working I had to run * /usr/share/zentyal/unconfigure-module samba To fix samba problems. It's been a while but it seems that 'reconfigured' everything and *things worked after that*. You'll have to Google it. CompuMatter Jay On 1/29/2018 1:24 PM, "Dennis Lloyd" (dll...@sgvfr.com) wrote: This is not a SoGo issue... Zentyal removed LDAP support in version 5. -Original Message- From: users-requ...@sogo.nu [mailto:users-requ...@sogo.nu] On Behalf Of Lucio Crusca Sent: Friday, January 26, 2018 15:43 To: users@sogo.nu Subject: [SOGo] SOGo with Zentyal ADDC Hello all. I'm new here. I've just upgraded a Zentyal instance from 4.1 to 5.0.1. After upgrade, SOGo doesn't let users log in anymore. Users can access other Zentyal services like shares and domain logon, but SOGo refuses the same credentials. I've tried copying over the `/etc/sogo/sogo.conf` from the old installation to the new one, purging the new `sogo` and `zentyal-sogo` packages, then installing them again and finally activating SOGo in the Zentyal control panel. In the /var/log/sogo/sogo.log file I get: Jan 26 13:57:00 sogod [15541]: SOGoRootPage Login from '192.168.1.253' for user 'direzione' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0 Jan 26 13:57:00 sogod [15541]: 192.168.1.253 "POST /SOGo/connect HTTP/1.1" 403 34/64 0.018 - - 0 Here is what I believe is the relevant part of my current sogo.conf (the one that worked in the old version): /* LDAP authentication */ SOGoUserSources = ( { type = ldap; id = sambaLogin; displayName = "SambaLogin"; canAuthenticate = YES; CNFieldName = cn; IDFieldName = cn; UIDFieldName = sAMAccountName; hostname = "ldap://127.0.0.1;; baseDN = "DC=ufficio,DC=lan"; bindDN = "CN=zentyal-mail-barth,CN=Users,DC=ufficio,DC=lan"; bindPassword = "mWaByi97SfgLAWZQ49GS"; bindFields = (sAMAccountName, mail); filter = "(mail='*')"; MailFieldNames = (mail, otherMailbox); }, { type = ldap; id = sambaShared; displayName = "Shared Addressbook"; canAuthenticate = NO; isAddressBook = YES; CNFieldName = cn; IDFieldName = mail; UIDFieldName = mail; hostname = "ldap://127.0.0.1;; baseDN = "DC=ufficio,DC=lan"; bindDN = "CN=zentyal-mail-barth,CN=Users,DC=ufficio,DC=lan"; bindPassword = "mWaByi97SfgLAWZQ49GS"; filter = "((NOT isCriticalSystemObject='TRUE') AND (mail=\'*\') AND (NOT objectClass=contact))"; MailFieldNames = (mail, otherMailbox); }, { type = ldap; id = sambaContacts; displayName = "Shared Contacts"; canAuthenticate = NO; isAddressBook = YES; CNFieldName = cn; IDFieldName = mail; UIDFieldName = mail; hostname = "ldap://127.0.0.1;; baseDN = "DC=ufficio,DC=lan"; bindDN = "CN=zentyal-mail-barth,CN=Users,DC=ufficio,DC=lan"; bindPassword = "mWaByi09SfgLAWZQ49GS"; filter = "objectClass=person) AND (objectClass=contact) AND ((uidNumber>=2000) OR (mail=\'*\'))) AND (NOT isCriticalSystemObject='TRUE') AND (NOT showInAdvancedViewOnly='TRUE') AND (NOT uid=Guest)) OR (((objectClass=group) AND (gidNumber>=2000)) AND (NOT isCriticalSystemObject='TRUE') AND (NOT showInAdvancedViewOnly='TRUE')))"; mapping = { displayname = ("cn"); }; MailFieldNames = (mail, otherMailbox); } ); /* Web Interface */ SOGoPageTitle = "Zentyal Webmail"; SOGoVacationEnabled = NO; SOGoForwardEnabled = YES; SOGoSieveScriptsEnabled = YES; Can you help me spot the problem? -- users@sogo.nu https://inverse.ca/sogo/lists -- Sincerely, Jay Lepore Owner CompuMatter Ofc: 360 299 2428 Email: j...@compumatter.com -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGo with Zentyal ADDC
Il 29/01/2018 22:24, "Dennis Lloyd"" (dll...@sgvfr.com) ha scritto: This is not a SoGo issue... Zentyal removed LDAP support in version 5. Could you please elaborate on that? Assuming you are right, what's the point of bundling SOGo with Zentyal 5 if they can't work together? Anyway, Zentyal 5 documentation seems to imply that it supports LDAP: https://wiki.zentyal.org/wiki/En/5.0/Users,_Computers_and_File_Sharing#LDAP_configuration_options -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGo with Zentyal ADDC
I'm running Zentyal 5.0.10 And SOGo logins work fine with built in LDAP From a command line sudo pdbedit -L -v should give you a list of existing LDAP users maintained by Zentyal Once when LDAP was not working I had to run * /usr/share/zentyal/unconfigure-module samba To fix samba problems. It's been a while but it seems that 'reconfigured' everything and *things worked after that*. You'll have to Google it. CompuMatter Jay On 1/29/2018 1:24 PM, "Dennis Lloyd" (dll...@sgvfr.com) wrote: This is not a SoGo issue... Zentyal removed LDAP support in version 5. -Original Message- From: users-requ...@sogo.nu [mailto:users-requ...@sogo.nu] On Behalf Of Lucio Crusca Sent: Friday, January 26, 2018 15:43 To: users@sogo.nu Subject: [SOGo] SOGo with Zentyal ADDC Hello all. I'm new here. I've just upgraded a Zentyal instance from 4.1 to 5.0.1. After upgrade, SOGo doesn't let users log in anymore. Users can access other Zentyal services like shares and domain logon, but SOGo refuses the same credentials. I've tried copying over the `/etc/sogo/sogo.conf` from the old installation to the new one, purging the new `sogo` and `zentyal-sogo` packages, then installing them again and finally activating SOGo in the Zentyal control panel. In the /var/log/sogo/sogo.log file I get: Jan 26 13:57:00 sogod [15541]: SOGoRootPage Login from '192.168.1.253' for user 'direzione' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0 Jan 26 13:57:00 sogod [15541]: 192.168.1.253 "POST /SOGo/connect HTTP/1.1" 403 34/64 0.018 - - 0 Here is what I believe is the relevant part of my current sogo.conf (the one that worked in the old version): /* LDAP authentication */ SOGoUserSources = ( { type = ldap; id = sambaLogin; displayName = "SambaLogin"; canAuthenticate = YES; CNFieldName = cn; IDFieldName = cn; UIDFieldName = sAMAccountName; hostname = "ldap://127.0.0.1;; baseDN = "DC=ufficio,DC=lan"; bindDN = "CN=zentyal-mail-barth,CN=Users,DC=ufficio,DC=lan"; bindPassword = "mWaByi97SfgLAWZQ49GS"; bindFields = (sAMAccountName, mail); filter = "(mail='*')"; MailFieldNames = (mail, otherMailbox); }, { type = ldap; id = sambaShared; displayName = "Shared Addressbook"; canAuthenticate = NO; isAddressBook = YES; CNFieldName = cn; IDFieldName = mail; UIDFieldName = mail; hostname = "ldap://127.0.0.1;; baseDN = "DC=ufficio,DC=lan"; bindDN = "CN=zentyal-mail-barth,CN=Users,DC=ufficio,DC=lan"; bindPassword = "mWaByi97SfgLAWZQ49GS"; filter = "((NOT isCriticalSystemObject='TRUE') AND (mail=\'*\') AND (NOT objectClass=contact))"; MailFieldNames = (mail, otherMailbox); }, { type = ldap; id = sambaContacts; displayName = "Shared Contacts"; canAuthenticate = NO; isAddressBook = YES; CNFieldName = cn; IDFieldName = mail; UIDFieldName = mail; hostname = "ldap://127.0.0.1;; baseDN = "DC=ufficio,DC=lan"; bindDN = "CN=zentyal-mail-barth,CN=Users,DC=ufficio,DC=lan"; bindPassword = "mWaByi09SfgLAWZQ49GS"; filter = "objectClass=person) AND (objectClass=contact) AND ((uidNumber>=2000) OR (mail=\'*\'))) AND (NOT isCriticalSystemObject='TRUE') AND (NOT showInAdvancedViewOnly='TRUE') AND (NOT uid=Guest)) OR (((objectClass=group) AND (gidNumber>=2000)) AND (NOT isCriticalSystemObject='TRUE') AND (NOT showInAdvancedViewOnly='TRUE')))"; mapping = { displayname = ("cn"); }; MailFieldNames = (mail, otherMailbox); } ); /* Web Interface */ SOGoPageTitle = "Zentyal Webmail"; SOGoVacationEnabled = NO; SOGoForwardEnabled = YES; SOGoSieveScriptsEnabled = YES; Can you help me spot the problem? -- users@sogo.nu https://inverse.ca/sogo/lists -- Sincerely, Jay Lepore Owner CompuMatter Ofc: 360 299 2428 Email: j...@compumatter.com -- users@sogo.nu https://inverse.ca/sogo/lists
RE: [SOGo] SOGo with Zentyal ADDC
This is not a SoGo issue... Zentyal removed LDAP support in version 5. -Original Message- From: users-requ...@sogo.nu [mailto:users-requ...@sogo.nu] On Behalf Of Lucio Crusca Sent: Friday, January 26, 2018 15:43 To: users@sogo.nu Subject: [SOGo] SOGo with Zentyal ADDC Hello all. I'm new here. I've just upgraded a Zentyal instance from 4.1 to 5.0.1. After upgrade, SOGo doesn't let users log in anymore. Users can access other Zentyal services like shares and domain logon, but SOGo refuses the same credentials. I've tried copying over the `/etc/sogo/sogo.conf` from the old installation to the new one, purging the new `sogo` and `zentyal-sogo` packages, then installing them again and finally activating SOGo in the Zentyal control panel. In the /var/log/sogo/sogo.log file I get: Jan 26 13:57:00 sogod [15541]: SOGoRootPage Login from '192.168.1.253' for user 'direzione' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0 Jan 26 13:57:00 sogod [15541]: 192.168.1.253 "POST /SOGo/connect HTTP/1.1" 403 34/64 0.018 - - 0 Here is what I believe is the relevant part of my current sogo.conf (the one that worked in the old version): /* LDAP authentication */ SOGoUserSources = ( { type = ldap; id = sambaLogin; displayName = "SambaLogin"; canAuthenticate = YES; CNFieldName = cn; IDFieldName = cn; UIDFieldName = sAMAccountName; hostname = "ldap://127.0.0.1;; baseDN = "DC=ufficio,DC=lan"; bindDN = "CN=zentyal-mail-barth,CN=Users,DC=ufficio,DC=lan"; bindPassword = "mWaByi97SfgLAWZQ49GS"; bindFields = (sAMAccountName, mail); filter = "(mail='*')"; MailFieldNames = (mail, otherMailbox); }, { type = ldap; id = sambaShared; displayName = "Shared Addressbook"; canAuthenticate = NO; isAddressBook = YES; CNFieldName = cn; IDFieldName = mail; UIDFieldName = mail; hostname = "ldap://127.0.0.1;; baseDN = "DC=ufficio,DC=lan"; bindDN = "CN=zentyal-mail-barth,CN=Users,DC=ufficio,DC=lan"; bindPassword = "mWaByi97SfgLAWZQ49GS"; filter = "((NOT isCriticalSystemObject='TRUE') AND (mail=\'*\') AND (NOT objectClass=contact))"; MailFieldNames = (mail, otherMailbox); }, { type = ldap; id = sambaContacts; displayName = "Shared Contacts"; canAuthenticate = NO; isAddressBook = YES; CNFieldName = cn; IDFieldName = mail; UIDFieldName = mail; hostname = "ldap://127.0.0.1;; baseDN = "DC=ufficio,DC=lan"; bindDN = "CN=zentyal-mail-barth,CN=Users,DC=ufficio,DC=lan"; bindPassword = "mWaByi09SfgLAWZQ49GS"; filter = "objectClass=person) AND (objectClass=contact) AND ((uidNumber>=2000) OR (mail=\'*\'))) AND (NOT isCriticalSystemObject='TRUE') AND (NOT showInAdvancedViewOnly='TRUE') AND (NOT uid=Guest)) OR (((objectClass=group) AND (gidNumber>=2000)) AND (NOT isCriticalSystemObject='TRUE') AND (NOT showInAdvancedViewOnly='TRUE')))"; mapping = { displayname = ("cn"); }; MailFieldNames = (mail, otherMailbox); } ); /* Web Interface */ SOGoPageTitle = "Zentyal Webmail"; SOGoVacationEnabled = NO; SOGoForwardEnabled = YES; SOGoSieveScriptsEnabled = YES; Can you help me spot the problem? -- users@sogo.nu https://inverse.ca/sogo/lists -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] SOGo with Zentyal ADDC
Hello all. I'm new here. I've just upgraded a Zentyal instance from 4.1 to 5.0.1. After upgrade, SOGo doesn't let users log in anymore. Users can access other Zentyal services like shares and domain logon, but SOGo refuses the same credentials. I've tried copying over the `/etc/sogo/sogo.conf` from the old installation to the new one, purging the new `sogo` and `zentyal-sogo` packages, then installing them again and finally activating SOGo in the Zentyal control panel. In the /var/log/sogo/sogo.log file I get: Jan 26 13:57:00 sogod [15541]: SOGoRootPage Login from '192.168.1.253' for user 'direzione' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0 Jan 26 13:57:00 sogod [15541]: 192.168.1.253 "POST /SOGo/connect HTTP/1.1" 403 34/64 0.018 - - 0 Here is what I believe is the relevant part of my current sogo.conf (the one that worked in the old version): /* LDAP authentication */ SOGoUserSources = ( { type = ldap; id = sambaLogin; displayName = "SambaLogin"; canAuthenticate = YES; CNFieldName = cn; IDFieldName = cn; UIDFieldName = sAMAccountName; hostname = "ldap://127.0.0.1;; baseDN = "DC=ufficio,DC=lan"; bindDN = "CN=zentyal-mail-barth,CN=Users,DC=ufficio,DC=lan"; bindPassword = "mWaByi97SfgLAWZQ49GS"; bindFields = (sAMAccountName, mail); filter = "(mail='*')"; MailFieldNames = (mail, otherMailbox); }, { type = ldap; id = sambaShared; displayName = "Shared Addressbook"; canAuthenticate = NO; isAddressBook = YES; CNFieldName = cn; IDFieldName = mail; UIDFieldName = mail; hostname = "ldap://127.0.0.1;; baseDN = "DC=ufficio,DC=lan"; bindDN = "CN=zentyal-mail-barth,CN=Users,DC=ufficio,DC=lan"; bindPassword = "mWaByi97SfgLAWZQ49GS"; filter = "((NOT isCriticalSystemObject='TRUE') AND (mail=\'*\') AND (NOT objectClass=contact))"; MailFieldNames = (mail, otherMailbox); }, { type = ldap; id = sambaContacts; displayName = "Shared Contacts"; canAuthenticate = NO; isAddressBook = YES; CNFieldName = cn; IDFieldName = mail; UIDFieldName = mail; hostname = "ldap://127.0.0.1;; baseDN = "DC=ufficio,DC=lan"; bindDN = "CN=zentyal-mail-barth,CN=Users,DC=ufficio,DC=lan"; bindPassword = "mWaByi09SfgLAWZQ49GS"; filter = "objectClass=person) AND (objectClass=contact) AND ((uidNumber>=2000) OR (mail=\'*\'))) AND (NOT isCriticalSystemObject='TRUE') AND (NOT showInAdvancedViewOnly='TRUE') AND (NOT uid=Guest)) OR (((objectClass=group) AND (gidNumber>=2000)) AND (NOT isCriticalSystemObject='TRUE') AND (NOT showInAdvancedViewOnly='TRUE')))"; mapping = { displayname = ("cn"); }; MailFieldNames = (mail, otherMailbox); } ); /* Web Interface */ SOGoPageTitle = "Zentyal Webmail"; SOGoVacationEnabled = NO; SOGoForwardEnabled = YES; SOGoSieveScriptsEnabled = YES; Can you help me spot the problem? -- users@sogo.nu https://inverse.ca/sogo/lists