Ok so I changed the password for postgres user sogo, now that error doesn't show up. However its still showing this in :
tail -f /var/log/sogo/sogo.log localhost - - [11/Mar/2013:13:53:10 GMT] "GET /SOGo/ HTTP/1.1" 200 3808/0 0.493 11697 67% 3M Mar 11 13:53:15 sogod [2135]: SOGoRootPage successful login for user 'sjswarts' - expire = -1 grace = -1 Mar 11 13:53:15 sogod [2135]: [ERROR] <0x0x7f4560f653c0[LDAPSource]> Could not bind to the LDAP server localhost (389) using the bind DN: cn=Administrator,cn=Users,dc=example,dc=com Mar 11 13:53:15 sogod [2135]: [ERROR] <0x0x7f4560f653c0[LDAPSource]> <NSException: 0x7f45610550c0> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{login = "cn=Administrator,cn=Users,dc=example,dc=com"; } 2013-03-11 13:53:15.418 sogod[2135] Note: Using UTF-8 as URL encoding in NGExtensions. localhost - - [11/Mar/2013:13:53:15 GMT] "POST /SOGo/connect HTTP/1.1" 200 27/48 0.229 - - 932K 2013-03-11 13:53:15.430 sogod[2135] ERROR(-[NSNull(misc) forwardInvocation:]): called selector objectForKey: on NSNull ! 2013-03-11 13:53:15.456 sogod[2135] ERROR(-[NSNull(misc) forwardInvocation:]): called selector setObject:forKey: on NSNull ! 2013-03-11 13:53:15.456 sogod[2135] didn't set return value for type 'v' localhost - - [11/Mar/2013:13:53:15 GMT] "GET /SOGo/sjswarts HTTP/1.1" 404 37/0 0.030 - - 44K Regards, Steven Swarts From: Steven Swarts [mailto:ste...@swartsit.com] Sent: Monday, 11 March 2013 12:46 PM To: users@sogo.nu Subject: RE: [SOGo] Re: New Samba4/OpenChange/Sogo tutorial G'day Oliver, I have followed your tutorial, first up you are a legend - if you come to Australia, Perth I will buy you a beer. Easy to follow, I have got my Win 7 Test machine connected to the domain, Igestis works great, only 1 issue. Issue: I can log in to the domain controlled windows 7 machine using username set by igestis - sjswarts - I can find my server in outlook, is underlined and my set email address is populated correctly. But when Outlook tries to connect to the default folders it fails with this error: "Cannot open your default e-mail folders. You must connect to Microsoft Exchange with the current profile before you can synchronize you folders with your Outlook data file (.ost)" I also cannot log in to http://*server*ip/SOGo with the same username. The authentication side works (if I put random name and password it says authentication failure) but it can't find the username - sjswarts Any help would be very much appreciated, Thank you Regards, Steven Swarts From: Olivier Bitsch [mailto:olivier.bit...@gmail.com] Sent: Thursday, 7 March 2013 11:19 PM To: users@sogo.nu Subject: Re: [SOGo] Re: New Samba4/OpenChange/Sogo tutorial No, it's not missing, it's only in the optional step igestis : http://iabsis.com/EN/article/35-7/Installation-d-iGestis-optionnel You can add igestis repository and install pam-mkhomedir package, or download this file http://open.iabsis.com/subversion/pam-mkhomedir/trunk/mkhomedir at /usr/share/pam-configs/ and run again pam-auth-update. Best regards. Olivier. 2013/3/7 Netwodist <netwod...@gmail.com> I think there is one thing missing from pam configuration. It is this line session required pam_mkhomedir.so Which creates a home directory if it doesn't exist for the new user in AD after authentication. What do you think Olivier? On 06/03/13 08:02, Dirk Werner wrote: Sorry, my mails yesterday did got stuck, don't knwo why. The WIn client has the sogo server as only DNS Server, I have stopped and restarted Samba, the file log.samba is very big, here's an excerpt from it when I try to join the domain and when the message 'Wrong username or Password' on the Win7 client is shown: cldap netlogon query domain=SOGO.AIRWERK.NET host=AIRWERK-NB3 user=AIRWERK-NB3$ version=22 guid=(null) [2013/03/05 23:24:55, 4] ../source4/lib/socket/interface.c:121(add_interface) added interface eth0 ip=fe80::5054:ff:fece:108c%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff:: [2013/03/05 23:24:55, 4] ../source4/lib/socket/interface.c:121(add_interface) added interface eth0 ip=192.168.40.1 bcast=192.168.40.255 netmask=255.255.255.0 [2013/03/05 23:24:55, 5] ../source4/cldap_server/netlogon.c:458(cldapd_netlogon_request) cldap netlogon query domain=SOGO.AIRWERK.NET host=AIRWERK-NB3 user=AIRWERK-NB3$ version=22 guid=(null) [2013/03/05 23:24:55, 4] ../source4/lib/socket/interface.c:121(add_interface) added interface eth0 ip=fe80::5054:ff:fece:108c%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff:: [2013/03/05 23:24:55, 4] ../source4/lib/socket/interface.c:121(add_interface) added interface eth0 ip=192.168.40.1 bcast=192.168.40.255 netmask=255.255.255.0 [2013/03/05 23:24:55, 5] ../source4/cldap_server/netlogon.c:458(cldapd_netlogon_request) cldap netlogon query domain=SOGO.AIRWERK.NET host=AIRWERK-NB3 user=(null) version=22 guid=(null) [2013/03/05 23:24:55, 4] ../source4/lib/socket/interface.c:121(add_interface) added interface eth0 ip=fe80::5054:ff:fece:108c%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff:: [2013/03/05 23:24:55, 4] ../source4/lib/socket/interface.c:121(add_interface) added interface eth0 ip=192.168.40.1 bcast=192.168.40.255 netmask=255.255.255.0 [2013/03/05 23:24:55, 4] ../source4/dsdb/repl/drepl_notify.c:463(dreplsrv_notify_schedule) dreplsrv_notify_schedule(5) scheduled for: Tue Mar 5 23:25:01 2013 CET [2013/03/05 23:24:55, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) Kerberos: TGS-REQ administra...@sogo.airwerk.net from ipv4:192.168.40.167:49516 for cifs/remote.sogo.airwerk....@sogo.airwerk.net [canonicalize, renewable, forwardable] [2013/03/05 23:24:55, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) Kerberos: TGS-REQ authtime: 2013-03-05T23:24:54 starttime: 2013-03-05T23:24:55 endtime: 2013-03-06T09:24:54 renew till: 2013-03-12T23:24:54 [2013/03/05 23:24:55, 3] ../source4/smbd/service_stream.c:63(stream_terminate_connection) Terminating connection - 'kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' [2013/03/05 23:24:55, 5] ../source4/lib/messaging/messaging.c:554(imessaging_cleanup) imessaging: cleaning up /var/lib/samba/private/smbd.tmp/msg/msg.0.34 [2013/03/05 23:24:55, 3] ../source4/smbd/process_single.c:104(single_terminate) single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] [2013/03/05 23:24:55, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) Kerberos: TGS-REQ administra...@sogo.airwerk.net from ipv4:192.168.40.167:49517 for krbtgt/sogo.airwerk....@sogo.airwerk.net [renewable-ok, canonicalize, renewable, forwarded, forwardable] [2013/03/05 23:24:55, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) Kerberos: TGS-REQ authtime: 2013-03-05T23:24:54 starttime: 2013-03-05T23:24:55 endtime: 2013-03-06T09:24:54 renew till: 2013-03-12T23:24:54 [2013/03/05 23:24:55, 3] ../source4/smbd/service_stream.c:63(stream_terminate_connection) Terminating connection - 'kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' [2013/03/05 23:24:55, 5] ../source4/lib/messaging/messaging.c:554(imessaging_cleanup) imessaging: cleaning up /var/lib/samba/private/smbd.tmp/msg/msg.0.34 [2013/03/05 23:24:55, 3] ../source4/smbd/process_single.c:104(single_terminate) single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] [2013/03/05 23:25:00, 4] ../source4/dsdb/repl/drepl_notify.c:463(dreplsrv_notify_schedule) dreplsrv_notify_schedule(5) scheduled for: Tue Mar 5 23:25:06 2013 CET [2013/03/05 23:25:05, 4] ../source4/dsdb/repl/drepl_notify.c:463(dreplsrv_notify_schedule) dreplsrv_notify_schedule(5) scheduled for: Tue Mar 5 23:25:11 2013 CET On 03/05/2013 11:08 PM, Olivier Bitsch wrote: Are you sure that your Windows box is using the IP address of your server as main DNS server? If still not, please try : * Stop Samba4 services, check there is no smbd or samba process working (killall smbd && killall samba). * Start Samba4 again. * Check /var/log/samba/log.samba (smbd is used by samba3 process). Also, can you give me your /var/log/samba/log.samba file? Thanks Olivier. 2013/3/5 Dirk Werner <werdi4...@googlemail.com> Thanks for replying! I have the same thing happening with the user Administrator. kinit Administrator works fine! On 03/05/2013 11:01 PM, Olivier Bitsch wrote: It seems that you tried to join with rweissmann username? You have to use the "Administrator" account in the windows credential when joining the domain. Additionally, the entry /var/lib/samba/passdb.tdb is probably not used by Samba4 as this file is used when Samba4 uses the old tdb has backend (now it uses an OpenLDAP fork). Best regards. Olivier 2013/3/5 Dirk Werner <werdi4...@googlemail.com> Hi Olivier, I have had a new installation today following your tutorial and that went fine through including igestis! However, when I try to join the domain on a windows 7 client, the join fails with 'username or password wrong' and I have the following line in /var/log/samba/log.smbd check_sam_security: Couldn't find user 'rweissmann' in passdb. [2013/03/05 21:41:34.306661, 2] auth/auth.c:319(check_ntlm_password) check_ntlm_password: Authentication for user [rweissmann] -> [rweissmann] FAILED with error NT_STATUS_NO_SUCH_USER [2013/03/05 21:41:34.306735, 3] smbd/error.c:81(error_packet_set) error packet at smbd/sesssetup.c(124) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE samba-tool user list - lists user 'rweissmann' and getent passwd also: SOGO\rweissmann:*:3000022:100:Roland Weissmann:/home/rweissmann:/usr/sbin/nologin When I do tdbdump /var/lib/samba/passdb.tdb : tdbdump /var/lib/samba/passdb.tdb { key(13) = "RID_000001f5\00" data(7) = "nobody\00" } { key(13) = "RID_00000bb8\00" data(6) = "dirkw\00" } { key(19) = "INFO/minor_version\00" data(4) = "\00\00\00\00" } { key(9) = "NEXT_RID\00" data(4) = "\E8\03\00\00" } { key(11) = "USER_dirkw\00" data(174) = "\00\00\00\00\7F\A9T|\7F\A9T|\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\0 0\06\00\00\00dirkw\00\07\00\00\00REMOTE\00\01\00\00\00\00\06\00\00\00dirkw\0 0\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\01\00\00\00\00\01\00\00\00 \00\01\00\00\00\00\01\00\00\00\00\B8\0B\00\00\01\02\00\00\00\00\00\00\00\00\ 00\00\00\00\00\00\10\00\00\00\A8\00\15\00\00\00\00\00\00\FF\FF\FF\FF\FF\FF\F F\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\00\00\00\00\00\00\00\00\00\00\00 \00\00\00\00\EC\04\00\00" } { key(13) = "INFO/version\00" data(4) = "\04\00\00\00" } { key(12) = "USER_nobody\00" data(176) = "\00\00\00\00\7F\A9T|\7F\A9T|\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\0 0\07\00\00\00nobody\00\07\00\00\00REMOTE\00\01\00\00\00\00\07\00\00\00nobody \00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\01\00\00\00\00\01\00\00\ 00\00\01\00\00\00\00\01\00\00\00\00\F5\01\00\00\01\02\00\00\00\00\00\00\00\0 0\00\00\00\00\00\00\10\00\00\00\A8\00\15\00\00\00\00\00\00\FF\FF\FF\FF\FF\FF \FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\00\00\00\00\00\00\00\00\00\00\ 00\00\00\00\00\EC\04\00\00" } The user rweissmann is indeed not in there, all users, I have created with samba-tool are not contained. Any idea? Best regards Dirk On 03/05/2013 07:39 PM, Olivier Bitsch wrote: To all, I've updated my SOGo tutorial and bring the following fixed (still available at <http://iabsis.com/EN/article/35/Samba4-and-OpenChange-on-a-Debian-or-Ubuntu -server/> http://iabsis.com/EN/article/35/Samba4-and-OpenChange-on-a-Debian-or-Ubuntu- server/) * Add a temporarily and cleaner way to install Samba4 (Thanks to Davor Vusir). * Some small other fixes. Don't hesitate to let me a comment on the website if something work or not. Best regards. 2013/3/5 Ludovic Marcotte <lmarco...@inverse.ca> On 28/02/13 03:27, Olivier Bitsch wrote: . Use PostGreSQL by default to avoid the bug http://tracker.openchange.org/issues/413 We identified the bug. MySQL's TEXT data type is limited to 2^16 - 1 = 65535 bytes, so truncation occurs and thus, a crash (because the cache is corrupted). We'll commit a fix shortly and provide an upgrade script (2.0.4 to 2.0.5) to adjust the data type for all tables accordingly. Thanks, -- Ludovic Marcotte +1.514.755.3630 <tel:%2B1.514.755.3630> :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) -- users@sogo.nu https://inverse.ca/sogo/lists