In '/var/log/auth.log' there are a series of authentication errors --
Jul 27 08:33:04 sogo auth: pam_unix(dovecot:auth): check pass; user unknown
Jul 27 08:33:04 sogo auth: pam_unix(dovecot:auth): authentication
failure; logname= uid=0 euid=0 tty=dovecot ruser=michael rhost=127.0.0.1
Jul 27 08:33:04 sogo auth: pam_winbind(dovecot:auth): getting password
(0x00000388)
Jul 27 08:33:04 sogo auth: pam_winbind(dovecot:auth): pam_get_item
returned a password
These were logged during an attempt to login to Samba AD
It appears there's an issue with Dovecot authentication (or "pam") but
it may be elsewhere.
This is the instance where "dcerpc" calls from 'smb.conf' --
### Configuration required by OpenChange server ###
dsb:schema update allowed = true
dcerpc endpoint servers = +mapiproxy
dcerpc_mapiproxy:server = true
dcerpc_mapiproxy:interfaces = exchange_emsmdb, exchange_nsp,
exchange_ds_rfr
### Configuration required by OpenChange server ###
When I uncomment those "dcerpc" calls, Samba AD allows the first few
users to login then gives "Access denied" to the next users. Curiously
enough, even in that instance, Samba services are STILL running.
adam@sogo:~$ sudo initctl list | egrep 'samba|smb|nmb|winbind'
nmbd start/running
winbind stop/waiting
smbd stop/waiting
reload-smbd stop/waiting
samba-ad-dc start/running, process 6644
adam@sogo:~$
However, I am unsure whether any of the OpenChange services are running
in that instance.
Without the "dcerpc" calls, none of the OpenChange services appear to be
running --
adam@sogo:~$ sudo service --status-all | egrep 'openchange|ocsmanager|rpc'
[ ? ] apport
[ ? ] console-setup
[ ? ] dns-clean
[ ? ] irqbalance
[ ? ] killprocs
[ ? ] kmod
[ ? ] mysql
[ ? ] networking
[ ? ] ondemand
[ - ] openchange-ocsmanager
[ ? ] pppd-dns
[ ? ] rc.local
[ ? ] screen-cleanup
[ ? ] sendsigs
[ ? ] umountfs
[ ? ] umountnfs.sh
[ ? ] umountroot
adam@sogo:~$
'initctl list' returns NO OpenChange services. I followed the
instructions on provisioning OpenChange initially. However, that was
BEFORE upgrade to Samba 4.1.18 & SOGo/OpenChange 2.3 Do I need to
reprovision?
*Is there a separate tool to test OpenChange provision?**
*
Any suggestions would be appreciated. Thx.
--
[email protected]
https://inverse.ca/sogo/lists
