Hi guys,
I'm trying to get SOGo to authenticate to Samba4. I have installed Samba 4.4.0
and SOGo 3 along with Postfix, Dovecot, MariaDB and Apache2. I'm not doing the
OpenChange thing - I want to use the Web interface tho and maybe Outlook 2013
so I have activesync installed. I installed Samba by downloading with wget and
going thru ./configure, make, and make install.
I'm able to see the Web interface of SOGo but logging in simply throws an
'Authentication Failed, Wrong username or Password' message. When I look into
my /var/log/sogo/sogo.log I see the following:
Apr 10 05:33:31 sogod [3841]: <0x0x56526fccc9b8[WOWatchDog]> child spawned with
pid 3844
Apr 10 05:33:31 sogod [3841]: <0x0x56526fccc9b8[WOWatchDog]> child spawned with
pid 3845
Apr 10 05:33:31 sogod [3841]: <0x0x56526fccc9b8[WOWatchDog]> child spawned with
pid 3846
Apr 10 05:35:00 sogod [3845]: <0x0x56526ff25ba8[SOGoCache]> Cache cleanup
interval set every 300.000000 seconds
Apr 10 05:35:00 sogod [3845]: <0x0x56526ff25ba8[SOGoCache]> Using host(s)
'127.0.0.1' as server(s)
Apr 10 05:35:00 sogod [3845]: [ERROR] <0x0x56526fcca9b8[NGBundleManager]> could
not create bundle for path:
'/usr/share/GNUstep/Libraries/gnustep-base/Versions/1.24/Resources/SSL.bundle'
Apr 10 05:35:00 sogod [3845]: [WARN] <0x0x7f0a438fd3c0[WOxElemBuilder]> could
not locate builders: WOxExtElemBuilder,WOxExtElemBuilder
Apr 10 05:35:00 sogod [3845]: 10.10.1.100 "GET /SOGo/ HTTP/1.1" 200 6099/0
0.065 22165 72% 4M
Apr 10 05:35:07 sogod [3845]: SOGoRootPage Login from '10.10.1.100' for user
'test1' might not have worked - password policy: 65535 grace: -1 expire: -1
bound: 0
Apr 10 05:35:07 sogod [3845]: 10.10.1.100 "POST /SOGo/connect HTTP/1.1" 403
34/62 0.062 - - 596K
I read that there isn't really anything to worry about not being able to create
the SSL.bundle thing but I don't know about the
WOxExtElemBuilder,WOxExtElemBuilder error. I couldn't find a file like that on
my system. And the last one there about the password policy I have no idea. I
do have the following set:
/usr/local/samba/bin/samba-tool domain passwordsettings set --complexity=off
/usr/local/samba/bin/samba-tool domain passwordsettings set --min-pwd-length=1
/usr/local/samba/bin/samba-tool user setexpiry Administrator --noexpiry
Here is my sogo.conf (removed most parts that have have been commented out
anyway, easy passwords for test environment):
/* Database configuration (mysql:// or postgresql://) */
SOGoProfileURL =
"mysql://sogo:password123@localhost:3306/sogo/sogo_user_profile";
OCSFolderInfoURL =
"mysql://sogo:password123@localhost:3306/sogo/sogo_folder_info";
OCSSessionsFolderURL =
"mysql://sogo:password123@localhost:3306/sogo/sogo_sessions_folder";
/* Mail */
SOGoDraftsFolderName = INBOX/Drafts;
SOGoSentFolderName = INBOX/Sent;
SOGoTrashFolderName = INBOX/Trash;
SOGoIMAPServer = imaps://localhost:993;
SOGoSieveServer = sieve://127.0.0.1:4190;
SOGoSMTPServer = 127.0.0.1;
SOGoMailDomain = rhythmic.ca;
SOGoMailingMechanism = smtp;
//SOGoForceExternalLoginWithEmail = NO;
//SOGoMailSpoolPath = /var/spool/sogo;
//NGImap4ConnectionStringSeparator = "/";
/* LDAP AD/Samba4 example */
SOGoUserSources = (
{
type = ldap;
CNFieldName = cn;
UIDFieldName = sAMAccountName;
baseDN = "CN=users,dc=rhythmic,dc=ca";
bindDN = "[email protected]";
bindFields = (sAMAccountName, mail);
bindPassword = password123;
canAuthenticate = YES;
displayName = "Public";
hostname = ldap://127.0.0.1:389;
filter = "mail = '*'";
id = directory;
isAddressBook = YES;
}
);
/* Web Interface */
SOGoPageTitle = RhythmicCanada;
SOGoVacationEnabled = YES;
SOGoForwardEnabled = YES;
SOGoSieveScriptsEnabled = YES;
//SOGoMailAuxiliaryUserAccountsEnabled = YES;
//SOGoTrustProxyAuthentication = NO;
/* General */
SOGoLanguage = English;
SOGoTimeZone = America/Toronto;
SOGoCalendarDefaultRoles = (
PublicDAndTViewer,
ConfidentialDAndTViewer
);
SOGoSuperUsernames = (Administrator); // This is an array - keep the parens!
SxVMemLimit = 384;
WOPidFile = "/var/run/sogo/sogo.pid";
SOGoMemcachedHost = 127.0.0.1;
}
I'm not sure if I'm missing a step and I have a feeling it's something really
stupid.
- Does my sogo.conf look right for Samba authentication? Should it really say
type = ldap?
- I copied the format of the bindDN from a website. Is that accurate?
- Since I have a user in Samba (test1), how can I check what the CN=,DC=, is
for that user in Samba? This way I know if the CN listed in my baseDN is
actually 'users'?
Don't know if this is related or I should be starting a new thread for it but
log.samba shows this error:
[2016/04/10 06:15:45.597445, 0] ../source4/smbd/server.c:485(binary_smbd_main)
samba: using 'standard' process model
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
[2016/04/10 06:15:45.626622, 0] ../lib/util/become_daemon.c:124(daemon_ready)
STATUS=daemon 'samba' finished starting up and ready to serve connections
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
I'm quite stumped. I welcome any help.
Thanks!
Azam
--
[email protected]
https://inverse.ca/sogo/lists
