On 04/10/2016 06:24 AM, Azam Premji ([email protected]) wrote:
Hi guys,
I'm trying to get SOGo to authenticate to Samba4. I have installed Samba 4.4.0
and SOGo 3 along with Postfix, Dovecot, MariaDB and Apache2. I'm not doing the
OpenChange thing - I want to use the Web interface tho and maybe Outlook 2013
so I have activesync installed. I installed Samba by downloading with wget and
going thru ./configure, make, and make install.
Did you setup Samba as an Active Directory Controller? Have you
"joined" any client machines to the domain, which appears to be
"rhytmic.ca," and can you authenticate as a Samba AD user against the
Samba DB?
It's not that you MUST join your client machines to the domain but just
a way of testing the Samba DB
Below: Can you login to the MySQL DB with "Administrator/password123"?
Again, it's just a way to troubleshoot whether the Samba DB recognizes
the username/password.
Did you create the username/password during "samba-tool" domain
provision? Can you login to Samba or MySQL with username/password,
particularly, "Administrator/password123" in MySQL?
pg 9, 17 in Native Microsoft Outlook Guide
<http://sogo.nu/files/docs/SOGoNativeOutlookConfigurationGuide.pdf> (PDF)
Your setup below in SOGo.conf appears correct IF you're using Samba AD
for authentication and IF the users actually exist (see creation of
users with "samba-tool") I'm not offering solutions as much as things
to check.
When it doesn't work, you need to find out if you can login as
username/password at the Samba level.
Try logging into MySQL as "Administrator/password123" That should tell
you something as well. You login to the SOGo web interface with each
user account to create user tables and fields, but you must create the
users.
"samba-tool user add <username>" etc.
I'm able to see the Web interface of SOGo but logging in simply throws an
'Authentication Failed, Wrong username or Password' message. When I look into
my /var/log/sogo/sogo.log I see the following:
Apr 10 05:33:31 sogod [3841]: <0x0x56526fccc9b8[WOWatchDog]> child spawned with
pid 3844
Apr 10 05:33:31 sogod [3841]: <0x0x56526fccc9b8[WOWatchDog]> child spawned with
pid 3845
Apr 10 05:33:31 sogod [3841]: <0x0x56526fccc9b8[WOWatchDog]> child spawned with
pid 3846
Apr 10 05:35:00 sogod [3845]: <0x0x56526ff25ba8[SOGoCache]> Cache cleanup
interval set every 300.000000 seconds
Apr 10 05:35:00 sogod [3845]: <0x0x56526ff25ba8[SOGoCache]> Using host(s)
'127.0.0.1' as server(s)
Apr 10 05:35:00 sogod [3845]: [ERROR] <0x0x56526fcca9b8[NGBundleManager]> could
not create bundle for path:
'/usr/share/GNUstep/Libraries/gnustep-base/Versions/1.24/Resources/SSL.bundle'
Apr 10 05:35:00 sogod [3845]: [WARN] <0x0x7f0a438fd3c0[WOxElemBuilder]> could
not locate builders: WOxExtElemBuilder,WOxExtElemBuilder
Apr 10 05:35:00 sogod [3845]: 10.10.1.100 "GET /SOGo/ HTTP/1.1" 200 6099/0
0.065 22165 72% 4M
Apr 10 05:35:07 sogod [3845]: SOGoRootPage Login from '10.10.1.100' for user
'test1' might not have worked - password policy: 65535 grace: -1 expire: -1
bound: 0
Apr 10 05:35:07 sogod [3845]: 10.10.1.100 "POST /SOGo/connect HTTP/1.1" 403
34/62 0.062 - - 596K
I read that there isn't really anything to worry about not being able to create
the SSL.bundle thing but I don't know about the
WOxExtElemBuilder,WOxExtElemBuilder error. I couldn't find a file like that on
my system. And the last one there about the password policy I have no idea. I
do have the following set:
/usr/local/samba/bin/samba-tool domain passwordsettings set --complexity=off
/usr/local/samba/bin/samba-tool domain passwordsettings set --min-pwd-length=1
/usr/local/samba/bin/samba-tool user setexpiry Administrator --noexpiry
Here is my sogo.conf (removed most parts that have have been commented out
anyway, easy passwords for test environment):
/* Database configuration (mysql:// or postgresql://) */
SOGoProfileURL =
"mysql://sogo:password123@localhost:3306/sogo/sogo_user_profile";
OCSFolderInfoURL =
"mysql://sogo:password123@localhost:3306/sogo/sogo_folder_info";
OCSSessionsFolderURL =
"mysql://sogo:password123@localhost:3306/sogo/sogo_sessions_folder";
/* Mail */
SOGoDraftsFolderName = INBOX/Drafts;
SOGoSentFolderName = INBOX/Sent;
SOGoTrashFolderName = INBOX/Trash;
SOGoIMAPServer = imaps://localhost:993;
SOGoSieveServer = sieve://127.0.0.1:4190;
SOGoSMTPServer = 127.0.0.1;
SOGoMailDomain = rhythmic.ca;
SOGoMailingMechanism = smtp;
//SOGoForceExternalLoginWithEmail = NO;
//SOGoMailSpoolPath = /var/spool/sogo;
//NGImap4ConnectionStringSeparator = "/";
/* LDAP AD/Samba4 example */
SOGoUserSources = (
{
type = ldap;
CNFieldName = cn;
UIDFieldName = sAMAccountName;
baseDN = "CN=users,dc=rhythmic,dc=ca";
bindDN = "[email protected]";
bindFields = (sAMAccountName, mail);
bindPassword = password123;
canAuthenticate = YES;
displayName = "Public";
hostname = ldap://127.0.0.1:389;
filter = "mail = '*'";
id = directory;
isAddressBook = YES;
}
);
/* Web Interface */
SOGoPageTitle = RhythmicCanada;
SOGoVacationEnabled = YES;
SOGoForwardEnabled = YES;
SOGoSieveScriptsEnabled = YES;
//SOGoMailAuxiliaryUserAccountsEnabled = YES;
//SOGoTrustProxyAuthentication = NO;
/* General */
SOGoLanguage = English;
SOGoTimeZone = America/Toronto;
SOGoCalendarDefaultRoles = (
PublicDAndTViewer,
ConfidentialDAndTViewer
);
SOGoSuperUsernames = (Administrator); // This is an array - keep the parens!
SxVMemLimit = 384;
WOPidFile = "/var/run/sogo/sogo.pid";
SOGoMemcachedHost = 127.0.0.1;
}
I'm not sure if I'm missing a step and I have a feeling it's something really
stupid.
- Does my sogo.conf look right for Samba authentication? Should it really say
type = ldap?
- I copied the format of the bindDN from a website. Is that accurate?
- Since I have a user in Samba (test1), how can I check what the CN=,DC=, is
for that user in Samba? This way I know if the CN listed in my baseDN is
actually 'users'?
Don't know if this is related or I should be starting a new thread for it but
log.samba shows this error:
[2016/04/10 06:15:45.597445, 0] ../source4/smbd/server.c:485(binary_smbd_main)
samba: using 'standard' process model
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
[2016/04/10 06:15:45.626622, 0] ../lib/util/become_daemon.c:124(daemon_ready)
STATUS=daemon 'samba' finished starting up and ready to serve connections
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
samba: setproctitle not initialized, please either call setproctitle_init() or
link against libbsd-ctor.
I'm quite stumped. I welcome any help.
Thanks!
Azam
--
[email protected]
https://inverse.ca/sogo/lists
