Hi guys, Thanks for jumping in. You guys are fantastic. I’ve been trying to work this out and I have no idea why this is beating me. I think I’m missing something really small here. I’m enjoying the leaning process but it’s been over 2 weeks and it’d be nice to see the installation working lol.
I did what you asked and tho I don’t have any Windows PCs to test a join with, I did try the connection to Samba with the smbclient and it does work. I tried changing the bindDN and the SOGoSuperUsernames in the logo.conf file and there is absolutely nothing - same result - Authentication Failure. So I ended up hiring someone on Fiverr to perform the install to see if there was something I was doing wrong. We ended up going the route of CentOS and that led me to yet another issue. I suppose I’ll start another thread for that. Just wanted to say thanks for giving me something to check into. Maybe soon I’ll actually have SOGo working! Azam > On Apr 11, 2016, at 7:19 AM, Steve Ankeny ([email protected]) > <[email protected]> wrote: > > On 04/10/2016 06:24 AM, Azam Premji ([email protected] > <mailto:[email protected]>) wrote: >> Hi guys, >> >> I'm trying to get SOGo to authenticate to Samba4. I have installed Samba >> 4.4.0 and SOGo 3 along with Postfix, Dovecot, MariaDB and Apache2. I'm not >> doing the OpenChange thing - I want to use the Web interface tho and maybe >> Outlook 2013 so I have activesync installed. I installed Samba by >> downloading with wget and going thru ./configure, make, and make install. > > Did you setup Samba as an Active Directory Controller? Have you "joined" any > client machines to the domain, which appears to be "rhytmic.ca > <http://rhytmic.ca/>," and can you authenticate as a Samba AD user against > the Samba DB? > > It's not that you MUST join your client machines to the domain but just a way > of testing the Samba DB > > Below: Can you login to the MySQL DB with "Administrator/password123"? > > Again, it's just a way to troubleshoot whether the Samba DB recognizes the > username/password. > > Did you create the username/password during "samba-tool" domain provision? > Can you login to Samba or MySQL with username/password, particularly, > "Administrator/password123" in MySQL? > > pg 9, 17 in Native Microsoft Outlook Guide > <http://sogo.nu/files/docs/SOGoNativeOutlookConfigurationGuide.pdf> (PDF) > > Your setup below in SOGo.conf appears correct IF you're using Samba AD for > authentication and IF the users actually exist (see creation of users with > "samba-tool") I'm not offering solutions as much as things to check. > > When it doesn't work, you need to find out if you can login as > username/password at the Samba level. > > Try logging into MySQL as "Administrator/password123" That should tell you > something as well. You login to the SOGo web interface with each user > account to create user tables and fields, but you must create the users. > > "samba-tool user add <username>" etc. > >> I'm able to see the Web interface of SOGo but logging in simply throws an >> 'Authentication Failed, Wrong username or Password' message. When I look >> into my /var/log/sogo/sogo.log I see the following: >> >> >> Apr 10 05:33:31 sogod [3841]: <0x0x56526fccc9b8[WOWatchDog]> child spawned >> with pid 3844 >> Apr 10 05:33:31 sogod [3841]: <0x0x56526fccc9b8[WOWatchDog]> child spawned >> with pid 3845 >> Apr 10 05:33:31 sogod [3841]: <0x0x56526fccc9b8[WOWatchDog]> child spawned >> with pid 3846 >> Apr 10 05:35:00 sogod [3845]: <0x0x56526ff25ba8[SOGoCache]> Cache cleanup >> interval set every 300.000000 seconds >> Apr 10 05:35:00 sogod [3845]: <0x0x56526ff25ba8[SOGoCache]> Using host(s) >> '127.0.0.1' as server(s) >> Apr 10 05:35:00 sogod [3845]: [ERROR] <0x0x56526fcca9b8[NGBundleManager]> >> could not create bundle for path: >> '/usr/share/GNUstep/Libraries/gnustep-base/Versions/1.24/Resources/SSL.bundle' >> Apr 10 05:35:00 sogod [3845]: [WARN] <0x0x7f0a438fd3c0[WOxElemBuilder]> >> could not locate builders: WOxExtElemBuilder,WOxExtElemBuilder >> Apr 10 05:35:00 sogod [3845]: 10.10.1.100 "GET /SOGo/ HTTP/1.1" 200 6099/0 >> 0.065 22165 72% 4M >> Apr 10 05:35:07 sogod [3845]: SOGoRootPage Login from '10.10.1.100' for user >> 'test1' might not have worked - password policy: 65535 grace: -1 expire: >> -1 bound: 0 >> Apr 10 05:35:07 sogod [3845]: 10.10.1.100 "POST /SOGo/connect HTTP/1.1" 403 >> 34/62 0.062 - - 596K >> >> >> I read that there isn't really anything to worry about not being able to >> create the SSL.bundle thing but I don't know about the >> WOxExtElemBuilder,WOxExtElemBuilder error. I couldn't find a file like that >> on my system. And the last one there about the password policy I have no >> idea. I do have the following set: >> /usr/local/samba/bin/samba-tool domain passwordsettings set --complexity=off >> /usr/local/samba/bin/samba-tool domain passwordsettings set >> --min-pwd-length=1 >> /usr/local/samba/bin/samba-tool user setexpiry Administrator --noexpiry >> >> >> >> Here is my sogo.conf (removed most parts that have have been commented out >> anyway, easy passwords for test environment): >> /* Database configuration (mysql:// or postgresql://) */ >> SOGoProfileURL = >> "mysql://sogo:password123@localhost:3306/sogo/sogo_user_profile"; >> OCSFolderInfoURL = >> "mysql://sogo:password123@localhost:3306/sogo/sogo_folder_info"; >> OCSSessionsFolderURL = >> "mysql://sogo:password123@localhost:3306/sogo/sogo_sessions_folder"; >> >> /* Mail */ >> SOGoDraftsFolderName = INBOX/Drafts; >> SOGoSentFolderName = INBOX/Sent; >> SOGoTrashFolderName = INBOX/Trash; >> SOGoIMAPServer = imaps://localhost:993; >> SOGoSieveServer = sieve://127.0.0.1:4190; >> SOGoSMTPServer = 127.0.0.1; >> SOGoMailDomain = rhythmic.ca; >> SOGoMailingMechanism = smtp; >> //SOGoForceExternalLoginWithEmail = NO; >> //SOGoMailSpoolPath = /var/spool/sogo; >> //NGImap4ConnectionStringSeparator = "/"; >> >> >> /* LDAP AD/Samba4 example */ >> SOGoUserSources = ( >> { >> type = ldap; >> CNFieldName = cn; >> UIDFieldName = sAMAccountName; >> baseDN = "CN=users,dc=rhythmic,dc=ca"; >> bindDN = "[email protected]" <mailto:[email protected]>; >> bindFields = (sAMAccountName, mail); >> bindPassword = password123; >> canAuthenticate = YES; >> displayName = "Public"; >> hostname = ldap://127.0.0.1:389 <ldap://127.0.0.1:389>; >> filter = "mail = '*'"; >> id = directory; >> isAddressBook = YES; >> } >> ); >> /* Web Interface */ >> SOGoPageTitle = RhythmicCanada; >> SOGoVacationEnabled = YES; >> SOGoForwardEnabled = YES; >> SOGoSieveScriptsEnabled = YES; >> //SOGoMailAuxiliaryUserAccountsEnabled = YES; >> //SOGoTrustProxyAuthentication = NO; >> >> /* General */ >> SOGoLanguage = English; >> SOGoTimeZone = America/Toronto; >> SOGoCalendarDefaultRoles = ( >> PublicDAndTViewer, >> ConfidentialDAndTViewer >> ); >> SOGoSuperUsernames = (Administrator); // This is an array - keep the parens! >> SxVMemLimit = 384; >> WOPidFile = "/var/run/sogo/sogo.pid"; >> SOGoMemcachedHost = 127.0.0.1; >> } >> >> I'm not sure if I'm missing a step and I have a feeling it's something >> really stupid. >> - Does my sogo.conf look right for Samba authentication? Should it really >> say type = ldap? >> - I copied the format of the bindDN from a website. Is that accurate? >> - Since I have a user in Samba (test1), how can I check what the CN=,DC=, is >> for that user in Samba? This way I know if the CN listed in my baseDN is >> actually 'users'? >> >> Don't know if this is related or I should be starting a new thread for it >> but log.samba shows this error: >> [2016/04/10 06:15:45.597445, 0] >> ../source4/smbd/server.c:485(binary_smbd_main) >> samba: using 'standard' process model >> samba: setproctitle not initialized, please either call setproctitle_init() >> or link against libbsd-ctor. >> samba: setproctitle not initialized, please either call setproctitle_init() >> or link against libbsd-ctor. >> samba: setproctitle not initialized, please either call setproctitle_init() >> or link against libbsd-ctor. >> samba: setproctitle not initialized, please either call setproctitle_init() >> or link against libbsd-ctor. >> samba: setproctitle not initialized, please either call setproctitle_init() >> or link against libbsd-ctor. >> samba: setproctitle not initialized, please either call setproctitle_init() >> or link against libbsd-ctor. >> samba: setproctitle not initialized, please either call setproctitle_init() >> or link against libbsd-ctor. >> samba: setproctitle not initialized, please either call setproctitle_init() >> or link against libbsd-ctor. >> samba: setproctitle not initialized, please either call setproctitle_init() >> or link against libbsd-ctor. >> [2016/04/10 06:15:45.626622, 0] >> ../lib/util/become_daemon.c:124(daemon_ready) >> STATUS=daemon 'samba' finished starting up and ready to serve connections >> samba: setproctitle not initialized, please either call setproctitle_init() >> or link against libbsd-ctor. >> samba: setproctitle not initialized, please either call setproctitle_init() >> or link against libbsd-ctor. >> samba: setproctitle not initialized, please either call setproctitle_init() >> or link against libbsd-ctor. >> samba: setproctitle not initialized, please either call setproctitle_init() >> or link against libbsd-ctor. >> >> >> I'm quite stumped. I welcome any help. >> >> Thanks! >> >> Azam >> > > -- > [email protected] <mailto:[email protected]> > https://inverse.ca/sogo/lists <https://inverse.ca/sogo/lists> -- [email protected] https://inverse.ca/sogo/lists
