Re: [SOGo] SOGo as second DC
Seizing any roles from an SBS server is not supported. Ever. Under no circumstances should you ever transfer any domain services away from an SBS box. Regardless of what samba documentation, et al may claim, this is always an incorrect action to take. You cannot treat SBS as a typical domain controller, nor can you treat an SBS forest as a typical forest. There are elements within SBS that completely depend upon and expect all roles to be present at all times. And of all roles to transfer, the schema role invites possibly the most disaster, as SBS does not expect non-resident schema modifications. When you’re playing on Microsoft’s infrastructure, there are some MS rules you have to follow. Not everything they mandate is merely a “best practice” or without reason, and this is a prime example. Now that I’m done ranting/scolding, what is the detailed message you receive from ntdsutil? It may be helpful to up the logging level of LDAP Interface Events and DS Schema in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics (start with a value of 2). Also, you may consider a system state restore (you do back up your system state frequently, I hope): http://blogs.technet.com/b/sbs/archive/2011/03/31/how-to-perform-an-authoritative-system-state-restore-in-sbs-2008-2011-standard.aspx. Note this will likely hose your samba instance and require some sort of cleaning to realign it to reality, but SOGo should remain unscathed. Good luck and such. On Mar 12, 2014, at 5:14 PM, Patric Becker p.bec...@britz-trier.de wrote: OK, monologue ;-), I give it up! How should I transfer the Schema role from the sogo box to my sbs? I´ve tried it in Win with ntdsutil and on my linux with samba-tool fsmo seize --role=schema Where is my failure?? ;( Thanks Paddie Patric Becker p.bec...@britz-trier.de hat am 12. März 2014 um 20:43 geschrieben: OK, forget the last mail ;-). After I read a bit more I find out, that the command worked. BUT if I test with samba-tool fsmo show it tells me, that schemamasterrole still is on the sogo box ;-(. I will test a little more this evening. If i get it OK, if not i give up on it. Thanks Paddie Patric Becker p.bec...@britz-trier.de hat am 12. März 2014 um 19:51 geschrieben: Many Thanks for your extensive answer. I´ve tried it this way a few minutes ago. but when I want to seize it back to the SBS i get this error FSMO transfer of 'schema' role successful ERROR: Failed to initiate role seize of 'schema' role: objectclass: modify message must have elements/attributes! I´ve googled a little and found this bugreport https://bugzilla.samba.org/show_bug.cgi?id=9461 As I understand it correctly. I have to rebuild samba with this Patch applied to get this working. Thanks Paddie Steve Boley st...@nams.net hat am 12. März 2014 um 17:08 geschrieben: You only need to move the global catalog the schema over to setup openchange and then you can seize it back from the sbs system and all would be well in active directory land. To simply join as 2nd dc you do not have to seize any roles and the seizing is for extending the exchange schema onto the active directory which actually should be in place in sbs so you might have to just seize the role so the global catalog is copied over and take it right back and openchange might be happy just get ready for a lot of google and debugging probably as this is not a simple task to get it all working. I've put in a feature request for openchange to check for the schema on a remote dc not the local one but that might take a while to be added. Steve On 3/9/2014 8:37 AM, Patric Becker wrote: Hi, I want to join a SOGo-Box to an existing Domain with a Windows SBS 2011 Essentials(!!!) Box. I´ve asked this Question a few weeks before and get the hint to copy/move the fsmo roles from the Windows to the SOGo Box BUT after a few tries and a little more searching in the Web I found out, that I CAN´T copy/move all fsmo Roles from an SBS Essential Server to an other box. My next Idea was to Use the SOGo Box as FIRST DC but the SBS Essential Box couldn´t join a Network as second DC ;(. Is there an other solution to use SOGo in this network?? Thanks Paddie PS: Sorry for starting an new Thread but I´m at home now and write this with our Provider-webfronend. ;-). PPS: The SBS Essential Box was there as I joined the Company ;). I would never buy such crap... -- users@sogo.nu https://inverse.ca/sogo/lists
RE: [SOGo] Sogo Webmail HTML rendering
Hello Christian Display remote inline images is set to always. I am on the latest development trunk and I update daily. Should I change to the stable trunk to send you feedback? Fortunately this problem has gone away in the last few days. I cannot reproduce it with the test email I had in my mail box. Regards Cedric -Original Message- From: users-requ...@sogo.nu [mailto:users-requ...@sogo.nu] On Behalf Of Christian Mack Sent: Mittwoch, 12. März 2014 15:51 To: users@sogo.nu Subject: Re: [SOGo] Sogo Webmail HTML rendering Hello Cedric Perrot Am 2014-03-10 20:55, schrieb Cedric Perrot: I tested the rendering of HTML emails in the SOGO Webmail. 1. Included images are not always resolved and shown. What is set in Preferences -- Mail Options -- Display remote inline images? 2. When forwarding the HTML email the html code is forwarded instead of the rendered mail. If you need a sample case let me know. Which version of SOGo are you using? Please provide an example Kind regards, Christian Mack -- Christian Mack Abteilung Basisdienste KIM IT-Services Universität Konstanz -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Ubuntu 14.04 LTS/Debian Jessie packages
On 12/03/14 20:15, Ludovic Marcotte wrote: Yep, we'll create packages for it. Are you up for a beer on Friday? ;-) Tomorrow's a good one as it is my birthday, so I might even be buying! ;-) -- Ian McMichael . E-Mail: ian.mcmich...@gmail.com . Phone: +44-(0)7703-192837 -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Search entire mailstore from the GUI?
Why not configure your MTA to blind-copy to a central mailbox and search from there? If the desire is to access existing mail, why not access all of the boxes via IMAP and copy messages to a central mailbox? On Mar 12, 2014, at 4:30 PM, Charles Marcus cmar...@media-brokers.com wrote: On 3/12/2014 11:23 AM, Christian Mack christian.m...@uni-konstanz.de wrote: Am 2014-03-12 12:37, schrieb Charles Marcus: On 3/11/2014 9:29 PM, Nigel Pegramndpeg...@gmail.com wrote: Is the web GUI a must? Thunderbird has this capability. You misunderstand. I'm talking about an Administrative function. Something that can search all mailboxes for all user accounts across an entire domain (or even multiple domains, if SOGo is set up for it). No, this feature is not available in SOGo. It has nothing to do with a mail client, so SOGo is not the way to go. And to use such a feature would be highly illegal at least in Europe In the US, employees of companies have no expectation of privacy regarding email, under the following conditions: 1. The employee is using a company email address and system owned and operated by the company, and 2. The Company has a formal policy that the employee is made fully aware of the fact that their employer may monitor their email usage at any time. Alas, I've been tasked with finding some kind of system that will allow the boss, and potentially one or two other people the ability to do this when necessary. Thanks anyway, -- Best regards, Charles -- users@sogo.nu https://inverse.ca/sogo/lists -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] active sync troubles (again)
Hi folks! I'm trying again to connect outlook by active sync to sogo. Now I'm step further but I'm getting those errors: 10.22.21.25 - - [13/Mar/2014:11:55:47 +0100] POST /autodiscover/autodiscover.xml HTTP/1.1 401 3771 - Microsoft.Outlook.15 10.22.21.25 - - [13/Mar/2014:11:55:48 +0100] POST /autodiscover/autodiscover.xml HTTP/1.1 401 3771 - Microsoft.Outlook.15 10.22.21.25 - - [13/Mar/2014:11:55:48 +0100] GET /autodiscover/autodiscover.xml HTTP/1.1 401 293 - WinHttpRequest http 401? Why that? When I'm trying to get to http://mydomain.com/SOGo/Micorosoft-Server-ActiveSync I'm getting that: An error occurred during object publishing reason for HTTP error unknown 401? how can I solve this one? Thanks paul -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] Re: active sync troubles (again)
ok and again a step further (or back not sure): 10.22.21.25 - - [13/Mar/2014:12:21:10 +0100] GET /ews HTTP/1.1 503 4817 - Mozilla/5.0 (Windows NT 6.1; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0 10.22.21.25 - - [13/Mar/2014:12:21:10 +0100] GET /favicon.ico HTTP/1.1 404 4801 - Mozilla/5.0 (Windows NT 6.1; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0 10.22.21.25 - - [13/Mar/2014:12:21:10 +0100] GET /favicon.ico HTTP/1.1 404 676 - Mozilla/5.0 (Windows NT 6.1; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0 10.22.21.25 - - [13/Mar/2014:12:21:22 +0100] GET /autodiscover HTTP/1.1 503 692 - Mozilla/5.0 (Windows NT 6.1; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0 10.22.21.25 - - [13/Mar/2014:12:21:54 +0100] GET /autodiscover HTTP/1.1 503 4837 - Mozilla/5.0 (Windows NT 6.1; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0 10.22.21.25 - - [13/Mar/2014:12:21:54 +0100] GET /favicon.ico HTTP/1.1 404 853 - Mozilla/5.0 (Windows NT 6.1; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0 10.22.21.25 - - [13/Mar/2014:12:21:54 +0100] GET /favicon.ico HTTP/1.1 404 692 - Mozilla/5.0 (Windows NT 6.1; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0 that was while I was connecting to http(and https)://mydomain.com/autodiscover Some help needed here please! Thanks Am 13.03.2014 12:06, schrieb paul batlekov: Hi folks! I'm trying again to connect outlook by active sync to sogo. Now I'm step further but I'm getting those errors: 10.22.21.25 - - [13/Mar/2014:11:55:47 +0100] POST /autodiscover/autodiscover.xml HTTP/1.1 401 3771 - Microsoft.Outlook.15 10.22.21.25 - - [13/Mar/2014:11:55:48 +0100] POST /autodiscover/autodiscover.xml HTTP/1.1 401 3771 - Microsoft.Outlook.15 10.22.21.25 - - [13/Mar/2014:11:55:48 +0100] GET /autodiscover/autodiscover.xml HTTP/1.1 401 293 - WinHttpRequest http 401? Why that? When I'm trying to get to http://mydomain.com/SOGo/Micorosoft-Server-ActiveSync I'm getting that: An error occurred during object publishing reason for HTTP error unknown 401? how can I solve this one? Thanks paul -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Search entire mailstore from the GUI?
Em 13-03-2014 01:08, Ron Scott-Adams escreveu: Why not configure your MTA to blind-copy to a central mailbox and search from there? That would double storage requirements. -- *Marcio Merlone* -- users@sogo.nu https://inverse.ca/sogo/lists
RE: [SOGo] Godaddy
Thank you for your response I have go daddy as an external email host now. How do I get my email from godaddy set up with sogo, will my server running sogo replace godaddy? Where will the email reside physically and how do I set it all up? Matt Endres 2487216942 -Original Message- From: users-requ...@sogo.nu [mailto:users-requ...@sogo.nu] On Behalf Of Christian Mack Sent: Wednesday, March 12, 2014 10:48 AM To: users@sogo.nu Subject: Re: [SOGo] Godaddy Hello mendres Am 2014-03-10 18:35, schrieb mend...@interpowerinduction.com: I am trying to setup sogo to work with externally hosted email (godaddy) I want sogo to get email from godaddy server filtered in house. I have sogo running on ubuntu server with webmin also installed but dont have a clue where to begin setting up the communication to godaddy or setting up shared cal's and phone books. Can anyone assist? Thank you kindly What do you mean by get email from godaddy server filtered in house? Kind regards, Christian Mack -- Christian Mack Abteilung Basisdienste KIM IT-Services Universität Konstanz -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Godaddy
Am 2014-03-13 13:22, schrieb Matt Endres: -Original Message- From: users-requ...@sogo.nu [mailto:users-requ...@sogo.nu] On Behalf Of Christian Mack Sent: Wednesday, March 12, 2014 10:48 AM To: users@sogo.nu Subject: Re: [SOGo] Godaddy Am 2014-03-10 18:35, schrieb mend...@interpowerinduction.com: I am trying to setup sogo to work with externally hosted email (godaddy) I want sogo to get email from godaddy server filtered in house. I have sogo running on ubuntu server with webmin also installed but dont have a clue where to begin setting up the communication to godaddy or setting up shared cal's and phone books. Can anyone assist? Thank you kindly What do you mean by get email from godaddy server filtered in house? I have go daddy as an external email host now. How do I get my email from godaddy set up with sogo, will my server running sogo replace godaddy? Where will the email reside physically and how do I set it all up? If godaddy provides you with an IMAP interface, then your emails will reside on godaddy, and SOGo will access them via IMAP. For Setup you need a source of valid users. This can either be a database or a ldap server. Depending on your choice see the corresponding chapters about SOGoUserSources in the SOGo Installation Guide at http://www.sogo.nu/files/docs/SOGo%20Installation%20Guide.pdf Be aware: Passwords for login in SOGo have to be the same as for login into godaddys mailboxes, as you are not able to set their IMAP server to trust your SOGo server. Kind regards, Christian Mack -- Christian Mack Abteilung Basisdienste KIM IT-Services Universität Konstanz smime.p7s Description: S/MIME Cryptographic Signature
RE: [SOGo] Godaddy
Thanks Again,Will i be able to have shared address books and shared calendars aswell?Matt Endres Original Message Subject: Re: [SOGo] Godaddy From: Christian Mack christian.m...@uni-konstanz.de Date: Thu, March 13, 2014 6:51 am To: users@sogo.nu Am 2014-03-13 13:22, schrieb Matt Endres: -Original Message- From: users-requ...@sogo.nu [mailto:users-requ...@sogo.nu] On Behalf Of Christian Mack Sent: Wednesday, March 12, 2014 10:48 AM To: users@sogo.nu Subject: Re: [SOGo] Godaddy Am 2014-03-10 18:35, schrieb mend...@interpowerinduction.com: I am trying to setup sogo to work with externally hosted email (godaddy) I want sogo to get email from godaddy server filtered in house. I have sogo running on ubuntu server with webmin also installed but dont have a clue where to begin setting up the communication to godaddy or setting up shared cal's and phone books. Can anyone assist? Thank you kindly What do you mean by "get email from godaddy server filtered in house"? I have go daddy as an external email host now. How do I get my email from godaddy set up with sogo, will my server running sogo replace godaddy? Where will the email reside physically and how do I set it all up? If godaddy provides you with an IMAP interface, then your emails will reside on godaddy, and SOGo will access them via IMAP. For Setup you need a source of valid users. This can either be a database or a ldap server. Depending on your choice see the corresponding chapters about SOGoUserSources in the "SOGo Installation Guide" at http://www.sogo.nu/files/docs/SOGo%20Installation%20Guide.pdf Be aware: Passwords for login in SOGo have to be the same as for login into godaddys mailboxes, as you are not able to set their IMAP server to trust your SOGo server. Kind regards, Christian Mack -- Christian Mack Abteilung Basisdienste KIM IT-Services Universität Konstanz
[SOGo] Paying for New Features - please comment in support of bug 2642
Hi all, I would very much like to see Inverse implement this bug. What it is is simply to provide a way for Inverse customers (those who have purchased block hours of support from Inverse) to vote with their pocketbooks for new features (or bug fixes). Details at: http://www.sogo.nu/bugs/view.php?id=2642 -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Godaddy
Hello Matt Endres Yes, they will be stored in a database located on your server and can be shared between all users of your SOGo server. Kind regards, Christian Mack Am 2014-03-13 15:12, schrieb mend...@interpowerinduction.com: Will i be able to have shared address books and shared calendars aswell? Original Message Subject: Re: [SOGo] Godaddy From: Christian Mack christian.m...@uni-konstanz.de mailto:christian.m...@uni-konstanz.de Date: Thu, March 13, 2014 6:51 am To: users@sogo.nu mailto:users@sogo.nu Am 2014-03-13 13:22, schrieb Matt Endres: -Original Message- From:users-requ...@sogo.nu mailto:users-requ...@sogo.nu [mailto:users-requ...@sogo.nu] On Behalf Of Christian Mack Sent: Wednesday, March 12, 2014 10:48 AM To:users@sogo.nu mailto:users@sogo.nu Subject: Re: [SOGo] Godaddy Am 2014-03-10 18:35, schriebmend...@interpowerinduction.com mailto:mend...@interpowerinduction.com: I am trying to setup sogo to work with externally hosted email (godaddy) I want sogo to get email from godaddy server filtered in house. I have sogo running on ubuntu server with webmin also installed but dont have a clue where to begin setting up the communication to godaddy or setting up shared cal's and phone books. Can anyone assist? Thank you kindly What do you mean by get email from godaddy server filtered in house? I have go daddy as an external email host now. How do I get my email from godaddy set up with sogo, will my server running sogo replace godaddy? Where will the email reside physically and how do I set it all up? If godaddy provides you with an IMAP interface, then your emails will reside on godaddy, and SOGo will access them via IMAP. For Setup you need a source of valid users. This can either be a database or a ldap server. Depending on your choice see the corresponding chapters about SOGoUserSources in the SOGo Installation Guide at http://www.sogo.nu/files/docs/SOGo%20Installation%20Guide.pdf Be aware: Passwords for login in SOGo have to be the same as for login into godaddys mailboxes, as you are not able to set their IMAP server to trust your SOGo server. -- Christian Mack Abteilung Basisdienste KIM IT-Services Universität Konstanz smime.p7s Description: S/MIME Cryptographic Signature
Re: [SOGo] Search entire mailstore from the GUI?
On Mar 12, 2014, at 9:30 PM, Charles Marcus cmar...@media-brokers.com wrote: In the US, employees of companies have no expectation of privacy regarding email, under the following conditions: 1. The employee is using a company email address and system owned and operated by the company, and 2. The Company has a formal policy that the employee is made fully aware of the fact that their employer may monitor their email usage at any time. FWIW It's similar in Germany (and presumably most other European countries). Except maybe that employees naively have the expectation of privacy while US people are just used to this ;-) It definitely isn't highly illegal in Europe - *unless* the company explicitly allowed personal usage of their systems. Some do, most don't. hh -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGo as second DC
Remember also that you do not have to do any seizing unless you have to use outlook in your organization. This is only related to the openchange portion which again is only for outlook interoperability and web and thunderbird neither one require it. The schema in microsoft can keep a copy of the global catalog on each dc and I'm not sure why samba hasn't mimiced that function instead of seizing. Which would actually fulfill the requirement openchange is looking for and not muck around with Microsoft's infrastructure like it presently does. It seems the primary focus has been replacement and mimicing the forest and not integration. Steve On 3/12/2014 11:05 PM, Ron Scott-Adams wrote: *Seizing any roles from an SBS server is not supported.* Ever. Under no circumstances should you ever transfer any domain services away from an SBS box. Regardless of what samba documentation, /et al/ may claim, this is always an incorrect action to take. You cannot treat SBS as a typical domain controller, nor can you treat an SBS forest as a typical forest. There are elements within SBS that completely depend upon and expect all roles to be present at all times. And of all roles to transfer, the schema role invites possibly the most disaster, as SBS does not expect non-resident schema modifications. When you’re playing on Microsoft’s infrastructure, there are some MS rules you have to follow. Not everything they mandate is merely a “best practice” or without reason, and this is a prime example. Now that I’m done ranting/scolding, what is the detailed message you receive from ntdsutil? It may be helpful to up the logging level of LDAP Interface Events and DS Schema in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics (start with a value of 2). Also, you may consider a system state restore (you do back up your system state frequently, I hope): http://blogs.technet.com/b/sbs/archive/2011/03/31/how-to-perform-an-authoritative-system-state-restore-in-sbs-2008-2011-standard.aspx. Note this will likely hose your samba instance and require some sort of cleaning to realign it to reality, but SOGo should remain unscathed. Good luck and such. On Mar 12, 2014, at 5:14 PM, Patric Becker p.bec...@britz-trier.de mailto:p.bec...@britz-trier.de wrote: OK, monologue ;-), I give it up! How should I transfer the Schema role from the sogo box to my sbs? I´ve tried it in Win with ntdsutil and on my linux with samba-tool fsmo seize --role=schema Where is my failure?? ;( Thanks Paddie Patric Becker p.bec...@britz-trier.de mailto:p.bec...@britz-trier.de hat am 12. März 2014 um 20:43 geschrieben: OK, forget the last mail ;-). After I read a bit more I find out, that the command worked. BUT if I test with samba-tool fsmo show it tells me, that schemamasterrole still is on the sogo box ;-(. I will test a little more this evening. If i get it OK, if not i give up on it. Thanks Paddie Patric Becker p.bec...@britz-trier.de mailto:p.bec...@britz-trier.de hat am 12. März 2014 um 19:51 geschrieben: Many Thanks for your extensive answer. I´ve tried it this way a few minutes ago. but when I want to seize it back to the SBS i get this error FSMO transfer of 'schema' role successful ERROR: Failed to initiate role seize of 'schema' role: objectclass: modify message must have elements/attributes! I´ve googled a little and found this bugreport https://bugzilla.samba.org/show_bug.cgi?id=9461 As I understand it correctly. I have to rebuild samba with this Patch applied to get this working. Thanks Paddie Steve Boley st...@nams.net mailto:st...@nams.net hat am 12. März 2014 um 17:08 geschrieben: You only need to move the global catalog the schema over to setup openchange and then you can seize it back from the sbs system and all would be well in active directory land. To simply join as 2nd dc you do not have to seize any roles and the seizing is for extending the exchange schema onto the active directory which actually should be in place in sbs so you might have to just seize the role so the global catalog is copied over and take it right back and openchange might be happy just get ready for a lot of google and debugging probably as this is not a simple task to get it all working. I've put in a feature request for openchange to check for the schema on a remote dc not the local one but that might take a while to be added. Steve On 3/9/2014 8:37 AM, Patric Becker wrote: Hi, I want to join a SOGo-Box to an existing Domain with a Windows SBS 2011 Essentials(!!!) Box. I´ve asked this Question a few weeks before and get the hint to copy/move the fsmo roles from the Windows to the SOGo Box BUT after a few tries and a little more searching in the Web I found out, that I CAN´T copy/move all fsmo Roles from an SBS Essential Server to an other box. My next Idea was to Use the SOGo Box as FIRST DC but the SBS Essential Box couldn´t join a Network as second DC ;(. Is there
Re: [SOGo] SOGo as second DC
Steve Boley st...@nams.net hat am 13. März 2014 um 17:33 geschrieben: Remember also that you do not have to do any seizing unless you have to use outlook in your organization. This is only related to the openchange portion which again is only for outlook interoperability and web and thunderbird neither one require it. Thats it ;-). We are using Outlook in my company! And this is not changeable. The schema in microsoft can keep a copy of the global catalog on each dc and I'm not sure why samba hasn't mimiced that function instead of seizing. Which would actually fulfill the requirement openchange is looking for and not muck around with Microsoft's infrastructure like it presently does. It seems the primary focus has been replacement and mimicing the forest and not integration. *sigh* My Idea now is: The sogo-box will get DC, I transfer all roles and GPOs (if possible) to the samba-box and demote the sbs 2011 essential-box (if possible ;-)). The sbs only hosts our Navision Dynamics, so the AD is not necessary on this box. Thanks Paddie Steve On 3/12/2014 11:05 PM, Ron Scott-Adams wrote: Seizing any roles from an SBS server is not supported. Ever. Under no circumstances should you ever transfer any domain services away from an SBS box. Regardless of what samba documentation, et almay claim, this is always an incorrect action to take. You cannot treat SBS as a typical domain controller, nor can you treat an SBS forest as a typical forest. There are elements within SBS that completely depend upon and expect all roles to be present at all times. And of all roles to transfer, the schema role invites possibly the most disaster, as SBS does not expect non-resident schema modifications. When you’re playing on Microsoft’s infrastructure, there are some MS rules you have to follow. Not everything they mandate is merely a “best practice” or without reason, and this is a prime example. Now that I’m done ranting/scolding, what is the detailed message you receive from ntdsutil? It may be helpful to up the logging level of LDAP Interface Events and DS Schema in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics (start with a value of 2). Also, you may consider a system state restore (you do back up your system state frequently, I hope): http://blogs.technet.com/b/sbs/archive/2011/03/31/how-to-perform-an-authoritative-system-state-restore-in-sbs-2008-2011-standard.aspx . Note this will likely hose your samba instance and require some sort of cleaning to realign it to reality, but SOGo should remain unscathed. Good luck and such. On Mar 12, 2014, at 5:14 PM, Patric Becker p.bec...@britz-trier.de mailto:p.bec...@britz-trier.de wrote: OK, monologue ;-), I give it up! How should I transfer the Schema role from the sogo box to my sbs? I´ve tried it in Win with ntdsutil and on my linux with samba-tool fsmo seize --role=schema Where is my failure?? ;( Thanks Paddie Patric Becker p.bec...@britz-trier.de mailto:p.bec...@britz-trier.de hat am 12. März 2014 um 20:43 geschrieben: OK, forget the last mail ;-). After I read a bit more I find out, that the command worked. BUT if I test with samba-tool fsmo show it tells me, that schemamasterrole still is on the sogo box ;-(. I will test a little more this evening. If i get it OK, if not i give up on it. Thanks Paddie Patric Becker p.bec...@britz-trier.de mailto:p.bec...@britz-trier.de hat am 12. März 2014 um 19:51 geschrieben: Many Thanks for your extensive answer. I´ve tried it this way a few minutes ago. but when I want to seize it back to the SBS i get this error FSMO transfer of 'schema' role successful ERROR: Failed to initiate role seize of 'schema' role: objectclass: modify message must have elements/attributes! I´ve googled a little and found this bugreport https://bugzilla.samba.org/show_bug.cgi?id=9461 As I understand it correctly. I have to rebuild samba with this Patch applied to get this working. Thanks Paddie Steve Boley st...@nams.net mailto:st...@nams.net hat am 12. März 2014 um 17:08 geschrieben: You only need to move the global catalog the schema over to setup openchange and then you can seize it back from the
[SOGo] New Sogo Install, cannot login NSRangeException in sogo.log
Hello, I am setting up a Sogo server for evaluation: VMWare VM with Debian 7, and iRedMail package (postfix 2.9.6, dovecot 2.1.7, mysql 5.5.35-0) and using Active Directory for authentication ( LDAP server is windows server 2003). I installed SOGo v 2.2.1.20140313-1 and am having trouble with authentication. When logging in at the /SOGo web page, I get 'Wrong username or password.' Here is the error in /var/log/sogo/sogo.log : Mar 13 23:15:06 sogod [7775]: 0x0x7f1791630db0[LDAPSource] NSException: 0x7f1791b3c2d0 NAME:NSRangeException REASON:in deleteCharactersInRange:, range { 0, 4 } extends beyond size (0) INFO:(null) Mar 13 23:15:06 sogod [7775]: SOGoRootPage Login from '192.168.0.67' for user 'j' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0 192.168.0.67 - - [13/Mar/2014:23:15:06 GMT] POST /SOGo/connect HTTP/1.1 403 34/42 0.034 - - 1M Mar 13 23:28:01 sogod [7775]: 0x0x7f1791630db0[LDAPSource] NSException: 0x7f1791b299f0 NAME:NSRangeException REASON:in deleteCharactersInRange:, range { 0, 4 } extends beyond size (0) INFO:(null) Mar 13 23:28:01 sogod [7775]: SOGoRootPage Login from '192.168.0.67' for user 'administrator' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0 192.168.0.67 - - [13/Mar/2014:23:28:01 GMT] POST /SOGo/connect HTTP/1.1 403 34/48 0.006 - - 28K Both of these user IDs are confirmed working in iRedMails' roundcube installation, and the LDAP settings are the same for iRedmails's dovecot-ldap.conf and SOGoUserSources in the .GNUStepDefaults file. I've tried changing the bindPassword to something incorrect, and the bind failure shows up in the log first, immediately followed by the same NSRangeException error. The makes me think the problem is not an issue with the information being returned by my LDAP server. I tried removing the SOGoUserSources information from .GNUStepDefaults and setting up the same info in sogo.conf, but then the log file reported : No authentication sources defined - nobody will be able to login. Check your defaults. Suggestions? Thanks, JDC ?xml version=1.0 encoding=UTF-8? !DOCTYPE plist PUBLIC -//GNUstep//DTD plist 0.9//EN http://www.gnustep.org/plist-0_9.xml; plist version=0.9 dict keyNSGlobalDomain/key dict /dict keysogod/key dict keyNGImap4DisableIMAP4Pooling/key stringYES/string keyNGUseUTF8AsURLEncoding/key stringYES/string keyOCSFolderInfoURL/key stringmysql://sogo:password@localhost:3306/sogo/sogo_folder_info/string keyOCSSessionsFolderURL/key stringmysql://sogo:password@localhost:3306/sogo/sogo_sessions_folder/string keySOGoACLsSendEMailNotifications/key stringYES/string keySOGoAppointmentSendEMailNotifications/key stringYES/string keySOGoAuthenticationMethod/key stringLDAP/string keySOGoCalendarDefaultRoles/key array stringPublicViewer/string /array keySOGoDraftsFolderName/key stringDrafts/string keySOGoFoldersSendEMailNotifications/key stringYES/string keySOGoForceIMAPLoginWithEmail/key stringYES/string keySOGoForwardEnabeled/key stringYES/string keySOGoIMAPServer/key string1/string keySOGoLDAPContactInfoAttribute/key stringYES/string keySOGoLanguage/key stringItalian/string keySOGoMailDomain/key stringtestdomain.com/string keySOGoMailListViewColumnsOrder/key array stringFlagged/string stringAttachment/string stringPriority/string stringFrom/string stringSubject/string stringUnread/string stringDate/string stringSize/string /array keySOGoMailingMechanism/key stringsmtp/string keySOGoOtherUsersFolderName/key stringOther Users/string keySOGoProfileURL/key stringmysql://sogo:password@localhost:3306/sogo/sogo_user_profile/string keySOGoSMTPServer/key stringlocalhost/string keySOGoSentFolderName/key stringSent/string keySOGoSharedFolderName/key stringCartella Condivisa/string keySOGoTimeZone/key stringAmerica/NewYork/string keySOGoTrashFolderName/key stringTrash/string keySOGoUserSources/key array dict keytype/key stringldap/string keyCNFieldName/key stringname/string keyIDFieldName/key stringcn/string keyUIDFieldName/key stringsAMAccountName/string keybaseDN/key stringcn=Users,dc=testdomain,dc=com,dc=local/string keybindDN/key stringcn=sogo,cn=Users,dc=testdomain,dc=com,dc=local/string keybindFields/key array(sAMAccountName)/array keybindPassword/key stringpassword/string keycanAuthenticate/key stringYES/string keydisplayName/key stringDirectoryName/string keyhostname/key stringldap://192.168.0.3:389/string keyid/key stringpublic/string keyisAddressBook/key stringYES/string /dict /array keySOGoVacationEnabeled/key stringYES/string keyWOMessageUseUTF8/key stringYES/string keyWOParsersUseUTF8/key stringYES/string keyWOPort/key string2/string keyWOUseRelativeURLs/key stringNO/string /dict /dict /plist In sogo.conf: { LDAPDebugEnabled = YES; WOLogFile = /var/log/sogo/sogo.log; } (all other lines are commented) -- users@sogo.nu
[SOGo] Apple iOS Contacts vs OS X Contacts
Hello, I have a question about the functionality of Apple’s iOS Contacts vs OS X Contacts. I know this is probably more of a question for Apple, but how come iOS Contacts works beautifully, yet OS X Contacts doesn’t work at all? Since OS X Contacts supports CardDAV, I would expect something more than just the ability to add a “group” contact. I can’t even see my actual contacts. Even with “one” subscribed contact list, as mentioned in previous bug requests or group messages. It really confuses me. I’m trying to put together a contacts server that supports Apple’s desktop application, yet it seems a little more impossible than I was hoping. Any suggestions or advice out there? Could there possibly be a configuration issue on my end? Thanks! ~Laz Peterson-- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Apple iOS Contacts vs OS X Contacts
Hi Laz On Mar 13, 2014, at 10:44 PM, Laz C. Peterson l...@paravis.net wrote: I have a question about the functionality of Apple’s iOS Contacts vs OS X Contacts. I know this is probably more of a question for Apple, but how come iOS Contacts works beautifully, yet OS X Contacts doesn’t work at all? Since OS X Contacts supports CardDAV, I would expect something more than just the ability to add a “group” contact. I can’t even see my actual contacts. Even with “one” subscribed contact list, as mentioned in previous bug requests or group messages. It really confuses me. I’m trying to put together a contacts server that supports Apple’s desktop application, yet it seems a little more impossible than I was hoping. Any suggestions or advice out there? Could there possibly be a configuration issue on my end? It’s true that iOS Contacts and OSX Contacts don’t seem to share the same source code. However, both mostly work. All personal and shared address books appear under iOS but only the personal address book appear under OSX. However, one can access a public address book under OSX but not under iOS. Francis-- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Odd URL and email display in SOGo webmail address book
Hi Laz On Mar 13, 2014, at 10:39 PM, Laz C. Peterson l...@paravis.net wrote: Is this normal? Seems like I should not be seeing the “a href” etc. Or maybe I should. ;-) This was fixed in 2.2.0. Please consult the BTS: http://sogo.nu/bugs/view.php?id=2604 Francis-- users@sogo.nu https://inverse.ca/sogo/lists