Re: [SOGo] Dovecot shared mailbox dictionary via SOGo
On 17/06/14 23:24, Ludovic Marcotte wrote: Create a brand new ActiveSync profile on Android and only sync the address book. While doing so, sniff the traffic using tcpdump on port 2 from your SOGo server. Send the pcap over privately. I'm working with Ludovic off-line on this one as requested... How wrong? What is the URL being generated? Show your SOGo Integrator customizations and your sogo.conf file. I'm feeling rather silly now. it turns out that the problem all along was a mixture of errors in my Dovecot and AutoMX (used to auto-configure Thunderbird, Outlook, etc. with mail account details) configurations. These were causing the original problem with the incorrect entries in the shared dictionary. I have reverted to using a simple username (sAMAccountName as it's Active Directory) to identify my users uniquely in Dovecot. My mistake was returning mail as the attribute instead of sAMAccountName as the user variable in my auth-ldap.conf.ext file (pass_attrs entry). I've also now switched the Dovecot auth_username_format parameter from %Lu to %Ln. These two changes have made shared folders work in SOGo and Thunderbird without the need for a domain name in the shared dictionary file. The inconsistency in the SOGo Integrator occurred when I was using domain extensions. On a fresh Thunderbird profile it was generating URLs with the correct user@domain in them for calendars but forgetting the @domain part of the URL for contacts. Although confusing, it is working as designed. The calendar URLs must be queried from the SOGo database in some way, whereas the contact ones are constructed locally using the IMAP username. We use AutoMX to look-up e-mail addresses in our Active Directory and publish autoconfig/discovery information for Thunderbird. This was still returning just the plain username and hence the account username for the IMAP account in Thunderbird did not contain the @domain part. As we have reverted to using simple usernames, our AutoMX configuration (returning sAMAccountName for the IMAP username) is now correct and the SOGo Integrator and everything else is happy. Sorry for the noise about this but hope it helps someone else in the future? It's a complex business integrating all these products but is great when it eventually works! -- Ian McMichael • E-Mail: ian.mcmich...@gmail.com • Phone: +44-(0)7703-192837 -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Dovecot shared mailbox dictionary via SOGo
Looks like I spoke too soon when I said everything worked! It certainly does for mail folders and calendars. However, the changes I made appear to have broken address books... Since changing UIDFieldName = mail and running the rename-user, everything appeared to work fine in the SOGo web UI. In fact, I have loaded a lot of test data into calendars and address books today via the web and all seemed fine. I then switched over to Thunderbird, installed the Integrator and Connector and calendars work fine. However, in address books the URL is missing the @example.net (domain) part of the username. This causes address books to fail to load any content. If I manually update the properties in Thunderbird to the URL shown in the SOGo web UI (via the domain extension) then the content appears fine. My question is, where is the Connector plug-in getting this incorrect URL when the user first connects using Thunderbird? I've had a look around the sogo tables in MySQL but can't see anything obviously wrong... ActiveSync also works fine for mail and calendar but fails for address book. No errors are produced but nothing is every sync'd. I suspect it has the same issue as the Thunderbird Connector and if I could resolve that issue everything would be great. Any pointers much appreciated -- Ian McMichael • E-Mail: ian.mcmich...@gmail.com • Phone: +44-(0)7703-192837 -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Dovecot shared mailbox dictionary via SOGo
On 2014-06-17, 12:54 PM, Ian McMichael wrote: ActiveSync also works fine for mail and calendar but fails for address book. No errors are produced but nothing is every sync'd. I suspect it has the same issue as the Thunderbird Connector and if I could resolve that issue everything would be great. Any pointers much appreciated Look for .data files in /tmp. If you find any, send some privately. -- Ludovic Marcotte lmarco...@inverse.ca :: +1.514.755.3630 :: http://inverse.ca Inverse inc. :: Leaders behind SOGo (http://sogo.nu) and PacketFence (http://packetfence.org) -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Dovecot shared mailbox dictionary via SOGo
On 2014-06-17, 2:42 PM, Ian McMichael wrote: No, sadly none present. I suspect it's not actually an ActiveSync issue, which I'm finding very stable and reliable on Android devices here using the current nightlies. Create a brand new ActiveSync profile on Android and only sync the address book. While doing so, sniff the traffic using tcpdump on port 2 from your SOGo server. Send the pcap over privately. As I said, it also impacts the Thunderbird Integrator. That generates the wrong URL for my personal address book when installed on a fresh Thunderbird profile. How wrong? What is the URL being generated? Show your SOGo Integrator customizations and your sogo.conf file. -- Ludovic Marcotte lmarco...@inverse.ca :: +1.514.755.3630 :: http://inverse.ca Inverse inc. :: Leaders behind SOGo (http://sogo.nu) and PacketFence (http://packetfence.org) -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Dovecot shared mailbox dictionary via SOGo
On 13/06/14 16:39, Alexander Pfeiffer wrote: I have never used the sogo-tool, sorry. But i am looking forward to your experiences with it on this topic. OK, I now have shared folders (mostly) working between mailboxes. In the end I didn't go with Alex's suggestion of using SOGoEnableDomainBasedUID as although I have multiple domains on my system the idea is not to separate them. Some users just prefer one domain suffix to another as their primary. My solution was to update UIDFieldName = mail in sogo.conf and restart SOGo. This caused the correct entries to be written to the Dovecot shared mailbox dictionary. After this both SOGo and Thunderbird were able to see the shared mailboxes. However, as expected, it broke each user's Calendar, Address book, etc. To fix these, I ran the following for each user: sogo-tool rename-user username usern...@example.net I'd taken a backup of the MySQL database before starting but it was not needed. Simply running this for each user and then logging them off and back on showed their calendars, etc. again. It's worth noting that for people using Cal/CardDAV (and possibly other access methods) the URL to access the resources is also changed by this command. During testing, I discovered that I could not create folders below a user's INBOX that had been shared with me, despite having the appropriate permission in the ACL. To fix this, I needed to add mail_shared_explicit_inbox = yes to Dovecot's configuration and restart Dovecot. This then shows the INBOX folder below the shared user and allows sub-folders to be created successfully. The only part that doesn't work now is deleting shared sub-folders. Again, it's not a permission thing. Dovecot gets confused in trying to move the sub-folder to my personal Trash. Because the entry is in a shared index for the original folder and needs to be in my personal index for the deleted version, it gets itself in a knot. The work-around appears to be to turn off the functionality of Trash and delete mails/folders immediately. I consider this too dangerous and so will be avoiding the recommendation! Here's a Dovecot mailing list thread about the issue: http://dovecot.2317879.n4.nabble.com/Problem-with-INDEXes-and-deleting-shared-folders-td45844.html As far as I can tell this is not fixed in any way in any version of Dovecot so far. I'd be interested to hear from anyone that has it working? Hope this all saves someone else some time... -- Ian McMichael . E-Mail: ian.mcmich...@gmail.com . Phone: +44-(0)7703-192837 -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] Dovecot shared mailbox dictionary via SOGo
It's Friday afternoon and 13th! My brain is starting to ache after spending the morning trying to diagnose an issue with shared mailboxes using SOGo 2.2.5 and Dovecot 2.2.9 on a new server build under Ubuntu 14.04 LTS. So, I thought I would see if anyone on the list can assist me? I've narrowed the problem down to the username being inserted by SOGo into my shared dictionary file. When I add an entry via the SOGo web UI I get the following style of line written: shared/shared-boxes/user/usera/us...@example.net 1 However, if I use the IMAP ACL extension for Thunderbird and do the same thing it yields: shared/shared-boxes/user/us...@example.net/us...@example.net 1 With the domain name specified in both entries everything works fine in both Thunderbird and the SOGo web UI. So, I guess my question is, where does SOGo get the username of the person I'm sharing a mail folder with? We're using a Samba 4 Active Directory as the source for users and as far as I can tell everything else is working fine. By turning mail_debug on in Dovecot I can see that the ACL plugin is indeed checking for the full e-mail address of the user, rather than just their username. My guess would be to change UIDFieldName in sogo.conf from it's current value of sAMAccountName to mail? However, my understanding is that would break all calendars and addressbooks in the database as they then wouldn't be associated with their owners. Is there a way to fix this if I need to do it? Thanks in advance for any assistance... -- Ian McMichael . E-Mail: ian.mcmich...@gmail.com . Phone: +44-(0)7703-192837 -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Dovecot shared mailbox dictionary via SOGo
Hi Ian, if you change SOGoEnableDomainBasedUID to yes so that UIDFieldName will be taken from the mail adress. This should solve your problem. At least for me it did but i have set it up on a SOGo 2.0.2. There should be no issue with calendars etc. when you are setting up a new server anyway as everything after changing this setting will work again as expected. SOGo will create new tables in the database with the new UID = mail so if you would revert the setting it would use the old tables from the UID = uid again. Hope this helps. Alex On 13.06.2014 16:43, Ian McMichael wrote: My guess would be to change UIDFieldName in sogo.conf from it's current value of sAMAccountName to mail? However, my understanding is that would break all calendars and addressbooks in the database as they then wouldn't be associated with their owners. Is there a way to fix this if I need to do it? -- dipl.-ing. alexander pfeiffer architekt bda eginhardstraße 9 52070 aachen fon +49 241 9968186 fax +49 241 401 0783 mail: alexander.m.pfeif...@gmail.com -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Dovecot shared mailbox dictionary via SOGo
On 13/06/14 15:58, Alexander Pfeiffer wrote: There should be no issue with calendars etc. when you are setting up a new server anyway as everything after changing this setting will work again as expected. SOGo will create new tables in the database with the new UID = mail so if you would revert the setting it would use the old tables from the UID = uid again. Thanks very much Alex, I'll give that a go. I've loaded test data into calendar and contacts on my new system as I'm preparing to migrate a bunch of customers, some of whom have an older server build based on OpenLDAP rather than Samba AD. So, if I wanted to keep this data as a test is there a way? I've just had a look at the sogo-tool rename function. Does this do what I need? When I come to running it for real, is it safe or should I take a backup of each user before running it? Thanks, -- Ian McMichael . E-Mail: ian.mcmich...@gmail.com . Phone: +44-(0)7703-192837 -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Dovecot shared mailbox dictionary via SOGo
Hi Michael, well my setup is also still ldap based but that should not be a problem. Yes, your existing data for calendars and contacts should remain in the existing tables as SOGo will create new ones (with a part of the domain in the table name) - so if you revert the setting it should be there again. At least thats what i experienced when i did the setup - it kept the old tables under the old names. But i can't give any warranty on this.. :) I have never used the sogo-tool, sorry. But i am looking forward to your experiences with it on this topic. Alex On 13.06.2014 17:07, Ian McMichael wrote: On 13/06/14 15:58, Alexander Pfeiffer wrote: There should be no issue with calendars etc. when you are setting up a new server anyway as everything after changing this setting will work again as expected. SOGo will create new tables in the database with the new UID = mail so if you would revert the setting it would use the old tables from the UID = uid again. Thanks very much Alex, I'll give that a go. I've loaded test data into calendar and contacts on my new system as I'm preparing to migrate a bunch of customers, some of whom have an older server build based on OpenLDAP rather than Samba AD. So, if I wanted to keep this data as a test is there a way? I've just had a look at the sogo-tool rename function. Does this do what I need? When I come to running it for real, is it safe or should I take a backup of each user before running it? Thanks, -- Ian McMichael . E-Mail: ian.mcmich...@gmail.com . Phone: +44-(0)7703-192837 -- dipl.-ing. alexander pfeiffer architekt bda eginhardstraße 9 52070 aachen fon +49 241 9968186 fax +49 241 401 0783 mail: alexander.m.pfeif...@gmail.com -- users@sogo.nu https://inverse.ca/sogo/lists