Hi all! Thank you, SOGo Team, for a great product and the convinient installation and configuration of several complex techniques that SOGo contains. Great work! It's a bliss.
I have also found iRedmail (www.iredmail.org). Great stuff too. And recepie to combine the two: https://www.tribalchicken.com.au/?p=56. But how about combining Samba4 AD DS, iRedmail with Openchange/SOGo on top? An all-in-one package with mailwash and IMAP authentication, amongst other good things. Unfortunately, I can't get this combination to work; packaged Samba (v4.0.1), provided by Inverse, and iRedmail. All install fine and the Postfix authentication and and LDAP lookup works fine but IMAP/Dovecot authentication against Samba fails with a "Authentication failed." response. Same goes for Samba v 4.0.1 downloaded from Samba Team. With version 4.0.4 it works fine though. In short, I start with installing iRedmail, continue with Samba and modify the iRedmail configuration to work with an Active Directory (http://www.iredmail.org/wiki/index.php?title=Integration/Active.Directory.iRedMail). Has anybody experienced this? Solutions? Am I missing something or is it rather a bug in Samba v4.0.1 than LDAP weirdness? Thank you Davor Vusir -- Inverse, Samba: Postfix: root@mail:~# samba-tool user add vmailer Pa$$w0rd --description="Postfix/Dovecot LDAP Account" User 'vmailer' created successfully root@mail:~# samba-tool user add davor Pa$$w0rd --surname=Vusir --given-name=Davor User 'davor' created successfully root@mail:~# samba-tool group add test --mail-address=t...@example.com Added group test root@mail:~# samba-tool group addmembers test davor Added members to group test root@mail:~# postmap -q da...@example.com ldap:/etc/postfix/ad_sender_login_maps.cf da...@example.com root@mail:~# postmap -q da...@example.com ldap:/etc/postfix/ad_virtual_mailbox_maps.cf example.com/davor/Maildir/ root@mail:~# postmap -q t...@example.com ldap:/etc/postfix/ad_virtual_group_maps.cf da...@example.com root@mail:~# Dovecot: root@mail:~# telnet localhost 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. . login da...@example.com Pa$$w0rd . NO [AUTHENTICATIONFAILED] Authentication failed. ^[^] telnet> q /var/log/dovecot.log: Mar 26 10:38:43 anvil: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Mar 26 10:38:43 log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Mar 26 10:43:40 master: Info: Dovecot v2.0.19 starting up (core dumps disabled) Mar 26 10:56:52 imap-login: Info: Disconnected (auth failed, 1 attempts): user=<da...@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured -- Samba Team, Samba v 4.0.1: Postfix: root@mail:~# postmap -q da...@example.com ldap:/etc/postfix/ad_sender_login_maps.cf da...@example.com root@mail:~# postmap -q da...@example.com ldap:/etc/postfix/ad_virtual_mailbox_maps.cf example.com/davor/Maildir/ root@mail:~# postmap -q t...@example.com ldap:/etc/postfix/ad_virtual_group_maps.cf da...@example.com root@mail:~# Samba (root@mail:/usr/local/samba/sbin/samba -d5 -i -M single): postmap -q da...@example.com ldap:/etc/postfix/ad_sender_login_maps.cf: ldb_request SUB dn=cn=users,dc=example,dc=com filter=(&(userPrincipalName=da...@example.com)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2))) Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' imessaging: cleaning up /usr/local/samba/private/smbd.tmp/msg/msg.0.78 single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] postmap -q da...@example.com ldap:/etc/postfix/ad_virtual_mailbox_maps.cf: ldb_request SUB dn=cn=users,dc=example,dc=com filter=(&(objectclass=person)(userPrincipalName=da...@example.com)) Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' imessaging: cleaning up /usr/local/samba/private/smbd.tmp/msg/msg.0.78 single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] postmap -q t...@example.com ldap:/etc/postfix/ad_virtual_group_maps.cf: ldb_request SUB dn=cn=users,dc=example,dc=com filter=(&(objectClass=group)(mail=t...@example.com)) ldb_request BASE dn=CN=Davor Vusir,CN=Users,DC=example,DC=com filter=(objectclass=*) Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED auth_check_password_send: Checking password for unmapped user [EXAMPLE]\[vmailer]@[(null)] auth_check_password_send: mapped user is: [EXAMPLE]\[vmailer]@[(null)] [0000] 69 CD CE 3F 71 65 C9 CC i..?qe.. authsam_account_ok: Checking SMB password for user vmailer logon_hours_ok: No hours restrictions for user vmailer auth_check_password_recv: sam_ignoredomain authentication for user [EXAMPLE\vmailer] succeeded ldb_request SUB dn=cn=users,dc=example,dc=com filter=(&(userPrincipalName=da...@example.com)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2))) root@mail:~# telnet localhost 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. . login da...@example.com Pa$$w0rd . NO [AUTHENTICATIONFAILED] Authentication failed. ^] telnet> q -- Samba Team, Samba v4.0.4 (/usr/local/samba/sbin/samba -d5 -i -M single): Samba (root@mail:/usr/local/samba/sbin/samba -d5 -i -M single): ldb_request SUB dn=cn=users,dc=example,dc=com filter=(&(userPrincipalName=da...@example.com)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2))) Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' ldb_request SUB dn=cn=users,dc=example,dc=com filter=(&(objectclass=person)(userPrincipalName=da...@example.com)) Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' t...@example.com)) ldb_request BASE dn=CN=Davor Vusir,CN=Users,DC=example,DC=com filter=(objectclass=*) Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' auth_check_password_send: Checking password for unmapped user [EXAMPLE]\[vmailer]@[(null)] auth_check_password_send: mapped user is: [EXAMPLE]\[vmailer]@[(null)] [0000] FE D5 D6 87 31 FC 68 A7 ....1.h. authsam_account_ok: Checking SMB password for user vmailer logon_hours_ok: No hours restrictions for user vmailer auth_check_password_recv: sam_ignoredomain authentication for user [EXAMPLE\vmailer] succeeded ldb_request SUB dn=cn=users,dc=example,dc=com filter=(&(userPrincipalName=da...@example.com)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2))) auth_check_password_send: Checking password for unmapped user [EXAMPLE]\[davor]@[(null)] auth_check_password_send: mapped user is: [EXAMPLE]\[davor]@[(null)] [0000] 27 C2 52 40 FF 7C F3 F2 '.R@.|.. authsam_account_ok: Checking SMB password for user davor logon_hours_ok: No hours restrictions for user davor auth_check_password_recv: sam_ignoredomain authentication for user [EXAMPLE\davor] succeeded dovecot.log: Mar 26 20:25:16 imap-login: Info: Login: user=<da...@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=31179, secured Mar 26 20:25:16 imap(da...@example.com): Error: user da...@example.com: Initialization failed: Namespace '': mkdir(/var/vmail/vmail1/example.com/davor/Maildir) failed: Permission denied (euid=1001(vmail) egid=1001(vmail) missing +w perm: /var, dir owned by 0:0 mode=0755) Mar 26 20:25:16 imap(da...@example.com): Error: Invalid user settings. Refer to server log for more information. Mar 26 20:28:11 anvil: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Mar 26 20:28:11 log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Mar 26 20:28:11 master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) Mar 26 20:28:17 master: Info: Dovecot v2.0.19 starting up (core dumps disabled) Mar 26 20:28:54 imap-login: Info: Login: user=<da...@example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=31393, secured Mar 26 20:31:19 imap(da...@example.com): Info: Connection closed bytes=40/714 root@mail:/usr/local/samba/bin# telnet localhost 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready. . login da...@example.com Pa$$w0rd . OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS QUOTA] Logged in . examine inbox * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS ()] Read-only mailbox. * 0 EXISTS * 0 RECENT * OK [UIDVALIDITY 1364326146] UIDs valid * OK [UIDNEXT 1] Predicted next UID * OK [HIGHESTMODSEQ 1] Highest . OK [READ-ONLY] Select completed. . bye ^] telnet> q Connection closed. -- users@sogo.nu https://inverse.ca/sogo/lists