Hello,
I got issues to login in sogo. We switched last year from lotus notes to
kerio
and upgraded/switched our active directory domain controler from WS2003 to
WS2012 and changed the domain name. We used sogo on a testing basis from
2012
to ~2014, but the server was all the time online. After the switch to
the new
domain I noticed, that I could no longer view older emails, due to login
issues to the old mail-server (debian/postfix/sogo).
Therfor I tried to solve that issue and first upgraded the server from
squeeze
to wheezy. Then I tried to cange all instances in /etc from the older
domain
name to the new one. Now I'm able to list ldap infos froim the new
domain, but
I'mn not able to login to the sogo webinterface. I tried the admin pass and
sogo/sogo credentials, but the login returns an error like
Sep 06 12:44:24 sogod [4103]: 127.0.0.1 "POST /SOGo/connect HTTP/1.1"
403 34/49 0.004 - - 0
Sep 06 12:44:40 sogod [4103]: SOGoRootPage Login from '127.0.0.1' for
user 'Administrator' might not have worked - password policy: 65535
grace: -1 expire: -1 bound: 0
Sep 06 12:44:40 sogod [4103]: 127.0.0.1 "POST /SOGo/connect HTTP/1.1"
403 34/49 0.004 - - 0
Sep 06 12:46:40 sogod [4103]: SOGoRootPage Login from '127.0.0.1' for
user 'sogo' might not have worked - password policy: 65535 grace: -1
expire: -1 bound: 0
Sep 06 12:46:40 sogod [4103]: 127.0.0.1 "POST /SOGo/connect HTTP/1.1"
403 34/36 0.004 - - 36K
ii sogo:i386 2.3.12-1
Description: Debian GNU/Linux 7.11 (wheezy)
Release: 7.11
Codename: wheezy
The culprit might be also a change in ldap binding to the AD, though I
don't know.
root@srv-mail:/tmp# smbldap-passwd
000004DC: LdapErr: DSID-0C090748, comment: In order to perform this
operation a successful bind must be completed on the connection., data
0, v2580 at /usr/share/perl5/smbldap_tools.pm line 430.
root@srv-mail:/tmp# net rpc
testjoin Join to 'HWG' is OK
root@srv-mail:/tmp# testparm >
/tmp/smb.conf.before Load smb config files
from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[share]"
Loaded services file OK.
WARNING: The setting 'security=ads' should NOT be combined with the
'password server' parameter.
(by default Samba will discover the correct DC to contact automatically).
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions
Kind regards
Gerhard Gaußling
--
[email protected]
https://inverse.ca/sogo/lists
