| View previous topic :: View next topic |
| Author |
Message |
dashnu
l33t
Joined: 21 Jul 2004
Posts: 703
Location: Casco Maine
|
 Posted: Mon Jan 24, 2005 8:02 pm Post subject: Re: please! anynone :( |
 |
|
| killercow wrote: | Could anyone please give me a clue where to look?
I've had this problem for a few weeks now but i can't find how to solve this.
please please please! i really want to use OX for real now! but i can't let my co-workers use it while i have these errors. anyone, i would be very gratefull. |
Make sure your imapd.conf has
than do a
| Code: | saslpasswd2 -c cyrus
cyradm -user cyrus <your-domain> (not hostname just your domain) |
I have found times when i need to add the saslpasswd2 again for some strange reason.. The cyrus user is the only user that auths against saslpasswd and not ldap.. cyadm must look only at saslpasswd.
Try that then try to add a user.
_________________
write quit bang |
|
| Back to top |
|
 |
killercow
Tux's lil' helper
Joined: 29 Jan 2004
Posts: 86
Location: Netherlands
|
| Posted: Tue Jan 25, 2005 12:13 pm Post subject: nope, |
|
|
Adding the user did work when i followed the guide, but now it doesn;t anymore.
i tried chaning the cyrus password to some other values, and i was able to login like before, but as soon as i try and add a mailbox (cm user.myuser)
it says permission denied.
[update!!]
Adding a user with only on . works fine tough,
I named my OX users with a dot in their username. (as in) j.klopper
But cyrus only accepts user.jklopper as a username.
Is there a workaround for this? besided changing the ox user names? |
|
| Back to top |
|
|
janh
n00b
Joined: 20 Dec 2003
Posts: 31
|
| Posted: Fri Jan 28, 2005 8:55 pm Post subject: finally found some time to look at the ldap issue |
|
|
This did the trick for me (when you look at the dates I have looked on and off at this problem for a long time now):
| Code: |
emerge --unmerge cyrus-sasl
USE="ldap" emerge cyrus-sasl > testemerge
saslauthd -v
saslauthd 2.1.20
authentication mechanisms: getpwent rimap shadow ldap
|
Have never surfed google more than this time,
the issue is that sometimes autoconf does not pick-up the ldap option during the configuration stage.
But apparently explicitly saying ldap needs to be used does the trick. |
|
| Back to top |
|
|
playworker
n00b
Joined: 28 Jul 2004
Posts: 21
Location: UK
|
| Posted: Tue Feb 01, 2005 11:45 am Post subject: |
|
|
Hello again,
Just a quick note and a question 
bitwh0re: You mention in the HowTo (pdf v0.15) that you had to change the user passwords in LDAP to plain-text otherwise you couldn't log in to the web interface - this is a problem with the LDAP ACLs that are in the HowTo, not figured out how to fix this yet but I thought I would point it out 
Question now:
I too have the issue with webdav.documents where I can see documents / folders in the root but when I try to access them I get a message from Apache telling me that the document cannot be found on the server - I do have the /* after documents in the config file... Anyone any ideas?
Many thanks for any help,
Matt |
|
| Back to top |
|
|
kblack
n00b
Joined: 12 Nov 2004
Posts: 9
|
| Posted: Wed Feb 02, 2005 4:16 am Post subject: |
|
|
How do we know when to use the FQDN of the server or just the domain name. In the how-to you add the server FQDN and the domain name to /etc/hosts. But there is minimal refrences to the FQDN of the server. I have my own DNS server so the only thing I have in /etc/hosts in 127.0.0.1 localhost. In some of the configs you only enter the domain for the hostname which works becasue of the host file. Can someone help me determin where the FQDN should be specified and where the domain is necessary?
Thank You
BTW: Great how-to |
|
| Back to top |
|
|
bitwh0re
Apprentice
Joined: 29 Apr 2004
Posts: 214
|
| Posted: Wed Feb 02, 2005 6:31 pm Post subject: |
|
|
| kblack wrote: | How do we know when to use the FQDN of the server or just the domain name. In the how-to you add the server FQDN and the domain name to /etc/hosts. But there is minimal refrences to the FQDN of the server. I have my own DNS server so the only thing I have in /etc/hosts in 127.0.0.1 localhost. In some of the configs you only enter the domain for the hostname which works becasue of the host file. Can someone help me determin where the FQDN should be specified and where the domain is necessary?
Thank You
BTW: Great how-to |
If you do a CTRL-F for 'ox-domain.tld' you'll see where all the references are. The Postfix config and the LDAP config especially is where you'll catch most. This is in reference to the PDF, the HTML doesn't have some of the extras (i.e. init_ldap.ldif) that the PDF currently has.
playworker: Yes, I did mention that mostly as a note to myself or others that experience similar problems when following the instructions. That note was not meant to be taken as something to follow. After a few more installs I've never experienced that problem again, and you'll probably see that note dropped from the HOWTO. |
|
| Back to top |
|
|
bitwh0re
Apprentice
Joined: 29 Apr 2004
Posts: 214
|
|
| Back to top |
|
|
playworker
n00b
Joined: 28 Jul 2004
Posts: 21
Location: UK
|
| Posted: Thu Feb 03, 2005 2:37 pm Post subject: |
|
|
Hmmm, interesting that you've not had that problem again - wonder if this could be an issue upgrading from 0.7.4 to 0.7.5? Still can't get the LDAP ACLs working properly and the iCal is still read-only  |
|
| Back to top |
|
|
dashnu
l33t
Joined: 21 Jul 2004
Posts: 703
Location: Casco Maine
|
| Posted: Thu Feb 03, 2005 6:09 pm Post subject: |
|
|
http:://username:passwd@ox.yourdomain.com/servlet/webdav.ical
That will allow you to view ONLY view your online cal from evolution.. Pretty cool though.
_________________
write quit bang |
|
| Back to top |
|
|
lxnay
Retired Dev
Joined: 09 Apr 2004
Posts: 661
Location: Italy
|
| Posted: Thu Feb 03, 2005 6:59 pm Post subject: |
|
|
Hi guys,
I've a huge problem and a lot of headache.
if I do:
| Code: | /usr/local/open-xchange/sbin/adduser_ox --username="fabio" --passwd="12345" --name="Fabio" --sname="Erculiani" --maildomain="lxnaydesign.local" --ox_timezone="Europe/Rome"
|
I get:
| Code: | ldap_bind: Inappropriate authentication (48)
[color=green][b]LDAP Success[/b][/color]
[color=green][b]SQL Success[/b][/color] |
Please help me!
That's my /etc/openldap/slapd.conf:
| Code: | # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/openldap.schema
include /etc/openldap/schema/misc.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/openxchange.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap://root.openldap.org
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
# Load dynamic backend modules:
# modulepath /usr/lib/openldap/openldap
# moduleload back_bdb.la
# moduleload back_ldap.la
# moduleload back_ldbm.la
# moduleload back_passwd.la
# moduleload back_shell.la
# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64
# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access
# Allow authenticated users read access
# Allow anonymous users to authenticate
# Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
# by self write
# by users read
# by anonymous auth
#
# if no access controls are present, the default policy is:
# Allow read by all
#
# rootdn can always write!
allow bind_v2
#######################################################################
# ldbm database definitions
#######################################################################
database bdb
checkpoint 32 30 # <kbyte> <min>
suffix "dc=lxnaydesign,dc=local"
rootdn "cn=Manager,dc=lxnaydesign,dc=local"
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
password-hash {CRYPT}
rootpw {CRYPT}gORa9G.0gsCy.
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory /var/lib/openldap-data
# Indices to maintain
#index objectClass pres,eq
#index gidNumber,memberUid eq
index uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination eq,sub
|
my imapd.conf:
| Code: | # $Header: /var/cvsroot/gentoo-x86/net-mail/cyrus-imapd/files/imapd.conf,v 1.5 2004/08/27 06:02:45 langthang Exp $
# Don't forget to use chattr +S (if you are using ext[23])
# when you change these directories (read the docs).
configdirectory: /var/imap
partition-default: /var/spool/imap
sievedir: /var/imap/sieve
tls_ca_path: /etc/ssl/certs
tls_cert_file: /etc/ssl/cyrus/server.crt
tls_key_file: /etc/ssl/cyrus/server.key
# Don't use an everyday user as admin.
admins: cyrus
hashimapspool: yes
allowanonymouslogin: no
allowplaintext: yes
# Allow renaming of top-level mailboxes.
#allowusermoves: yes
# Use this if sieve-scripts could be in ~user/.sieve.
#sieveusehomedir: yes
# Use saslauthd if you want to use pam for imap.
# But be warned: login with DIGEST-MD5 or CRAM-MD5
# is not possible using pam.
sasl_pwcheck_method: saslauthd
####################################################
## This is a recommended authentication method if you
## emerge cyrus-sasl with 'postgres' or 'mysql'
## To use with mysql database uncomment those lines below.
#sasl_pwcheck_method: auxprop
#sasl_auxprop_plugin: sql
## possible values for sasl_auxprop_plugin 'mysql', 'pgsql', 'sqlite'.
#sasl_sql_engine: mysql
## all possible values.
sasl_mech_list: LOGIN PLAIN CRAM-MD5 DIGEST-MD5 NTLM
## or limit to CRAM-MD5 only
#sasl_mech_list: CRAM-MD5
## change below to suit your setup.
sasl_sql_user: open-xchange
sasl_sql_passwd: oxen
sasl_sql_database: openexchange
sasl_sql_hostnames: localhost
sasl_sql_select: SELECT clear FROM users WHERE email = '%u@%r'
|
my smtpd.conf
| Code: | # $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.sasl,v 1.2 2004/07/18 03:26:56 dragonheart Exp $
pwcheck_method: saslauthd
mech_list: LOGIN PLAIN |
my admintools.conf
| Code: | #!/bin/sh
#
# (c) 2004-2100 ;)
# Author: cutmasta AT netline-is D0T de
#
# OX-SCRIPTS - CONFIGURATION PARAMETER :)
#
############## GENERAL CONFIG STUFF ###############
# Your Company Name
# To which Organisation new User belong!
ORGA="lxnaydEsigN"
# OXBASE
OXBASE=`grep -v '^#' /usr/local/open-xchange/etc/groupware/ldap.conf | grep -i BASE | head -n 1 | awk {'print $2'}`
# LDAP Server
LDAPHOST=`grep -v '^#' /usr/local/open-xchange/etc/groupware/ldap.conf | grep -i HOST | head -n 1 | awk {'print $2'}`
# LDAP Admin
BINDDN="cn=Manager,dc=lxnaydesign,dc=local"
# LDAP Admin Passwd
BINDPW="gORa9G.0gsCy."
# OX LDAP Leaf, where is the "OxObjects" leaf?
OX_LEAF="ou=OxObjects,$OXBASE"
# Default Language
DEFAULT_PREF_LANG="EN"
# Default mail is enabled
DEFAULT_MAIL_ENAB="OK"
# Default the user can send mail to the internet
DEFAULT_INET_MAIL="TRUE"
# Default days of displaying appointments
DEFAULT_OX_APP_DAYS=5
# Default days of displaying tasks
DEFAULT_OX_TASK_DAYS=5
# default the user can write in the global adressbook
DEFAULT_WRITE_GLOBAL_ADDR="TRUE"
# The used Tools - should work on most Systems!
LDAPADD_BIN="ldapadd "
LDAPDELETE_BIN="ldapdelete "
LDAPMODIFY_BIN="ldapmodify "
LDAPSEARCH_BIN="ldapsearch "
GREP_BIN="grep"
SED_BIN="sed"
EXPR_BIN="expr"
SORT_BIN="sort"
HEAD_BIN="head"
AWK_BIN="awk"
SQL_BIN="psql"
##################################################
#################### SQL Stuff #####################
DEFAULT_SQL_HOST="localhost"
DEFAULT_SQL_DB="openexchange"
DEFAULT_SQL_USER="open-xchange"
DEFAULT_SQL_PASS="oxen"
# Default Table where we store the Rights
RIGHTS_TABLE="usr_general_rights"
# Default Template Table where the template is stored!
TEMPLATE_TABLE="sys_gen_rights_template"
# Default Template for creating Users.
# Must exist in the DB
DEFAULT_TEMPLATE_NAME="default_template"
####################################################
####################### LDAP #######################
# Where are the OX Users
USER_BASEDN="ou=Users,$OX_LEAF"
# Where are the OX Groups
GROUP_BASEDN="ou=Groups,$OX_LEAF"
# Where are the OX Resources
RESOURCES_BASEDN="ou=Resources,ou=ResourceObjects,$OX_LEAF"
# Where are the OX Resource Groups
RESOURCE_GROUPS_BASEDN="ou=ResourceGroups,ou=ResourceObjects,$OX_LEAF"
# Where is the Global Adressbook
GLOBAL_ADDRESSBOOKDN="o=AddressBook,$OX_LEAF"
# where are the adressbook admins
GLOBAL_ADDRESSBOOK_ADMINSDN="cn=AddressAdmins,$GLOBAL_ADDRESSBOOKDN"
# TEMPORARY FILE
TMPDIF="/usr/local/open-xchange/var/temporary_ldap_scripts.ldif"
####################################################
####################################################
HOME_DIR="/home/"
DEFAULT_USR_SHELL="/bin/bash"
SHADOW_EXPIRE=0
SHADOW_MIN=0
SHADOW_MAX=9999
SHADOW_WARN=7
STD_GID=500
MIN_UID=501
MIN_GID=500
####################################################
|
If I login to open-xchange I get:
| Code: | Feb 3 20:00:32 mars slapd[7740]: conn=23 fd=11 ACCEPT from IP=127.0.0.1:60155 (IP=0.0.0.0:389)
Feb 3 20:00:32 mars slapd[7740]: conn=23 op=0 BIND dn="" method=128
Feb 3 20:00:32 mars slapd[7740]: conn=23 op=0 RESULT tag=97 err=0 text=
Feb 3 20:00:32 mars slapd[7740]: conn=23 op=1 SRCH base="ou=Users,ou=OxObjects,dc=lxnaydesign,dc=local" scope=1 filter="(&(uid=fabio)(objectClass=OXUserObject))"
Feb 3 20:00:32 mars slapd[7740]: conn=23 op=1 SRCH attr=dn
Feb 3 20:00:32 mars slapd[7740]: conn=23 op=1 RESULT tag=101 err=32 text=
Feb 3 20:00:33 mars slapd[7740]: conn=23 op=2 UNBIND
Feb 3 20:00:33 mars slapd[7740]: conn=23 fd=11 closed
|
and it tells me "Authentication failed"
_________________
http://www.sabayon.org |
|
| Back to top |
|
|
dashnu
l33t
Joined: 21 Jul 2004
Posts: 703
Location: Casco Maine
|
| Posted: Thu Feb 03, 2005 7:10 pm Post subject: |
|
|
One thing to note is that the CRYPT password does not work for me in admintools.conf. Take that out and put in your plain text password. Just to test.. If that is your issues you can go from there. I think someone posted how to fix that in this thread.
In you slapd.conf I noticed a few things.. try to uncomment out these two lines.
| Code: | #index objectClass pres,eq
#index gidNumber,memberUid eq |
restart ldap.
Lets see what that does for us.
_________________
write quit bang |
|
| Back to top |
|
|
lxnay
Retired Dev
Joined: 09 Apr 2004
Posts: 661
Location: Italy
|
| Posted: Thu Feb 03, 2005 7:55 pm Post subject: |
|
|
thank you init-zero I've done what you told me but,
now I'm getting:
| Code: | /usr/local/open-xchange/sbin/adduser_ox --username="lxnay" --passwd="lxnay" --name="lxnay" --sname="Erculiani" --maildomain="lxnaydesign.local" --ox_timezone="Europe/Rome"
Undefined ERROR - LDAP CODE implementation specific
See LDAP Log for Details! |
and /var/log/messages says:
| Code: | Feb 3 20:54:10 mars slapd[20299]: conn=12 fd=9 ACCEPT from IP=127.0.0.1:33228 (IP=0.0.0.0:389)
Feb 3 20:54:10 mars slapd[20299]: conn=12 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" method=128
Feb 3 20:54:10 mars slapd[20299]: conn=12 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" mech=SIMPLE ssf=0
Feb 3 20:54:10 mars slapd[20299]: conn=12 op=0 RESULT tag=97 err=0 text=
Feb 3 20:54:10 mars slapd[20299]: conn=12 op=1 SRCH base="ou=Users,ou=OxObjects,dc=lxnaydesign,dc=local" scope=2 filter="(uid=*)"
Feb 3 20:54:10 mars slapd[20299]: conn=12 op=1 SRCH attr=uidNumber
Feb 3 20:54:10 mars slapd[20299]: bdb_db_cache: db_open(uid) failed: Permission denied (13)
Feb 3 20:54:10 mars slapd[20299]: conn=12 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
Feb 3 20:54:10 mars slapd[20299]: conn=12 op=2 UNBIND
Feb 3 20:54:10 mars slapd[20299]: conn=12 fd=9 closed
Feb 3 20:54:10 mars slapd[20299]: conn=13 fd=9 ACCEPT from IP=127.0.0.1:33229 (IP=0.0.0.0:389)
Feb 3 20:54:10 mars slapd[20299]: conn=13 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" method=128
Feb 3 20:54:10 mars slapd[20299]: conn=13 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" mech=SIMPLE ssf=0
Feb 3 20:54:10 mars slapd[20299]: conn=13 op=0 RESULT tag=97 err=0 text=
Feb 3 20:54:10 mars slapd[20299]: conn=13 op=1 ADD dn="uid=lxnay,ou=Users,ou=OxObjects,dc=lxnaydesign,dc=local"
Feb 3 20:54:10 mars slapd[20299]: bdb_db_cache: db_open(uid) failed: Permission denied (13)
Feb 3 20:54:10 mars slapd[20299]: bdb_index_read: Could not open DB uid
Feb 3 20:54:10 mars slapd[20299]: conn=13 op=1 RESULT tag=105 err=80 text=index generation failed
Feb 3 20:54:10 mars slapd[20299]: conn=13 op=1 RESULT tag=105 err=80 text=index generation failed
Feb 3 20:54:10 mars slapd[20299]: conn=14 fd=12 ACCEPT from IP=127.0.0.1:33230 (IP=0.0.0.0:389)
Feb 3 20:54:10 mars slapd[20299]: conn=13 op=2 UNBIND
Feb 3 20:54:10 mars slapd[20299]: conn=13 fd=9 closed
Feb 3 20:54:10 mars slapd[20299]: conn=14 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" method=128
Feb 3 20:54:10 mars slapd[20299]: conn=14 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" mech=SIMPLE ssf=0
Feb 3 20:54:10 mars slapd[20299]: conn=14 op=0 RESULT tag=97 err=0 text=
Feb 3 20:54:10 mars slapd[20299]: conn=14 op=1 ADD dn="ou=addr,uid=lxnay,ou=Users,ou=OxObjects,dc=lxnaydesign,dc=local"
Feb 3 20:54:10 mars slapd[20299]: conn=14 op=1 RESULT tag=105 err=32 text=
Feb 3 20:54:10 mars slapd[20299]: conn=14 op=1 RESULT tag=105 err=32 text=
Feb 3 20:54:10 mars slapd[20299]: conn=15 fd=9 ACCEPT from IP=127.0.0.1:33231 (IP=0.0.0.0:389)
Feb 3 20:54:10 mars slapd[20299]: conn=14 op=2 UNBIND
Feb 3 20:54:10 mars slapd[20299]: conn=14 fd=12 closed
Feb 3 20:54:10 mars slapd[20299]: conn=15 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" method=128
Feb 3 20:54:10 mars slapd[20299]: conn=15 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" mech=SIMPLE ssf=0
Feb 3 20:54:10 mars slapd[20299]: conn=15 op=0 RESULT tag=97 err=0 text=
Feb 3 20:54:10 mars slapd[20299]: conn=15 op=1 MOD dn="cn=AddressAdmins,o=AddressBook,ou=OxObjects,dc=lxnaydesign,dc=local"
Feb 3 20:54:10 mars slapd[20299]: conn=15 op=1 MOD attr=member
Feb 3 20:54:10 mars slapd[20299]: conn=15 op=1 RESULT tag=103 err=20 text=modify/add: member: value #0 already exists
Feb 3 20:54:10 mars slapd[20299]: conn=15 op=1 RESULT tag=103 err=20 text=modify/add: member: value #0 already exists
Feb 3 20:54:10 mars slapd[20299]: conn=15 op=2 UNBIND
Feb 3 20:54:10 mars slapd[20299]: conn=15 fd=9 closed
|
_________________
http://www.sabayon.org |
|
| Back to top |
|
|
dashnu
l33t
Joined: 21 Jul 2004
Posts: 703
Location: Casco Maine
|
| Posted: Thu Feb 03, 2005 7:58 pm Post subject: |
|
|
1) you can try to create a brand new user
2) or tey to delete that user and create it again. Looks like some of the info got into the tree
_________________
write quit bang |
|
| Back to top |
|
|
kblack
n00b
Joined: 12 Nov 2004
Posts: 9
|
| Posted: Thu Feb 03, 2005 8:47 pm Post subject: |
|
|
| bitwh0re wrote: | | kblack wrote: | How do we know when to use the FQDN of the server or just the domain name. In the how-to you add the server FQDN and the domain name to /etc/hosts. But there is minimal refrences to the FQDN of the server. I have my own DNS server so the only thing I have in /etc/hosts in 127.0.0.1 localhost. In some of the configs you only enter the domain for the hostname which works becasue of the host file. Can someone help me determin where the FQDN should be specified and where the domain is necessary?
Thank You
BTW: Great how-to |
If you do a CTRL-F for 'ox-domain.tld' you'll see where all the references are. The Postfix config and the LDAP config especially is where you'll catch most. This is in reference to the PDF, the HTML doesn't have some of the extras (i.e. init_ldap.ldif) that the PDF currently has.
playworker: Yes, I did mention that mostly as a note to myself or others that experience similar problems when following the instructions. That note was not meant to be taken as something to follow. After a few more installs I've never experienced that problem again, and you'll probably see that note dropped from the HOWTO. |
Here is what I am talking about
in /etc/postfix/main.cf
ldap_source_host = ox-domain.tld
shouldn't it be
ldap_source_host = foobar.ox-domain.tld
The way you have it set up is fine because of /etc/hosts having the entry for ox-domain.tld and foobar.ox-domain.tld. There are other configs that I have questions about as well. This is great except for people that have there own DNS serers and don't need a host file. |
|
| Back to top |
|
|
bitwh0re
Apprentice
Joined: 29 Apr 2004
Posts: 214
|
| Posted: Thu Feb 03, 2005 11:29 pm Post subject: |
|
|
| kblack wrote: | | bitwh0re wrote: | | kblack wrote: | How do we know when to use the FQDN of the server or just the domain name. In the how-to you add the server FQDN and the domain name to /etc/hosts. But there is minimal refrences to the FQDN of the server. I have my own DNS server so the only thing I have in /etc/hosts in 127.0.0.1 localhost. In some of the configs you only enter the domain for the hostname which works becasue of the host file. Can someone help me determin where the FQDN should be specified and where the domain is necessary?
|
If you do a CTRL-F for 'ox-domain.tld' you'll see where all the references are. The Postfix config and the LDAP config especially is where you'll catch most. This is in reference to the PDF, the HTML doesn't have some of the extras (i.e. init_ldap.ldif) that the PDF currently has.
playworker: Yes, I did mention that mostly as a note to myself or others that experience similar problems when following the instructions. That note was not meant to be taken as something to follow. After a few more installs I've never experienced that problem again, and you'll probably see that note dropped from the HOWTO. |
Here is what I am talking about
in /etc/postfix/main.cf
ldap_source_host = ox-domain.tld
shouldn't it be
ldap_source_host = foobar.ox-domain.tld
The way you have it set up is fine because of /etc/hosts having the entry for ox-domain.tld and foobar.ox-domain.tld. There are other configs that I have questions about as well. This is great except for people that have there own DNS serers and don't need a host file. |
Well, the HOWTO was written without a DNS server so that explains the HOSTS file "hack". If you're doing DNS I would assume that you could add your OX server to the BIND (or whatever flavour you use) database instead of using HOSTS. I bet either way that LDAP config will work. The HOWTO was written with the idea in mind that this would be the only machine associated with that domain name. I realize that this may not be the case for everyone but making the switch shouldn't be relatively easy. |
|
| Back to top |
|
|
bitwh0re
Apprentice
Joined: 29 Apr 2004
Posts: 214
|
| Posted: Thu Feb 03, 2005 11:31 pm Post subject: |
|
|
| playworker wrote: | | Hmmm, interesting that you've not had that problem again - wonder if this could be an issue upgrading from 0.7.4 to 0.7.5? Still can't get the LDAP ACLs working properly and the iCal is still read-only |
Each time I write a new HOWTO version I start from a completely fresh Gentoo installation. Sometimes upgrading can introduce errors or allow me to skip steps that need to be covered/corrected. I think the LDAP issue was just a problem of my own fault. I played with that particular installation for a few days and it ended up "correcting itself". |
|
| Back to top |
|
|
lxnay
Retired Dev
Joined: 09 Apr 2004
Posts: 661
Location: Italy
|
| Posted: Thu Feb 03, 2005 11:59 pm Post subject: |
|
|
I've solved partially, e-mail doesn't work yet but groupware works good, I had to put a clear password in admintools.conf, and this is quite unhappy.
For the mail problem, that's the log, anyone can help me?
| Code: |
Feb 4 00:49:20 mars imap[25172]: accepted connection
Feb 4 00:49:20 mars imap[25172]: sql plugin Parse the username lxnay
Feb 4 00:49:20 mars imap[25172]: sql plugin try and connect to a host
Feb 4 00:49:20 mars imap[25172]: sql plugin trying to open db 'openexchange' on host 'localhost'
Feb 4 00:49:20 mars imap[25172]: sql plugin could not connect to host localhost
Feb 4 00:49:20 mars imap[25172]: sql plugin couldn't connect to any host
Feb 4 00:49:20 mars imap[25172]: sql plugin Parse the username lxnay
Feb 4 00:49:20 mars imap[25172]: sql plugin try and connect to a host
Feb 4 00:49:20 mars imap[25172]: sql plugin trying to open db 'openexchange' on host 'localhost'
Feb 4 00:49:20 mars imap[25172]: sql plugin could not connect to host localhost
Feb 4 00:49:20 mars imap[25172]: sql plugin couldn't connect to any host
Feb 4 00:49:20 mars slapd[24781]: conn=27 fd=24 ACCEPT from IP=127.0.0.1:34171 (IP=0.0.0.0:389)
Feb 4 00:49:20 mars slapd[24781]: conn=27 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" method=128
Feb 4 00:49:20 mars slapd[24781]: conn=27 op=0 RESULT tag=97 err=48 text=
Feb 4 00:49:20 mars saslauthd[6780]: ldap_simple_bind() failed 48 (Inappropriate authentication).
Feb 4 00:49:20 mars saslauthd[6780]: Retrying authentication
Feb 4 00:49:20 mars slapd[24781]: conn=28 fd=25 ACCEPT from IP=127.0.0.1:34172 (IP=0.0.0.0:389)
Feb 4 00:49:20 mars slapd[24781]: conn=27 op=1 UNBIND
Feb 4 00:49:20 mars slapd[24781]: conn=27 fd=24 closed
Feb 4 00:49:20 mars slapd[24781]: conn=28 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" method=128
Feb 4 00:49:20 mars slapd[24781]: conn=28 op=0 RESULT tag=97 err=48 text=
Feb 4 00:49:20 mars saslauthd[6780]: ldap_simple_bind() failed 48 (Inappropriate authentication).
Feb 4 00:49:20 mars saslauthd[6780]: Authentication failed for lxnay: Retry condition (ldap server connection reset or broken) (-3)
Feb 4 00:49:20 mars saslauthd[6780]: do_auth : auth failure: [user=lxnay] [service=imap] [realm=] [mech=ldap] [reason=Unknown]
Feb 4 00:49:20 mars imap[25172]: badlogin: localhost [127.0.0.1] plaintext lxnay SASL(-13): authentication failure: checkpass failed
Feb 4 00:49:21 mars slapd[24781]: conn=25 op=4 BIND anonymous mech=implicit ssf=0
Feb 4 00:49:21 mars slapd[24781]: conn=25 op=4 BIND dn="" method=128
Feb 4 00:49:21 mars slapd[24781]: conn=25 op=4 RESULT tag=97 err=0 text=
Feb 4 00:49:21 mars slapd[24781]: conn=26 op=8 BIND anonymous mech=implicit ssf=0
Feb 4 00:49:21 mars slapd[24781]: conn=26 op=8 BIND dn="" method=128
Feb 4 00:49:21 mars slapd[24781]: conn=26 op=8 RESULT tag=97 err=0 text=
|
_________________
http://www.sabayon.org |
|
| Back to top |
|
|
kblack
n00b
Joined: 12 Nov 2004
Posts: 9
|
| Posted: Fri Feb 04, 2005 4:19 am Post subject: |
|
|
@bitwh0re
you said shouldn' be easy Hope you miss typed that one! |
|
| Back to top |
|
|
kblack
n00b
Joined: 12 Nov 2004
Posts: 9
|
| Posted: Fri Feb 04, 2005 4:28 am Post subject: |
|
|
| So is the e-build only an alternative to the manual install in the how-to or does it use different MTAs and what not |
|
| Back to top |
|
|
dashnu
l33t
Joined: 21 Jul 2004
Posts: 703
Location: Casco Maine
|
| Posted: Fri Feb 04, 2005 2:59 pm Post subject: |
|
|
my 2 cents, On A project like OX I do not see the e-build keeping up. I would recomend using the OX src per release. Use Portage to maintain everything else.
As to your question I have not used the e-build much or at all. Looking at the e-build will tell you what it pulls for deps.
_________________
write quit bang |
|
| Back to top |
|
|
dashnu
l33t
Joined: 21 Jul 2004
Posts: 703
Location: Casco Maine
|
| Posted: Fri Feb 04, 2005 3:05 pm Post subject: |
|
|
lxnay,
comment out all of this out of your imap.conf
| Code: | sasl_sql_user: open-xchange
sasl_sql_passwd: oxen
sasl_sql_database: openexchange
sasl_sql_hostnames: localhost
sasl_sql_select: SELECT clear FROM users WHERE email = '%u@%r'
|
And look at your /etc/saslauthd.conf
make sure you are using ldap. You logs show that you are trying auth againts mysql.
Another tidbit so you guys do not have to learn the hard way.. Cyrus is case sensitive.
add thiss in your imap.conf to stop that..
| Code: | | lmtp_downcase_rcpt: yes |
_________________
write quit bang |
|
| Back to top |
|
|
bitwh0re
Apprentice
Joined: 29 Apr 2004
Posts: 214
|
| Posted: Fri Feb 04, 2005 6:40 pm Post subject: |
|
|
| kblack wrote: | @bitwh0re
you said shouldn' be easy Hope you miss typed that one! |
LOL! 420 total posts in the topic! Yes, I did make a typo there. |
|
| Back to top |
|
|
dashnu
l33t
Joined: 21 Jul 2004
Posts: 703
Location: Casco Maine
|
| Posted: Fri Feb 04, 2005 7:30 pm Post subject: |
|
|
I felt the need to tell everyone that I am now viewing the calander in evolution also the contacs. I am also using the document system in nautilus / konquer / cadaver / M$ / Mac - finder. Apples I-cal works also. All though the cal stuff is still read only its a step.
A new way to deploy the servlet side of the app is to use the tomcat manager and deploy the servlet.war in you lib directory of your source. Works like a charm 
bit, I will try to write up a doc on the webdav stuff so people can use this and also SMTP tls and auth.. Been super busy lately.
/me waits for the 'stable' 0.8.0
ono
_________________
write quit bang |
|
| Back to top |
|
|
dashnu
l33t
Joined: 21 Jul 2004
Posts: 703
Location: Casco Maine
|
|
| Back to top |
|
|
lxnay
Retired Dev
Joined: 09 Apr 2004
Posts: 661
Location: Italy
|
| Posted: Sat Feb 05, 2005 2:13 pm Post subject: |
|
|
Thank you very much, I've built a beautiful Open-Xchange framework.
But I need to know two things:
1) If I try to authenticate via SSL (993 port is open) i get this:
| Code: |
Feb 5 15:01:40 mars imaps[10868]: imaps TLS negotiation failed: localhost [127.0.0.1]
Feb 5 15:01:40 mars imaps[10868]: Fatal error: tls_start_servertls() failed
Feb 5 15:01:40 mars master[28992]: process 10868 exited, status 75
Feb 5 15:01:40 mars master[28992]: service imaps pid 10868 in BUSY state: terminated abnormally
Feb 5 15:01:45 mars master[13499]: about to exec /usr/lib/cyrus/imapd
Feb 5 15:01:45 mars imaps[13499]: executed
Feb 5 15:01:45 mars imaps[13499]: sql_select option missing
Feb 5 15:01:45 mars imaps[13499]: auxpropfunc error no mechanism available
Feb 5 15:01:45 mars imaps[13499]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
Feb 5 15:01:45 mars imaps[13499]: accepted connection
Feb 5 15:01:47 mars imaps[13499]: imaps TLS negotiation failed: localhost [127.0.0.1]
Feb 5 15:01:47 mars imaps[13499]: Fatal error: tls_start_servertls() failed
Feb 5 15:01:47 mars master[28992]: process 13499 exited, status 75
Feb 5 15:01:47 mars master[28992]: service imaps pid 13499 in BUSY state: terminated abnormally
Feb 5 15:01:54 mars master[28992]: process 28455 exited, status 0
Feb 5 15:01:55 mars master[28992]: process 28444 exited, status 0
Feb 5 15:01:55 mars master[28992]: process 28452 exited, status 0
|
and Thunderbird tells me that the server has a bad certificate.
2) Now I have internal e-mail, is there a way to automatically fetch externals e-mails (like xxx@gmail.com) and redirect them to internal accounts? If yes, how?
Thank you all, Open-Xchange is the best thing after the Linux kernel.
_________________
http://www.sabayon.org |
|
| Back to top |
|
|
|
Documentation, Tips & Tricks
