After a complete new install i am not able to log on at Sogo, so it is not only after an Update it is also after a new Installation.
I can confirm what @hucky says about sogo on a clean RC3 system with nethserver-dc as account provider.
No difference neither when using the sogo package from nethforge-testing. Same errors as reported by @gerald_FS.
Hello again,
I have my configuration data viewed from sogo, while I am compared to the server (RC2), which performs with me his trust service that the overall addressing of the LDAP service is differently structured.
Can that possibly be our problem?
The differences I have at the beginning of the line with !!! marked
Ich hoffe ich kann etwas zur Problemlösung beitragen
Here the sogo.conf on my server (RC2) the works:
/* 45 AD authentication */
SOGoUserSources =(
{
id = AD_Users;
type = ldap;
CNFieldName = cn;
IDFieldName = sAMAccountName;
UIDFieldName = sAMAccountName;
IMAPLoginFieldName = userPrincipalName;
canAuthenticate = YES;
!!!! bindDN = "cn=OPENZWO,cn=Computers,dc=nandlnet,dc=de";
bindPassword = "J(oOXy:m@[;:~-";
baseDN = "cn=Users,dc=nandlnet,dc=de";
bindFields = (
sAMAccountName,
userPrincipalName
);
!!!! hostname = ldap://nsdc-openzwo.nandlnet.de:389;
filter = "(objectClass='user')";
scope = SUB;
displayName = "nandlnet.de users";
isAddressBook = YES;
},
{
id = AD_Groups;
type = ldap;
CNFieldName = name;
IDFieldName = sAMAccountName;
UIDFieldName = sAMAccountName;
canAuthenticate = YES;
!!!! BindDN = "cn=OPENZWO,cn=Computers,dc=nandlnet,dc=de";
bindPassword = "J(oOXy:m@[;:~-";
baseDN = "cn=Users,dc=nandlnet,dc=de";
!!!! hostname = ldap://nsdc-openzwo.nandlnet.de:389;
filter = "(objectClass='group') AND (sAMAccountType=268435456)";
scope = SUB;
displayName = "nandlnet.de groups";
isAddressBook = YES;
}
);
Here the sogo.conf of RC3:
/* 45 AD authentication */
SOGoUserSources =(
{
id = AD_Users;
type = ldap;
CNFieldName = cn;
IDFieldName = sAMAccountName;
UIDFieldName = sAMAccountName;
IMAPLoginFieldName = userPrincipalName;
canAuthenticate = YES;
!!!! bindDN = "NEUCHING\JAGERBOX$";
bindPassword = "CA-,VeZ_dL7,9:";
baseDN = "cn=Users,dc=neuching,dc=com";
bindFields = (
sAMAccountName,
userPrincipalName
);
!!!! hostname = ldaps://neuching.com;
filter = "(objectClass='user')";
scope = SUB;
displayName = "neuching.com users";
isAddressBook = YES;
},
{
id = AD_Groups;
type = ldap;
CNFieldName = name;
IDFieldName = sAMAccountName;
UIDFieldName = sAMAccountName;
canAuthenticate = YES;
!!!! bindDN = "NEUCHING\JAGERBOX$";
bindPassword = "CA-,VeZ_dL7,9:";
baseDN = "cn=Users,dc=neuching,dc=com";
!!!! hostname = ldaps://neuching.com;
filter = "(objectClass='group') AND (sAMAccountType=268435456)";
scope = SUB;
displayName = "neuching.com groups";
isAddressBook = YES;
}
);
Hey Gerald,
i take a quick look at your server and saw also at your side everything is up. apache, sogo etc. u also have the newest version 3.2.4. i tried to figure out since a few days now where the problem with the authentication is but did not find a bit
So Found a mistake!
In the sogo.conf is currently the wrong ldap server specify, I have now corrected all lines as specified in the RC2.
So all with “!!!” marked lines are to be adjusted, then go!
And it works!
I’d rather say you found a solution for it
I bet @mark_nl already started working on this fix, but he’s probably busy in this period for his new job.
Does anybody want to open a PR on GitHub?
Do you know you can even edit the source code directly on the github web page ?
I know that it is, but I am not so far that I can put myself there without danger for other hand.
If I have only the sympthome treated, the last step must make someone have a idea of it and it can.
After the steps from @davidep the “Account provider error” is away.
But I can’t login to Sogo anymore. I’ve tried to set a new password to the user, but it dosn’t change anything.
This is the log
Dec 19 09:38:19 sogod [1643]: [ERROR] <0x0x7ffa70f219c0[LDAPSource]> Could not bind to the LDAP server ldaps://MyDomain.de (389) using the bind DN: MyDomainHostname$
Dec 19 09:38:19 sogod [1643]: [ERROR] <0x0x7ffa70f219c0[LDAPSource]> <NSException: 0x7ffa71de2360> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{“error_code” = 49; login = “MYDOMAINHOSTNAME$”; }
Dec 19 09:38:19 sogod [1643]: [ERROR] <0x0x7ffa714faa40[LDAPSource]> Could not bind to the LDAP server ldaps://MyDomain.de (389) using the bind DN: MYDOMAINHOSTNAME $
Dec 19 09:38:19 sogod [1643]: [ERROR] <0x0x7ffa714faa40[LDAPSource]> <NSException: 0x7ffa71e0e7b0> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{“error_code” = 49; login = " MYDOMAINHOSTNAME $"; }
Dec 19 09:38:19 sogod [1643]: 192.168.46.130 “PROPFIND /SOGo/dav/username/Contacts/236A-57E4D080-1-697F2E00/ HTTP/1.1” 404 74/175 0.069 - - 0
One problem, one topic. Please help us keep clean and don’t cross-post:
(Moved here)
Thanks @gerald_FS . I faced the same problem with SOGo. Changed sogo.conf as you discribed and now it works. Saved a lot of time.
I just updated the rpm in nethforge-testing:
nethserver-sogo-1.6.1-1.15.ga5eb638.ns7.noarch.rpm
Please check it out! /cc @dnutan @mark_nl @flatspin @hucky @m.traeumner
(I haven’t tested it with remote account providers.)
Thanx,
I could not figure out how to get the right credentials;
Thanx a lot!
Hi Giacomo,
I think I do a mistake by installing, can you help?
I tried this command:
yum install --enablerepo=nethforge-testing nethserver-sogo-1.6.1-1.15.ga5eb638.ns7.noarch.rpm
and it shows
No package nethserver-sogo-1.6.1-1.15.ga5eb638.ns7.noarch.rpm available.
UPDATE!
I try the following command and it works well
yum --enablerepo=nethforge-testing install nethserver-sogo
Super! Will test it today! Thanks Giacomo.
Hi Giacomo,
thanks too! It works.
Regards
Uwe
Package on testing repo fixed the issue on a local AD account provider.
A quick run on a simple bound NS7 to sambaAD (NS7) worked also.
Sorry for late answer, but today it was like in a beehive…
SOGo-login works like a charme with the testing package.
Installation: RC3, NSDC-Accountprovider, SOGo 3.0.2
Thanks a lot @giacomo !
Just confirmed it - the new package, nethserver-sogo-1.6.1-1.15.ga5eb638.ns7.noarch.rpm, fixes the bug successfully:
- If you are running NethServer release 7.3.1611 (rc3) and haven’t installed yet SOGo, don’t use the web interface; instead, as mentioned above use yum and the nethforge-testing repo.
- If you have already installed SOGo, nethserver-sogo-1.6.1-1.ns7.noarch, running the same yum command will update the package and fix the bug in the sogo.conf file - no restart of the sogod.service required.
yum --enablerepo=nethforge-testing install nethserver-sogo
Actually, the issue was the backslash for the domain name in front of the nethserver name used for the LDAP binding “” that wasn’t escaped (in two places in sogo.conf):
Example:
Old, not working sogo.conf: bindDN = “NEUCHING\JAGERBOX$”;
New, working sogo.conf: bindDN = “NEUCHING\\JAGERBOX$”;
Regards,
Dean
Hi @NetoMeter and welcome here! Your first post has proved to be very useful!
Thanks to your feedback we can release nethserver-sogo-1.6.1-1.15
@mark_nl @giacomo