Sogo LDAP bind failures after backup-config restore

i stuck in trouble right now, i try to restore the configuration backup but got an error and it takes a very long time, what i dont understand.

Error is Aufgabe mit Fehler abgeschlossen
Reconfiguring system #4 (Exit Status 1)
Event post-restore-config failed

also not possible now to connect to sogo with outlook, android or ios

got this in the sogo error log

<0x0x560957840110[LDAPSource]> <NSException: 0x560958cd5570> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{“error_code” = 49; login = “samaccountname=xxxxxxx,cn=users,dc=xxxxxxxxxx,dc=xxx”; }

It looks like you’re restoring a system joined to an AD domain! This cannot live with nethserver-directory.

Can you report the list of installed packages

 rpm -qa | sort

And the output of

config show sssd
config show nsdc

Also the whole /var/log/messages would help

the list is to long
perl-Razor-Agent-2.85-15.el7.x86_64
perl-Scalar-List-Utils-1.27-248.el7.x86_64
perl-Socket-2.010-3.el7.x86_64
perl-Socket6-0.23-15.el7.x86_64
perl-Storable-2.45-3.el7.x86_64
perl-Sys-CPU-0.54-4.el7.x86_64
perl-Sys-Hostname-Long-1.5-1.el7.noarch
perl-Sys-MemInfo-0.91-7.el7.x86_64
perl-Sys-Syslog-0.33-3.el7.x86_64
perl-TermReadKey-2.30-20.el7.x86_64
perl-Test-Harness-3.28-3.el7.noarch
perl-Text-ParseWords-3.29-4.el7.noarch
perl-Text-Soundex-3.04-4.el7.x86_64
perl-Text-Template-1.45-12.el7.noarch
perl-Text-Unidecode-0.04-20.el7.noarch
perl-threads-1.87-4.el7.x86_64
perl-threads-shared-1.43-6.el7.x86_64
perl-TimeDate-2.30-2.el7.noarch
perl-Time-HiRes-1.9725-3.el7.x86_64
perl-Time-Local-1.2300-2.el7.noarch
perl-Unix-Syslog-1.1-17.el7.x86_64
perl-URI-1.60-9.el7.noarch
perl-version-0.99.07-2.el7.x86_64
perl-WWW-RobotRules-6.02-5.el7.noarch
perl-XML-Filter-BufferText-1.01-17.el7.noarch
perl-XML-NamespaceSupport-1.11-10.el7.noarch
perl-XML-Parser-2.41-10.el7.x86_64
perl-XML-SAX-Base-1.08-7.el7.noarch
perl-XML-SAX-Writer-0.53-4.el7.noarch
perl-XML-Twig-3.44-2.el7.noarch
pexpect-2.3-11.el7.noarch
php-5.4.16-36.3.el7_2.x86_64
php-cli-5.4.16-36.3.el7_2.x86_64
php-common-5.4.16-36.3.el7_2.x86_64
php-intl-5.4.16-36.3.el7_2.x86_64
php-xml-5.4.16-36.3.el7_2.x86_64
pinentry-0.8.1-14.el7.x86_64
pixman-0.32.6-3.el7.x86_64
pkgconfig-0.27.1-4.el7.x86_64
plymouth-0.8.9-0.24.20140113.el7.centos.x86_64
plymouth-core-libs-0.8.9-0.24.20140113.el7.centos.x86_64
plymouth-scripts-0.8.9-0.24.20140113.el7.centos.x86_64
policycoreutils-2.2.5-20.el7.x86_64
polkit-0.112-7.el7_2.x86_64
polkit-pkla-compat-0.1-4.el7.x86_64
popt-1.13-16.el7.x86_64
portreserve-0.0.5-10.el7.x86_64
postfix-2.10.1-6.el7.x86_64
ppp-2.4.5-33.el7.x86_64
procmail-3.22-35.el7.x86_64
procps-ng-3.3.10-5.el7_2.x86_64
psmisc-22.20-9.el7.x86_64
pth-2.0.7-23.el7.x86_64
pulledpork-0.7.2-1.ns7.noarch
pygobject3-base-3.14.0-3.el7.x86_64
pygpgme-0.3-9.el7.x86_64
pyliblzma-0.5.3-11.el7.x86_64
pyOpenSSL-0.13.1-3.el7.x86_64
pyparsing-1.5.6-9.el7.noarch
pytalloc-2.1.5-1.el7_2.x86_64
python-2.7.5-39.el7_2.x86_64
python2-acme-0.9.3-1.el7.noarch
python2-boto-2.43.0-1.el7.noarch
python2-certbot-0.9.3-1.el7.noarch
python2-configargparse-0.10.0-1.el7.noarch
python2-crypto-2.6.1-9.el7.x86_64
python2-dialog-3.3.0-6.el7.noarch
python2-ecdsa-0.13-4.el7.noarch
python2-mock-1.0.1-9.el7.noarch
python2-paramiko-1.16.1-1.el7.noarch
python2-pyrfc3339-1.0-2.el7.noarch
python2-rsa-3.4.1-1.el7.noarch
python-backports-1.0-8.el7.x86_64
python-backports-ssl_match_hostname-3.4.0.2-4.el7.noarch
python-cffi-0.8.6-2.el7.x86_64
python-chardet-2.2.1-1.el7_1.noarch
python-configobj-4.7.2-7.el7.noarch
python-cryptography-0.8.2-1.el7.x86_64
python-dateutil-1.5-7.el7.noarch
python-decorator-3.4.0-3.el7.noarch
python-enum34-1.0.4-1.el7.noarch
python-GnuPGInterface-0.3.2-11.el7.noarch
python-iniparse-0.4-9.el7.noarch
python-javapackages-3.4.1-11.el7.noarch
python-libs-2.7.5-39.el7_2.x86_64
python-lockfile-0.9.1-4.el7.centos.noarch
python-lxml-3.2.1-4.el7.x86_64
python-ndg_httpsclient-0.3.2-1.el7.noarch
python-parsedatetime-1.5-3.el7.noarch
python-perf-3.10.0-327.36.3.el7.x86_64
python-ply-3.4-10.el7.noarch
python-psutil-2.2.1-1.el7.x86_64
python-pyasn1-0.1.6-2.el7.noarch
python-pycparser-2.14-1.el7.noarch
python-pycurl-7.19.0-17.el7.x86_64
python-pyudev-0.15-7.el7_2.1.noarch
python-requests-2.6.0-1.el7_1.noarch
python-setuptools-0.9.8-4.el7.noarch
python-simplejson-3.3.3-1.el7.x86_64
python-six-1.9.0-2.el7.noarch
python-slip-0.4.0-2.el7.noarch
python-slip-dbus-0.4.0-2.el7.noarch
python-sssdconfig-1.13.0-40.el7_2.12.noarch
python-tdb-1.3.8-1.el7_2.x86_64
python-urlgrabber-3.10-7.el7.noarch
python-urllib3-1.10.2-2.el7_1.noarch
python-zope-component-4.1.0-1.el7.noarch
python-zope-event-4.0.3-2.el7.noarch
python-zope-interface-4.0.5-4.el7.x86_64
pytz-2012d-5.el7.noarch
pyxattr-0.5.1-5.el7.x86_64
qrencode-libs-3.4.1-3.el7.x86_64
quota-4.01-11.el7_2.1.x86_64
quota-nls-4.01-11.el7_2.1.noarch
readline-6.2-9.el7.x86_64
realmd-0.16.1-5.el7.x86_64
rootfiles-8.1-11.el7.noarch
rpcbind-0.2.0-33.el7_2.1.x86_64
rpm-4.11.3-17.el7.x86_64
rpm-build-libs-4.11.3-17.el7.x86_64
rpm-libs-4.11.3-17.el7.x86_64
rpm-python-4.11.3-17.el7.x86_64
rp-pppoe-3.11-5.el7.x86_64
rrdtool-1.4.8-9.el7.x86_64
rsync-3.0.9-17.el7.x86_64
rsyslog-7.4.7-12.el7.x86_64
samba-client-libs-4.2.10-7.el7_2.x86_64
samba-common-4.2.10-7.el7_2.noarch
samba-common-libs-4.2.10-7.el7_2.x86_64
samba-common-tools-4.2.10-7.el7_2.x86_64
samba-libs-4.2.10-7.el7_2.x86_64
samba-winbind-4.2.10-7.el7_2.x86_64
samba-winbind-clients-4.2.10-7.el7_2.x86_64
samba-winbind-modules-4.2.10-7.el7_2.x86_64
screen-4.1.0-0.23.20120314git3c2946.el7_2.x86_64
sed-4.2.2-5.el7.x86_64
selinux-policy-3.13.1-60.el7_2.9.noarch
selinux-policy-targeted-3.13.1-60.el7_2.9.noarch
setup-2.8.71-6.el7.noarch
shadow-utils-4.1.5.1-18.el7.x86_64
shared-mime-info-1.1-9.el7.x86_64
shorewall-5.0.8.2-1.el7.noarch
shorewall-core-5.0.8.2-1.el7.noarch
slang-2.2.4-11.el7.x86_64
smartmontools-6.2-4.el7.x86_64
snappy-1.1.0-3.el7.x86_64
sogo-3.2.0-2.ns7.x86_64
sogo-activesync-3.2.0-2.ns7.x86_64
sogo-tool-3.2.0-2.ns7.x86_64
sope49-appserver-4.9-20161023_320.ns7.x86_64
sope49-cards-3.2.0-2.ns7.x86_64
sope49-core-4.9-20161023_320.ns7.x86_64
sope49-gdl1-4.9-20161023_320.ns7.x86_64
sope49-gdl1-contentstore-3.2.0-2.ns7.x86_64
sope49-gdl1-mysql-4.9-20161023_320.ns7.x86_64
sope49-ldap-4.9-20161023_320.ns7.x86_64
sope49-mime-4.9-20161023_320.ns7.x86_64
sope49-sbjson-2.3.1-20161023_320.ns7.x86_64
sope49-xml-4.9-20161023_320.ns7.x86_64
spamassassin-3.4.0-2.el7.x86_64
sqlite-3.7.17-8.el7.x86_64
squid-3.3.8-26.el7_2.4.x86_64
squidclamav-6.15-1.ns7.x86_64
squidGuard-1.4-26.1.ns7.x86_64
sssd-1.13.0-40.el7_2.12.x86_64
sssd-ad-1.13.0-40.el7_2.12.x86_64
sssd-client-1.13.0-40.el7_2.12.x86_64
sssd-common-1.13.0-40.el7_2.12.x86_64
sssd-common-pac-1.13.0-40.el7_2.12.x86_64
sssd-ipa-1.13.0-40.el7_2.12.x86_64
sssd-krb5-1.13.0-40.el7_2.12.x86_64
sssd-krb5-common-1.13.0-40.el7_2.12.x86_64
sssd-ldap-1.13.0-40.el7_2.12.x86_64
sssd-proxy-1.13.0-40.el7_2.12.x86_64
strace-4.8-11.el7.x86_64
sudo-1.8.6p7-17.el7_2.x86_64
suricata-3.1.2-1.el7.x86_64
systemd-219-19.el7_2.13.x86_64
systemd-libs-219-19.el7_2.13.x86_64
systemd-python-219-19.el7_2.13.x86_64
systemd-sysv-219-19.el7_2.13.x86_64
systemtap-sdt-devel-2.8-10.el7.x86_64
sysvinit-tools-2.88-14.dsf.el7.x86_64
tar-1.26-29.el7.x86_64
tcl-8.5.13-8.el7.x86_64
tcpdump-4.5.1-3.el7.x86_64
tcp_wrappers-7.6-77.el7.x86_64
tcp_wrappers-libs-7.6-77.el7.x86_64
tmpwatch-2.11-5.el7.x86_64
tokyocabinet-1.4.48-3.el7.x86_64
traceroute-2.0.19-5.el7.x86_64
trousers-0.3.13-1.el7.x86_64
ttmkfdir-3.0.9-42.el7.x86_64
tuned-2.5.1-4.el7_2.6.noarch
tzdata-2016h-1.el7.noarch
tzdata-java-2016h-1.el7.noarch
unbound-1.4.20-26.el7.x86_64
unbound-libs-1.4.20-26.el7.x86_64
unzoo-4.4-16.el7.x86_64
usbutils-007-5.el7.x86_64
ustr-1.0.4-16.el7.x86_64
util-linux-2.23.2-26.el7_2.3.x86_64
vim-minimal-7.4.160-1.el7.x86_64
virt-what-1.13-6.el7.x86_64
wget-1.14-10.el7_0.1.x86_64
which-2.20-7.el7.x86_64
wpa_supplicant-2.0-17.el7_1.x86_64
xfsprogs-3.2.2-2.el7.x86_64
xmlsec1-1.2.20-5.el7.x86_64
xmlsec1-openssl-1.2.20-5.el7.x86_64
xorg-x11-fonts-Type1-7.5-9.el7.noarch
xorg-x11-font-utils-7.5-20.el7.x86_64
xtables-addons-2.11-1.el7.lux.x86_64
xtables-geoip-2015.08-2.3.1.noarch
xz-5.1.2-12alpha.el7.x86_64
xz-libs-5.1.2-12alpha.el7.x86_64
yajl-2.0.4-4.el7.x86_64
yum-3.4.3-132.el7.centos.0.1.noarch
yum-metadata-parser-1.1.4-10.el7.x86_64
yum-plugin-changelog-1.1.31-34.el7.noarch
yum-plugin-fastestmirror-1.1.31-34.el7.noarch
zip-3.0-10.el7.x86_64
zlib-1.2.7-15.el7.x86_64
[root@sbs ~]#

and yes it was formerly only the samba active directory installed (my fault, dont read it here before, thought it would be a good idea to support you)

output of sssd =
sssd=service
AdDns=192.168.100.1
LdapURI=
Provider=ad
status=enabled

output of nsdc =
nsdc=service
IpAddress=192.168.100.1
bridge=br0
status=enabled

Could you upload /var/log/messages to

https://gist.github.com/

If you prefer, you can share the URL hash with me in a private message.

i dont have an account there, ufff, hate it if something like that happen

you don’t need it! cut-and-paste anonymously

Thanks for the log file. Well, there are many error messages like this, we can safely ignore:

    Nov 18 11:16:36 sbs esmith::event[4169]: ERROR in /etc/e-smith/db/networks/migrate//trafficshaping.el7: Program fragment delivered error <> at template line 1

Thes lines captured my attention:

Nov 18 10:33:11 sbs esmith::event[29109]: [ERROR] /usr/libexec/nethserver/smbads: failed to add service primaries to system keytab
Nov 18 10:33:11 sbs esmith::event[29109]: [ERROR] /usr/libexec/nethserver/smbads: failed to initialize keytabs
...
Nov 18 10:52:20 sbs esmith::event[921]: [ERROR] /usr/libexec/nethserver/smbads: failed to add service primaries to system keytab
Nov 18 10:52:20 sbs esmith::event[921]: [ERROR] /usr/libexec/nethserver/smbads: failed to initialize keytabs
...
Nov 18 11:18:09 sbs esmith::event[4310]: [ERROR] /usr/libexec/nethserver/smbads: failed to add service primaries to system keytab
Nov 18 11:18:09 sbs esmith::event[4310]: [ERROR] /usr/libexec/nethserver/smbads: failed to initialize keytabs

Please, go to server-manager and paste the contents of

https://192.168.122.4:980/en-US/Sssd

Replace your actual IP in the URL above

Also, can you see the list of users and groups in server-manager?

what i dont get is what happen. i dont change anything only try to test the ldap stuff, okay, that is my fault, cause i did not use it here. but what is changed by doing this command yum --enablerepo=nethserver-testing update nethserver-directory

As nethserver-directory wasn’t present on your system, that command is uneffective.

You have a lot of packages installed and you run backup-config restore (BTW why?). I suppose the sogo package has an issue with the config restore procedure.

In other words you probably hit another bug!

cause after i got the error after doing the systemctl restart slapd command, u wrote simply restore your config backup. and so i thought, okay, then everything is like before.

but i think you are right, cause i dont have this much packages installed, but i look at it and did not find the sogo package in installed packages and also dont find it in software center for installing…but in services it is aktiv as sogod…

in the sogo log is written

NAME:LDAPException REASON:operation bind failed: Can’t contact LDAP server (0xFFFFFFFF) INFO:{“error_code” = “-1”;

Don’t believe what developers say

I really appreciate your help on testing, but don’t test on production! It’s true, I asked to test on “existing systems” a specific package. Whilst I asked I was pretty sure the testing package was safe enough for a release, but of course I have no idea of what other packages (nethserver-sogo) could do during a restore.

Can you attach the whole sogo log and /etc/sogo/sogo.conf?

Please show me also any custom template you made!

Please try this command:

systemctl restart nsdc

Wait a few seconds then run

systemctl restart sogo

Failed to restart sogo.service: Unit sogo.service failed to load: No such file or directory.

ah name of the service is sogod

ops!

systemctl restart sogod

lol, saw it a minute ago, and it starts without probs

Still bind errors?

yes, it dont accept username password