Authentication Error by syncing with outlook

WebTop
,
1

Good Morning,
I can’t connect my Outlook to a webtop carddav or caldav. I try with caldav-synchronizer, but I always get an authentication error (401)
Webtop is connected to a local activedirectory on the same server and I can login with every user at the webinterface. But it only works without the domain name, not like mentioned at the docs with the full name. So

wtadmin

works and

wtadmin@MyDomain.local

does not. At the webtop log I often found the following

2020-11-14 08:53:32 [ERROR] c.s.webtop.core.app.shiro.WTRealm - Authentication error
com.sonicle.webtop.core.sdk.WTException: No enabled domains match specified internet domain [MyDomain.local]

Can somebody help?

2

@webtop_team

What does it mean. is this my problem why I can’t sync.

3

I tried to uninstall and reinstall, but webtop don’t loose any settings and the problem is the same as before.

4

I think you need to delete the webtop postgres DB before reinstall to regenerate the settings.

Is mydomain.local your network domain or your AD domain? In my test it worked with network domain only(result of config get DomainName)

5

Thanks for the hint, I’ve done it, but it doesn’t solve the problem. I also have, like you mentioned by phone, uninstalled the ad and reinstalled it with an other name. For the others here, I did a mistake by name convention, my FQDN was ad.MyDomain.local and the ad domain was the same.

The error above at the logs is always shown, if I try to login with user@MyDomain.local
Only user works, but syncing with only the username is not possible.

6

@webtop_team
Is there something else I can look at. I didn’t find something interesting at the configuration files. At the database I looked also with pg admin, there I found the correct domain name under tables, domains.

Michael

7

Just a blind shot: MyDomain.local should be the the domain part of your machine. Is it right?

8

Thanks @giacomo,
yes it’s the domain part, the machine is ad.MyDomain.local.

9

Hi Michael,
I can tell you that this problem of yours is strange to me :thinking:

In general, I confirm that authentication for DAV (or EAS) server is only possible by entering the complete domain username (the main one in the FQDN to understand).

For now the only suggestion I can think of is to try to re-provision the provider account settings within the general webtop settings by launching this event:

signal-event nethserver-webtop5-update

Let me know if anything changes :wink:

10

Thanks for your answer @lucag, I tried it, but it doesn’t help.

11

Thanks to all who helped me. After chatting again with @mrmarkuz I did the following:

  • uninstall webtop
  • delete webtop database
  • uninstall active directory
  • change host name (only lower cases) to ad1.mynetworkdomain.local
  • deleted all aliases (perhaps, this was the problem, I didn’t try to login to webtop with an alias)
  • built an active directory with ad.mydomain.local
  • change the certificate settings to the new networkdomain
  • delete the old certificate at Windows
  • install the new certificate at Windows
  • create a user wtadmin
  • install webtop
  • login with wtadmin@mynetworkdomain.local

Now I can login with the wtadmin@mynetworkdomain.local and synchronization also works.

4 Likes
12

Great news Michael… I’m very glad you solved it :clap: :clap:

At this point I think the change it fixed was this:

I thought ad.MyDomain.local was just an example and it didn’t have capital letters …

BR

1 Like
13

AFAIK hostnames should avoid all capital letters.
This not apply to applications context (therefore my.server.hey/Application/ is different than my.server.hey/application/ )

3 Likes
14

Yes it was an example.

1 Like