Installing Horde Groupware


(Michael Träumner) #61

Why did it change? You wrote it’s the same domain.

(Ralph) #62

Well, it was “” and is now “”. I adjusted that of course. And the users can login but the user information as to full name and mail address is wrong. Which results in not being able to send mails from horde because there is no primary mail address.

Do you know how I can test the hook.local.php file?

(Michael Träumner) #63

Not really, but I think something at your AD has changed. You can test your LDAP-Settings of the hook file manually with ldap-search

Is your AD a nethserver, or did you move from nethserver to windows server for example. I ask because the searchstring for AD could be another at a new server with an other system.

(Ralph) #64

AD DC is a NS7.

(Michael Träumner) #65

Ok, then it should look like my hooks.local.php.
Perhaps you can post it, sometimes 4 eyes see more then 2.
Did you test with ldapsearch?

(Ralph) #66

I’m struggling with the ldap port 636. I can connect with LdapAdmin but not with ldapsearch. “-p 636” should be correct but it does not work.

(Michael Träumner) #67

Please try with port 389. At my hook I had to set it too. I know it should not be the port for AD connection, but this works for me. Perhaps @giacomo can explain it?

(Ralph) #68

I know it worked with port 389 before. But this is a new NS installation and now port 636 with encryption is required.
It’s always nice to make things even more comlicated.
Meanwhile I managed to check the user data wit ldapsearch. Everything looks correct. But the trouble I had to connect to the Ldap server over port 636 makes me guess that in the hook file more is to be changed than just replacing the port.

(Michael Träumner) #69

@rasi Did you do these steps?

(Markus Neuberger) #70

LDAPS: Port 636 with SSL
LDAP: Port 389, secured with STARTTLS

Port 389 worked without TLS in earlier versions but that’s insecure.

(Ralph) #71

Yeah, that did the trick. Thank you so much, @dnutan!

(Giacomo Sanchietti) #72

Exactly, Samba is now enforcing TLS over port 389.

(Ralph) #73

Next problem: I can see the user information in Users and Groups - i.e username, full name and primary mail address - but I do not see them in the personal settings within the gui, neither in the general nor the webmail settings. The necessary fields do not exist. When I want to write an email, every identity is associated with the primary mail address. Where is the hook information linked to the webmail identities?
Happy Easter holidays to all!

(Michael Träumner) #74

Yes you are right. The same for me. I’ve to look for it.

(Michael Träumner) #75

I tried to send a mail and the info of user and address is OK. At the interface you can’t see it, it’s only announced as standard profile.

(Ralph) #76

So it’s a matter of blind faith? I don’t like that.
It used to be correct before. Maybe a bug in an upgrade of IMP?

(Dan) #77

So I circled back to this last week and installed nethserver-horde on my Neth 7.4 server, and it seems to be working pretty well. One oddity I’m noticing, though, is that I need to log in twice to get into imp–even if I go to domain/horde/imp, I need to enter username/password twice, whereupon I’m taken to the mailbox and everything works fine. Has anyone else noticed this?

NethServer 8: wishlist for the conference
(Markus Neuberger) #78

No, I didn’t recognize before, thanks. I found that changing hordeauth to true for imap in /usr/share/horde/imp/config/backends.php seems to solve it, I’ll add it to the module asap.

// IMAP server
$servers['imap'] = array(
    // ENABLED by default; will connect to IMAP port on local server
    'disabled' => false,
    'name' => 'IMAP Server',
    'hostspec' => 'localhost',
    'hordeauth' => true,
    'protocol' => 'imap',
    'port' => 143,
    // Plaintext logins are disabled by default on IMAP servers (see RFC 3501
    // [6.2.3]), so TLS is the only guaranteed authentication available by
    // default.
    'secure' => 'tls',

(Dan) #79

Yep, that does it for me too. Cool!

(Dan) #80

Also noticing that user profiles don’t auto-populate–until a user goes into Mail preferences/Personal information and updates with (at least) a full email address, they can’t send mail.