Hi
I have this scenario: use Nethserver in a Win 2008 domain , to provide mail and collaboration platform to AD users.
I setup NS as domain member, with mail and sogo groupware packages from software center.
Do I have to create each mailbox for each AD user in nethserver ? if Yes, I cannot see the list of users in the mailbox section … I see only local admin …
I can access round cube without any additional setting , and without creating each mailbox …
I cannot access sogo with AD users … should it read automatically or there is some additional configuration to do ?
Thanks
Hi Samuele, thanks for asking.
to check this
yes, you can access without any problem
nope, it should work automatically.
Can you paste sogo log about failed login?
Thank you Alessio
here are the last tre row are the user in the AD domain … and the sogo log
Maybe is it something about password policy that doesn’t match ? I see that NS 6.6 use allow only restictive password (lower , upper , numeric and symbol) … Is there a way to set passwd policy on nethserver ?
getent passwd
michele.campione::50000:50006:Michele Campione:/var/lib/nethserver/home/michele.campione:/bin/false
paola.papperi: :50001:50006:Paola Papperi:/var/lib/nethserver/home/paola.papperi:/bin/false
stefano.lega:*:50005:50006:Stefano Lega:/var/lib/nethserver/home/stefano.lega:/bin/false
Here is the log
Jun 05 11:19:30 sogod [16619]: <0x0x7fbd6fc32908[LDAPSource]> <NSException: 0x7fbd6fd13078> NAME:LDAPException REASON:operation bind failed: Invalid credential
s (0x31) INFO:{login = “uid=michele.campione,ou=people,dc=directory,dc=nh”; }
Jun 05 11:19:30 sogod [16619]: <0x0x7fbd6fcc8298[LDAPSource]> <NSException: 0x7fbd6fdd1948> NAME:LDAPException REASON:operation bind failed: Invalid credential
s (0x31) INFO:{login = “cn=michele.campione,ou=groups,dc=directory,dc=nh”; }
Jun 05 11:19:30 sogod [16619]: SOGoRootPage Login from ‘192.168.10.97’ for user ‘michele.campione’ might not have worked - password policy: 65535 grace: -1 e
xpire: -1 bound: 0
Jun 05 11:19:30 sogod [16619]: 192.168.10.97 “POST /SOGo/connect HTTP/1.1” 403 34/54 0.005 - - 0
Jun 05 11:19:36 sogod [16619]: <0x0x7fbd6fc32908[LDAPSource]> <NSException: 0x7fbd6fd82628> NAME:LDAPException REASON:operation bind failed: Invalid credential
s (0x31) INFO:{login = “uid=michele.campione@demo.local,ou=people,dc=directory,dc=nh”; }
Jun 05 11:19:36 sogod [16619]: <0x0x7fbd6fcc8298[LDAPSource]> <NSException: 0x7fbd6f763ad8> NAME:LDAPException REASON:operation bind failed: Invalid credential
s (0x31) INFO:{login = “cn=michele.campione@demo.local,ou=groups,dc=directory,dc=nh”; }
Jun 05 11:19:36 sogod [16619]: SOGoRootPage Login from ‘192.168.10.97’ for user ‘michele.campione@demo.local’ might not have worked - password policy: 65535 g
race: -1 expire: -1 bound: 0
Jun 05 11:19:36 sogod [16619]: 192.168.10.97 “POST /SOGo/connect HTTP/1.1” 403 34/65 0.002 - - 0
Jun 05 11:19:37 sogod [16619]: <0x0x7fbd6fc32908[LDAPSource]> <NSException: 0x7fbd6fd38d78> NAME:LDAPException REASON:operation bind failed: Invalid credential
s (0x31) INFO:{login = “uid=michele.campione@demo.local,ou=people,dc=directory,dc=nh”; }
Jun 05 11:19:37 sogod [16619]: <0x0x7fbd6fcc8298[LDAPSource]> <NSException: 0x7fbd6fc6f758> NAME:LDAPException REASON:operation bind failed: Invalid credential
s (0x31) INFO:{login = “cn=michele.campione@demo.local,ou=groups,dc=directory,dc=nh”; }
Jun 05 11:19:37 sogod [16619]: SOGoRootPage Login from ‘192.168.10.97’ for user ‘michele.campione@demo.local’ might not have worked - password policy: 65535 g
race: -1 expire: -1 bound: 0
Jun 05 11:19:37 sogod [16619]: 192.168.10.97 “POST /SOGo/connect HTTP/1.1” 403 34/65 0.002 - - 0
Jun 05 11:19:37 sogod [16619]: <0x0x7fbd6fc32908[LDAPSource]> <NSException: 0x7fbd6fd71538> NAME:LDAPException REASON:operation bind failed: Invalid credential
s (0x31) INFO:{login = “uid=michele.campione@demo.local,ou=people,dc=directory,dc=nh”; }
Jun 05 11:19:37 sogod [16619]: <0x0x7fbd6fcc8298[LDAPSource]> <NSException: 0x7fbd6fd26b68> NAME:LDAPException REASON:operation bind failed: Invalid credential
s (0x31) INFO:{login = “cn=michele.campione@demo.local,ou=groups,dc=directory,dc=nh”; }
Jun 05 11:19:37 sogod [16619]: SOGoRootPage Login from ‘192.168.10.97’ for user ‘michele.campione@demo.local’ might not have worked - password policy: 65535 g
race: -1 expire: -1 bound: 0
Jun 05 11:19:37 sogod [16619]: 192.168.10.97 “POST /SOGo/connect HTTP/1.1” 403 34/65 0.002 - - 0
Jun 05 11:19:37 sogod [16619]: <0x0x7fbd6fc32908[LDAPSource]> <NSException: 0x7fbd6fd287d8> NAME:LDAPException REASON:operation bind failed: Invalid credential
s (0x31) INFO:{login = “uid=michele.campione@demo.local,ou=people,dc=directory,dc=nh”; }
Jun 05 11:19:37 sogod [16619]: <0x0x7fbd6fcc8298[LDAPSource]> <NSException: 0x7fbd6fdc12e8> NAME:LDAPException REASON:operation bind failed: Invalid credential
s (0x31) INFO:{login = “cn=michele.campione@demo.local,ou=groups,dc=directory,dc=nh”; }
Jun 05 11:19:37 sogod [16619]: SOGoRootPage Login from ‘192.168.10.97’ for user ‘michele.campione@demo.local’ might not have worked - password policy: 65535 g
race: -1 expire: -1 bound: 0
Hi all
Does anyone have a solution for this ?
I get autentication error vs the win2008 domain controller…
in the sogo log , I see
SOGoRootPage Login from ‘192.168.10.97’ for user … might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0
I have set simple password policy on NS, but nothing changed …
zamboni
(Stefano)
June 19, 2015, 10:59am
5
IIUC, you joined your NS to a windows AD server… so you’re using AD users and passwords… NS has no control on them, you’d take a look in AD side
Hi
If I log into W7 PC with this user, it’ok , so user and password are ok
The password is 1234Abcd … Do you think might be something with password policy between NS and windows domain ?
zamboni
(Stefano)
June 19, 2015, 11:06am
7
samuele_cialdini:
s (0x31) INFO:{login = “uid=michele.campione@demo.local,ou=people,dc=directory,dc=nh”; }Jun 05 11:19:37 sogod [16619]: <0x0x7fbd6fcc8298[LDAPSource]> NAME:LDAPException REASON:operation bind failed: Invalid credential
seems to me like you can’t read/authenticate on NS ldap
guess @davidep or @giacomo have any clue about it
hi
there are other 2 errors before
Jun 19 13:05:32 sogod [25908]: 192.168.10.97 “POST /SOGo/connect HTTP/1.1” 403 34/82 0.002 - - 0
Jun 19 13:05:33 sogod [25908]: <0x0x7f61688c7a58[LDAPSource]> <NSException: 0x7f616896da78> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{“error_code” = 49; login = “uid=paola.papperi@demo.local,ou=people,dc=directory,dc=nh”; }
Jun 19 13:05:33 sogod [25908]: <0x0x7f6168867168[LDAPSource]> <NSException: 0x7f61689f6eb8> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{“error_code” = 49; login = “cn=paola.papperi@demo.local,ou=groups,dc=directory,dc=nh”; }
Jun 19 13:05:33 sogod [25908]: SOGoRootPage Login from ‘192.168.10.97’ for user ‘paola.papperi@demo.local’ might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0
zamboni
(Stefano)
June 19, 2015, 11:09am
9
it’s the same error…
let’s wait for davide or giacomo
davidep
(Davide Principi)
June 19, 2015, 12:51pm
10
To configure SOGo authentication against AD refer to
2 Likes
Thank you Davide
this allow me to login with AD user into sogo …
Is there is something to do similar also for Owncloud , Jabber, and webtop to read windows ad users ?
I’m also trying the new platform for collaboration webtop …
Thanks
1 Like