Multiple addresses when connecting to AD Server

NethServer Version: 7.0
Module: AD Connector, SOGo

Hi,

I have Nethserver connecting to an AD/Samba 4 server (Univention Corporate Server). When users get pulled across using Carddav/SOGo, each user has three addressed associated with them, and each address is the same.

I didn’t see it as an issue until I used Cardbook (Thunderbird carddav plugin) to add a user to an email. Suddenly, the user was entered in the to: field three times.

Is there something wrong in my SOGo config?

  /* 45 AD authentication */
    SOGoUserSources =(
     { 
        id = AD_Users;
        type = ldap;
        CNFieldName = cn;
        IDFieldName = sAMAccountName;
        UIDFieldName = sAMAccountName;
        IMAPLoginFieldName = mail;
        canAuthenticate = YES;
        bindDN = "example\\administrator";
        bindPassword = "gobbelygook";
        baseDN = "dc=example,dc=com";
        bindFields = (
                sAMAccountName,
                userPrincipalName
            );
        hostname = ldap://dc1.example.com;
        filter = "(objectClass='user') AND (sAMAccountType=805306368) AND (mail='*')";
        MailFieldNames = ("userPrincipalName", "mail");
        scope = SUB;
        displayName = "Example Users";
        isAddressBook = YES;
     },
     {
        id = AD_Groups;
        type = ldap;
        CNFieldName = name;
        IDFieldName = sAMAccountName;
        UIDFieldName = sAMAccountName;
        canAuthenticate = YES;
        bindDN = "example\\administrator";
        bindPassword = "gobbelygook";
        baseDN = "dc=example,dc=com";
        hostname = ldap://dc1.example.com;
        filter = "(objectClass='group') AND (sAMAccountType=268435456) AND (mail='*')";
        MailFieldNames = ("userPrincipalName","mail");
        scope = SUB;
        displayName = "Example Groups";
        isAddressBook = YES;
     }

Thanks,
Gerald

2 Likes

Can you update the nethserver-sogo rpm i’m not sure you use the last one…after that please come back to see if the issue is still there.

I did an update only a couple of days ago. Looking at updates now, the only things that come up are:

bind-libs	9.9.4	38.el7_3.2
bind-libs-lite	9.9.4	38.el7_3.2
bind-license	9.9.4	38.el7_3.2
bind-utils	9.9.4	38.el7_3.2
nethserver-httpd-admin	2.0.8	1.ns7

My sogo.conf is different than the netserver standard one… I was getting computers in the domain showing up in the address book.

Gerald

Maybe you should take a look in the samba ad of univention to see if thd issue does’nt come here.

I’m not at home, hard to debug

I’m not a huge Samba expert, but from my poking around, it all looks good on that side. I could be wrong, however.

I just don’t have the knowledge to know what to look for.

Gerald

Wow! And is it working flawlessly? Can you share your configuration with us?

Hi,

There was nothing to it, really. I set up Univention as a Domain Controller and added all my users and groups. I then told NethServer its Accounts Provider was Active Directory and pointed it to my Univention server. I then installed SOGo, modified the sogo.conf, and it all worked.

Univention provides the SMTP and IMAP connections, EFA Project provides the spam and virus control, and Nethserver/SOGo provide the groupware aspects.

The only thing missing is scheduling of resources. I figure I need to have SOGo use its MySQL DB for that, and manually create resources in the DB.

Gerald

One thing I would like to add: Who ever is doing the SOGo integration is doing a great job! I was very disappointed to see SOGo status dropped.

I guess there is a misunderstanding, I feel obligated to point out that SOGo isn’t dropped, it’s still there and installable. You can also install the brand new version from testing

yum install nethserver-sogo --enablerepo=nethserver-testing

http://community.nethserver.org/t/sogo-3-2-4-packages-needs-testing/?source_topic_id=5851
1 Like

Interesting. I thought I read a thread where it was dropped from the official line and was now only community supported, because Inverse closed the repos. I must have missed something.

I am running 3.2.4, which I installed from the management interface. Looking forward to 3.2.7 support.

1 Like

can you share us what you modified ?

A bit off topic, but this is my sogod.conf. I’m still getting 3 addresses per user.

The commented section in SOGoUserSources will be used for testing resources on a local MySQL DB.

{
/* **************** DO NOT MODIFY THIS FILE **************** *
 * 
 * Manual changes will be lost when this file is regenerated.
 *
 * Please read the developer's guide, which is available
 * at https://dev.nethesis.it/projects/nethserver/wiki/NethServer
 * original work from http://www.contribs.org/development/
 *
 * Copyright (C) 2013 Nethesis S.r.l. 
 * http://www.nethesis.it - support@nethesis.it
 * 
 * ********************************************************** */


  /* 10 Database configuration (mysql) */
    SOGoProfileURL = "mysql://sogo:zV5Pn5XV@localhost/sogo/sogo_user_profile";
    OCSFolderInfoURL = "mysql://sogo:zV5Pn5XV@localhost/sogo/sogo_folder_info";
    OCSSessionsFolderURL = "mysql://sogo:zV5Pn5XV@localhost/sogo/sogo_sessions_folder";

  /* 20 Mail */
    SOGoDraftsFolderName = "Drafts";
    SOGoSentFolderName = "Sent";
    SOGoTrashFolderName = "Trash";
    SOGoJunkFolderName = "Junk";
    SOGoIMAPServer = "imap://email.example.com/?tls=YES";
    SOGoSieveServer = "sieve://email.example.com:4190";
    SOGoSMTPServer = "localhost:587";
    SOGoMailDomain = "example.com";
    SOGoMailingMechanism = "smtp";
    NGImap4ConnectionStringSeparator = "/";

  /* 30 Notifications */
    SOGoFoldersSendEMailNotifications = NO;
    SOGoACLsSendEMailNotifications = NO;
    SOGoAppointmentSendEMailNotifications = YES;

  /* 40 Authentication */
  //SOGoPasswordChangeEnabled = YES;

  /* 45 AD authentication */
    SOGoUserSources =(
     {
        id = AD_Users;
        type = ldap;
        CNFieldName = cn;  
        IDFieldName = sAMAccountName;
        UIDFieldName = sAMAccountName;
        IMAPLoginFieldName = mail;
        canAuthenticate = YES;
        bindDN = "example\\administrator";
        bindPassword = "password";
        baseDN = "dc=example,dc=com";
        bindFields = (
                sAMAccountName,
                userPrincipalName
            );
        hostname = ldap://dc1.example.com;
        filter = "(objectClass='user') AND (sAMAccountType=805306368) AND (mail='*')";
        MailFieldNames = ("userPrincipalName", "mail");
        scope = SUB;
        displayName = "example Users";
        isAddressBook = YES;
     },
     {
        id = AD_Groups;
        type = ldap;
        CNFieldName = name;   
        IDFieldName = sAMAccountName;
        UIDFieldName = sAMAccountName;
        canAuthenticate = YES;
        bindDN = "example\\administrator";
        bindPassword = "password";
        baseDN = "dc=example,dc=com";
        hostname = ldap://dc1.example.com;
        filter = "(objectClass='group') AND (sAMAccountType=268435456) AND (mail='*')";
        MailFieldNames = ("userPrincipalName","mail");
        scope = SUB;
        displayName = "example Groups";
        isAddressBook = YES;
     }
 /*
      {
         id = AD_Resources;   
         type = ldap;
         CNFieldName = name;
         IDFieldName = sAMAccountName;
         UIDFieldName = sAMAccountName;
         canAuthenticate = YES;
         bindDN = "example\\administrator";
         bindPassword = "password";
         baseDN = "dc=example,dc=com";    
         hostname = ldap://dc1.example.com;
         filter = "(objectClass='resources') AND (mail='*')";
         MailFieldNames = ("userPrincipalName","mail");
         scope = SUB;
         displayName = "example.com resources";
         isAddressBook = YES;
      }
*/
    );



  /* 50 Web Interface */
    SOGoVacationEnabled = YES;
    SOGoForwardEnabled = YES;
    SOGoSieveScriptsEnabled = YES;
    SOGoMailAuxiliaryUserAccountsEnabled = YES;
    SOGoMailCustomFromEnabled = YES;
  //SOGoFirstDayOfWeek = 1;  
  //SOGoMailReplyPlacement = "above";
  //SOGoMailSignaturePlacement = "above";

  /* 60 General */
    SOGoTimeZone = America/Winnipeg;
    SOGoSuperUsernames = (gbr); // This is an array - keep the parens!
    SOGoMemcachedHost = "127.0.0.1";
    SxVMemLimit = 512;
    SOGoEnablePublicAccess = YES;

  /* From Nethesis GNUStep configuration
     Undocumented in sogo instalation manual */
     SOGoAppointmentSendEMailReceipts = YES;

  /* 70 Active Sync options and tuning */
    SOGoMaximumPingInterval = 10;
    SOGoMaximumSyncInterval = 30;
    SOGoInternalSyncInterval = 10;  
    SOGoMaximumSyncResponseSize = 2048;

    WOWatchDogRequestTimeout = 10;
    WOWorkersCount = 15;

  /* 80 Debug */
  //SOGoDebugRequests = YES;
  //SoDebugBaseURL = YES;
  //ImapDebugEnabled = YES;
  //LDAPDebugEnabled = YES;
  //PGDebugEnabled = YES;
  //MySQL4DebugEnabled = YES;
  //SOGoUIxDebugEnabled = YES;
  //WODontZipResponse = YES;
  //SOGoEASDebugEnabled = YES;
  //WOLogFile = "/var/log/sogo/sogo.log";
}

which version of nethserver-sogo you have…I think it is not the last

in the last we changed this

-          MailFieldNames = ("userPrincipalName","mail");
+         MailFieldNames = ("userPrincipalName");

I’m still running 3.2.4. I saw 3.2.6 came out, but haven’t had a chance to upgrade.

please what is the output of

rpm -qa *sogo*

if nethserver-sogo is not : nethserver-sogo-1.6.4-1.ns7.noarch

then

yum update

by the way, sogo is now in the version sogo-3.2.7…

Finally got around to doing this…

[root@sogo ~]# rpm -qa *sogo*
sogo-3.2.7-1.ns7.x86_64
sogo-tool-3.2.7-1.ns7.x86_64
nethserver-sogo-1.6.5-1.ns7.noarch
sogo-activesync-3.2.7-1.ns7.x86_64

With the upgrade, the number of email addresses per user dropped to 2. I still use the same sogo.conf as listed above.

Gerald