no idea why, I hope it should not
I removed it, reinstalled it and then I was able to log in with the admin password set before the update. Incomprehensible…
The update previously ran without error.
To my surprise, two or three new users appeared in the account list.
You have not shown these three users before. Has the lam config been changed and does it now display deactivated users?
Although I can’t find a setting for this. Is there a problem with the update? And will this be the problem next time?
How could this be found out?
Thank you for your help.
You are showing us an active directory ldap account provider
Previously it was an openldap provider I showed you IIRC
I’m sorry, but I don’t understand what you mean.
After installing ns8, I created a Samba AD/LDAP domain controller for testing and have been using it ever since.
Sorry, but maybe I was misunderstood?
1 Like
Guest and krbtgt are default AD users, they are not there if OpenLDAP is used.
ldapservice is the NethServer default user to connect/join to OpenLDAP or Samba AD.
1 Like
The ns8-lam module had to be installed so that instead of the username@domain.lan email address that is created automatically when the user is created, the user logs into SOGo with the customized name.surname@domain.lan email address during the ns8-sogo login.
As a first step, the installation description of the ns8-lam module has been prepared, which can be read above.
The second step for this is to customize the NS8 user email address. We need to change the user’s default email address in the LDAP manager. We can do this through the example below.
- Create the user under Domains and users Users and groups, where a user with the default email address is created, e.g. username@domain.lan.
- Create an alias email address for the user, e.g. name.surname@domain.lan
- Set the username@domain.lan default email address to “Make internal”.
By opening https://mylam.domain.lan in a browser, we reach the LDAP Account Manager. Log in with the password previously set for the admin (or another user created specifically for this purpose).
Here, select one of the users for editing.
Here User name corresponds to userPrincipalName, Common name corresponds to cn, Display name corresponds to DisplayName and Email address corresponds to mail value. These will be significant later, when customizing the user’s email address.
Change the entry bacilus ad.diakont.lan under User name to the value ilus.bac @ diakont.lan, save, update and check the value, because it will not be accurate the first time!
Common name and Display name remain unchanged.
The email address field is initially empty, so enter the user’s full (customized) email address here (ilus.bac@diakont.lan).
After that, it is possible to configure the SOGo configuration for logging in with a customized user email address.
I hope this description will be useful for others.
1 Like
After installing the LDAP Account Manager and customizing the users’ email addresses, we only need to configure SOGo so that the user logs in with their email address.
Under NS8, this has to be done a little differently than under NS7. I’m going to write this now.
ATTENTION! Unlike NS7, here, due to the LDAP AD schema, the settings must be changed in the section below.
.....
/* 45 AD authentication */
SOGoUserSources =(
{
id = AD_Users;
type = ldap;
......
The /home/sogo1/.config/templates/sogo.conf file must be modified, because every time SOGo is started, SOGo starts with the settings in it.
The sogo.conf configuration file should be modified as follows, the parts in bold italics should be modified to the specified values.
/* 45 AD authentication */
SOGoUserSources =(
{
id = AD_Users;
type = ldap;
CNFieldName = displayName;
IDFieldName = mail;
UIDFieldName = sAMAccountName ;
IMAPLoginFieldName = sAMAccountName;
canAuthenticate = YES;
bindDN = "{{ldap_user}}";
bindPassword = "{{ldap_password}}";
baseDN = "{{ldap_base}}";
bindFields = (
sAMAccountName,
mail
);
hostname = ldap://accountprovider:{{ldap_port}};
filter = "(objectClass='user') AND (sAMAccountType=805306368)";
//MailFieldNames = ("userPrincipalName");
scope = SUB;
displayName = "{{mail_domain}} users";
isAddressBook = NO;
},
Finally, add SOGoForceIMAPLoginWithEmail = YES; line under /* 50 Web Interface */ as follows.
/* 50 Web Interface */
SOGoVacationEnabled = YES;
SOGoForwardEnabled = YES;
SOGoSieveScriptsEnabled = YES;
SOGoMailAuxiliaryUserAccountsEnabled = {{auxiliary_account}};
SOGoMailCustomFromEnabled = YES;
SOGoForceIMAPLoginWithEmail = YES;
//SOGoFirstDayOfWeek = 1;
//SOGoMailReplyPlacement = "above";
//SOGoMailSignaturePlacement = "above";
Restart SOGo for the changes to take effect. After that, users can log in to SOGo with their full email address.
I hope this helps others too.
1 Like
my concern is the next upgrade of sogo will remove your changes, we do not have the custom-template level 
Yes, this was a problem with NS7 as well, but it was solved there by using a custom template.
I was already going to ask if it is possible to fix this configuration on the NS8 so that it is not overwritten during the update?
Thank you for your help.
What I was afraid of, and what I wanted to test, and what @stephdl also drew my attention to, followed.
The NS8 8.3 update and ns8-lam and ns8-mail updates have also been released. Unfortunately, after all updates, logging in with the SOGo email address does not work, logging in with the username has been restored. I was afraid of this, but no one has yet answered how to customize it… Anyone have an idea or a solution?
Unfortunately, ns8-lam is not available after the update either, the password I set and the default “lam” password do not work either. What does the update mess up with the ns8-lam installation even during the second update?
1 Like
Thank steve I will try to reproduce, for SOGo it is an opened question
relevant to sogo and custom configuration, could you plese test something for me
the idea is to enable some custom template layer
add-module ghcr.io/nethserver/sogo:sdl-custom-conf
once installed configure the module as expected
then become runagent
[root@R1 ~]# runagent -m sogo5
runagent: [INFO] starting bash -l
runagent: [INFO] working directory: /home/sogo5/.config/state
[sogo5@R1 state]$ cp ../templates/sogo.conf templates/sogo.conf.local
[sogo5@R1 state]$ cp ../templates/SOGo.conf templates/SOGo.conf.local
[sogo5@R1 state]$ cp ../templates/cron.conf templates/cron.conf.local
[sogo5@R1 state]$ vim templates/sogo.conf.local
[sogo5@R1 state]$ vim templates/SOGo.conf.local
[sogo5@R1 state]$ vim templates/cron.conf.local
I added a string in the new file, here stephdl (be careful it must be commented of course → /* stephdl */, # stephdl
restart the service
systemctl restart --user sogo
then search the string
[sogo5@R1 state]$ grep -srni 'stephdl' .
./config/sogo.conf:3: /*stephdl 10 Database configuration (mysql) */
./config/SOGo.conf:1:# stephdl
./config/cron-sogo:1:# stephdl Sogod cronjobs
./templates/sogo.conf.local:3: /*stephdl 10 Database configuration (mysql) */
./templates/SOGo.conf.local:1:# stephdl
./templates/cron.conf.local:1:# stephdl Sogod cronjobs
the custom files are included in the backup, please could you test the clone and the backup
tried to make some documentation
sorry but I cannot reproduce, I tried either with AD and openldap. I installed and configured 1.0.3 then I upgraded to 1.0.4, but everything is working as expected
if you want to test it locally
add-module ghcr.io/stephdl/lam:1.0.3
configure it and change the passwords
update the module
api-cli run update-module --data '{"module_url":"ghcr.io/stephdl/lam:1.0.4","instances":["lam1"],"force":true}'
try to catch something in journald
the only corner case I know is if you switch to another ldap account provider, it will remove all settings and thus you go back to the lam default password, but anyway you must be able to login to the settings or to the LDAP
Please @steve could you test the sogo version to make custom configuration files
I tested SOGo and the custom configuration…
…and I ran…
…but I got an error message:
[root@ns8 ~]# runagent -m sogo1
-bash: runagent: command not found
So I manually copied the sogo conf files:
[root@ns8 ~]# cp ../templates/sogo.conf templates/sogo.conf.local
[root@ns8 ~]# cp ../templates/sogo.conf templates/SOGo.conf.local
[root@ns8 ~]# cp ../templates/cron.conf templates/sogo.conf.local
I tried to restart SOGo but I got an error message:
[root@ns8 ~]# systemctl restart --user sogo
Failed to connect to bus: No media found
So I rebooted NS8.
The .conf.local files contain the individual settings and the user can log in with his email address.
I hope it will work in the next update.
An update has arrived for ns8-lam version 1.0.3. I updated to the new version 1.0.4 in the Software Center.
Unfortunately, that is the case. I can’t log in to the LDAP Account Manager again with the password I provided earlier, which I set instead of “lam”, and also with the default password “lam”. The user I set also disappeared from the dropdown menu.
However, I can log in to the lam setting interface, but only with the default “lam” password, the password I set has disappeared. Here I can add the “missing” user again and change the default “lam” password, but still I can’t log in to the LDAP Account Manager using either the new password or the default “lam”.
Should I delete and reinstall the ns8-lam module again? Will this work like this every time?
I don’t understand and I can’t find an error message in the log either.
I had the same problem here after updating to the latest version. But after rebooting the cluster, it worked again.
Regards…
Uwe
1 Like
you must adapt it to the module id of sogo : sogo2 sogo3 sogo4 …
I suppose a restart of the container does the same