Rspamd AD Login

I installed Rspamd for testing, but a login as AD Admin on the Configside is not possible, in Rouncube this is possible without problems. Where do you think the problem lies?

Here I can login as member of “Domain Admins” group. I can’t check the “admin” user, sorry. Could you provide some /var/log/secure and /var/log/messages excerpts?

Mar 23 11:05:04 webmail httpd: pam_succeed_if(rspamd:auth): requirement “user in admin” not met by user "administrator"
Mar 23 11:05:04 webmail httpd: pam_succeed_if(rspamd:auth): requirement “user ingroup domain admins” not met by user “administrator”

in messages there’s nothing in it

You can login with either “admin” or any member of the “domain admins” group. Administrator shoud be member of it, however, let’s check it. Please paste the output of:

id administrator

uid=1689400500(uid=1689400500(administrator@astra.local) gid=1689400513(domänen-benutzer@astra.local) groups=1689400513(domänen-benutzer@astra.local),1689400520(richtlinien-ersteller-besitzer@astra.local),1689400519(organisations-admins@astra.local),1689403102(helplibraryupdaters@astra.local),1689403104(sqlservermsasuser$adp$mssqlserver@astra.local),1689400512(domänenadmins@astra.local),1689400518(schema-admins@astra.local),1689400572(abgelehnte rodc-kennwortreplikationsgruppe@astra.local),1689403613(pt-programme@astra.local),1689407638(wifi@astra.local),1689407655(pt-wifihome@astra.local),1689403612(verwaltung@astra.local

1 Like

It seems AD has localized group names. Did you configure a remote MS AD accounts provider? Just out of curiosity, which version is it?

I don’t know if UTF-8 chars are well supported, but you should configure the admins/group prop as documented here:

If a user or group with a similar purpose is already present in the remote account provider database, but it is named differently, NethServer can be configured to rely on it with the following commands…

Thanks, I created the “Admin” in the AD with user rights and now I can log in.

1 Like