SOGo and AD brainstorming

sogo
mailserver
activedirectory
v7

(Stefano Zamboni) #1

NethServer Version: 7.3.1611
Module: nethserver-sogo

Ok, I’m testing a solution for a customer
AD domain realm is something like domain.local
public domain is something like mycompany.tld

NS is successfully joined to AD domain, its only domain is mycompany.tld, I see all users and groups… so far, so good.

now…
If I use userPrincipalName AD attribute (user@domain.local), once logged I see that this is my email address… I’d edit all accounts properties to change it to user@mycompany.tld…
in sogo’s documentation I read, regarding MailFieldNames:

An array of fields that returns the user’s email addresses (defaults to mail when unset). Note that SOGo will always automatically strip the protocol value from the attribute if the attribute name is proxyAddresses.

If I create a custom fragment to unset the MailFieldNames value or to set it to “mail”, once logged in webmail I see I’m using the correct email address… but…

but once logged I see in /var/lib/nethserver/vmail a dir named user@domain.local; if I send an email to this user on its real email address (either from an external account or from an internal one) a new dir named user@mycompany.tld is created and I can’t see its content from my webmail or my email client.

since my customer has only one domain I’d like to know how to setup my NS to solve my issue or an howto to configure it in such a situation

TIA


Sogo don't send appointments
(Michael Träumner) #2

Which field have you changed?

SOGoMailDomain?


(Stefano Zamboni) #3

no

I created a custom fragment 45user_source and in AD section I edited the MailFiledNames from

MailFiledNames = ("userPrincipalName");

to

MailFieldNames = ("mail","userPrincipalName");


(Michael Träumner) #4

Hi Stefano,
could you try to create a custom template with:

SOGoMailDomain = “mycompany.tld”

I can’t try at the moment, I only have a sogo at a production system.


(Stefano Zamboni) #5

I already have SOGoMailDomain with that value, without any need of custom fragment


(Michael Träumner) #6

@dev_team Does anybody of you have an idea?


(Stefano Zamboni) #7

I solved creating a custom fragment and setting:

IMAPLoginFieldName = mail;

instead of

IMAPLoginFieldName = userPrincipalName;

BTW, now I have a new issue (maybe 2):

if I compose a new mail and search for an internal user, both domain.local and mycompany.tld addresses are shown (and I don’t like it)
moreover, searching for an address, I get the workstations (joined to domain) names, and this is clearly a bug

hope @stephdl will jump in, I know that nethserver-sogo is a package from him

Thank you in any case for your help


(Stefano Zamboni) #8

next step is to add the openchange packages to add MAPI layer…
I see that some packages are available here:
http://ftp.altlinux.org/pub/distributions/ALTLinux/Sisyphus/x86_64/RPMS.classic/

unfortunately all openchange stuff is available (from Inverse) only on debian/ubuntu distro

anyone interested in?


(Stéphane de Labrusse) #9

I’m testing it again because with a full updated ns, when I use SOGo, the email address was not the dummy samba one.

I will back here

Realm: AD.NETHSERVERTEST.ORG
NetBIOS domain name: NETHSERVERTEST

email in sogo was toto@nethservertest.org


(Stéphane de Labrusse) #10

can you reproduce it with a full updated NS7.9… I just tried with another vm

Realm: AD.PLOP.ORG
email domain name : nethservertest.org

I see the email toto@nethservertest.org in the upper left sogo page, and not toto@AD.PLOP.ORG


(Michael Träumner) #11

It’s interesting, but last times I tested it with zentyal (1 year ago) it was very bugy.


(Stefano Zamboni) #12

thank you for your feedback
I see that altlinux packages are based on last release (20th july 2017)

BTW… I’m asked to find a real alternative to exchange… unfortunately sogo can’t be considered one, 'cause openchange is unsupported on centos and TB integration seems broken with latest releases of TB, lightning and sogo connector/integrator packages…
webmail is not an option, even if I have some customers that are using it


(Michael Träumner) #13

I’ve tested it with thunderbird 52.4.0 SOGo Connector 31.0.3 and lightning 5.4.4, that works for me.
What are your problems?


(Stefano Zamboni) #14

with connector and integrator 31.0.5 it doesn’t work… I saw some errors in TB’s debug console but now I can’t post them


(Michael Träumner) #15

Ok, I tried with version 31.0.5 of SOGo Connector now, it works without problems, I didn’t tried with Integrator, but if you post errors later perhaps we can find the issue and I can compare the output with and without integrator.


(Stefano Zamboni) #16

I’m using NS 7.3.1611 with nethserver-sogo-1.6.11.1 package

I confirm that having this setup:

NetBIOS domain name: DOMINIO
LDAP server: 192.168.165.1
LDAP server name: DC-W2008.dominio.local
Realm: DOMINIO.LOCAL
Bind Path: dc=DOMINIO,dc=LOCAL

dNSHostName: mail.dominio-cliente.it
servicePrincipalName: imap/mail.dominio-cliente.it
servicePrincipalName: imap/mail
servicePrincipalName: pop/mail.dominio-cliente.it
servicePrincipalName: pop/mail
servicePrincipalName: smtp/mail.dominio-cliente.it
servicePrincipalName: smtp/mail
servicePrincipalName: HOST/mail.dominio-cliente.it
servicePrincipalName: HOST/MAIL

creating an user with or without an explicit email value in mail filed on AD will lead to such a situation


(Stefano Zamboni) #17

Using my fragment, creating an user without an explicit email address I see:


(Stefano Zamboni) #18

ok, clean install of TB 52.4.0 32 bit on a new w10 pro joined to the domain, installed sogo-connector-31.0.5.xpi, created a new account

in the debugger console I read:

NS_ERROR_MALFORMED_URI: Component returned failure code: 0x804b000a
(NS_ERROR_MALFORMED_URI) [nsIIOService2.newURI] sogoWebDAV.js:157
_makeURI chrome://inverse-library/content/sogoWebDAV.js:157:16
sogoWebDAV.prototype._sendHTTPRequest
chrome://inverse-library/content/sogoWebDAV.js:174:51
sogoWebDAV.prototype.load
chrome://inverse-library/content/sogoWebDAV.js:374:13
sogoWebDAV.prototype.propfind
chrome://inverse-library/content/sogoWebDAV.js:441:9
GroupDavSynchronizer.prototype.fillServerHashes
chrome://sogo-connector/content/general/sync.addressbook.groupdav.js:323:9
GroupDavSynchronizer.prototype.start
chrome://sogo-connector/content/general/sync.addressbook.groupdav.js:187:17
GetSyncNotifyGroupdavAddressbook/sync.notify
chrome://sogo-connector/content/general/sync.addressbook.groupdav.js:1716:13
startFolderSync
chrome://sogo-connector/content/addressbook/messenger.groupdav.overlay.js:244:13
OnLoadMessengerOverlay
chrome://sogo-connector/content/addressbook/messenger.groupdav.overlay.js:87:9

sorry for the bad formatting, can’t make a simple copy and paste

And it simply doesn’t work


(Stefano Zamboni) #19

DOH!

now it works… and I didn’t touch anything :expressionless:
will investigate
Thank you


(Stéphane de Labrusse) #20

I recall something similar to your issue, we talked about sometime ago with davidep. I tought the issue was solved by an update because i tested last night with a fresh vm

Start the vm
Full update
Install nethserver-dc
Install nethserver-sogo

Like i said i cannot reproduce your issue but we might do some changes like you introduced

Do others can test and see if the domain name in sogo is a dummy or good one ?