SOGo and AD brainstorming

Stefano_Zamboni · October 10, 2017, 8:26am

NethServer Version: 7.3.1611
Module: nethserver-sogo

Ok, I’m testing a solution for a customer
AD domain realm is something like domain.local
public domain is something like mycompany.tld

NS is successfully joined to AD domain, its only domain is mycompany.tld, I see all users and groups… so far, so good.

now…
If I use userPrincipalName AD attribute (user@domain.local), once logged I see that this is my email address… I’d edit all accounts properties to change it to user@mycompany.tld…
in sogo’s documentation I read, regarding MailFieldNames:

An array of fields that returns the user’s email addresses (defaults to mail when unset). Note that SOGo will always automatically strip the protocol value from the attribute if the attribute name is proxyAddresses.

If I create a custom fragment to unset the MailFieldNames value or to set it to “mail”, once logged in webmail I see I’m using the correct email address… but…

but once logged I see in /var/lib/nethserver/vmail a dir named user@domain.local; if I send an email to this user on its real email address (either from an external account or from an internal one) a new dir named user@mycompany.tld is created and I can’t see its content from my webmail or my email client.

since my customer has only one domain I’d like to know how to setup my NS to solve my issue or an howto to configure it in such a situation

TIA

m.traeumner · October 10, 2017, 8:52am

Which field have you changed?

SOGoMailDomain?

Stefano_Zamboni · October 10, 2017, 9:09am

no

I created a custom fragment 45user_source and in AD section I edited the MailFiledNames from

MailFiledNames = ("userPrincipalName");

to

MailFieldNames = ("mail","userPrincipalName");

m.traeumner · October 10, 2017, 12:54pm

Hi Stefano,
could you try to create a custom template with:

SOGoMailDomain = “mycompany.tld”

I can’t try at the moment, I only have a sogo at a production system.

Stefano_Zamboni · October 10, 2017, 12:59pm

I already have SOGoMailDomain with that value, without any need of custom fragment

m.traeumner · October 10, 2017, 1:02pm

@dev_team Does anybody of you have an idea?

Stefano_Zamboni · October 10, 2017, 1:05pm

I solved creating a custom fragment and setting:

IMAPLoginFieldName = mail;

instead of

IMAPLoginFieldName = userPrincipalName;

BTW, now I have a new issue (maybe 2):

if I compose a new mail and search for an internal user, both domain.local and mycompany.tld addresses are shown (and I don’t like it)
moreover, searching for an address, I get the workstations (joined to domain) names, and this is clearly a bug

hope @stephdl will jump in, I know that nethserver-sogo is a package from him

Thank you in any case for your help

Stefano_Zamboni · October 10, 2017, 1:09pm

next step is to add the openchange packages to add MAPI layer…
I see that some packages are available here:
http://ftp.altlinux.org/pub/distributions/ALTLinux/Sisyphus/x86_64/RPMS.classic/

unfortunately all openchange stuff is available (from Inverse) only on debian/ubuntu distro

anyone interested in?

stephdl · October 10, 2017, 8:23pm

I’m testing it again because with a full updated ns, when I use SOGo, the email address was not the dummy samba one.

I will back here

Realm: AD.NETHSERVERTEST.ORG
NetBIOS domain name: NETHSERVERTEST

email in sogo was toto@nethservertest.org

stephdl · October 10, 2017, 8:43pm

can you reproduce it with a full updated NS7.9… I just tried with another vm

Realm: AD.PLOP.ORG
email domain name : nethservertest.org

I see the email toto@nethservertest.org in the upper left sogo page, and not toto@AD.PLOP.ORG

m.traeumner · October 11, 2017, 7:10am

It’s interesting, but last times I tested it with zentyal (1 year ago) it was very bugy.

Stefano_Zamboni · October 11, 2017, 7:24am

thank you for your feedback
I see that altlinux packages are based on last release (20th july 2017)

BTW… I’m asked to find a real alternative to exchange… unfortunately sogo can’t be considered one, 'cause openchange is unsupported on centos and TB integration seems broken with latest releases of TB, lightning and sogo connector/integrator packages…
webmail is not an option, even if I have some customers that are using it

m.traeumner · October 11, 2017, 7:57am

I’ve tested it with thunderbird 52.4.0 SOGo Connector 31.0.3 and lightning 5.4.4, that works for me.
What are your problems?

Stefano_Zamboni · October 11, 2017, 8:01am

with connector and integrator 31.0.5 it doesn’t work… I saw some errors in TB’s debug console but now I can’t post them

m.traeumner · October 11, 2017, 8:20am

Ok, I tried with version 31.0.5 of SOGo Connector now, it works without problems, I didn’t tried with Integrator, but if you post errors later perhaps we can find the issue and I can compare the output with and without integrator.

Stefano_Zamboni · October 11, 2017, 9:37am

I’m using NS 7.3.1611 with nethserver-sogo-1.6.11.1 package

I confirm that having this setup:

NetBIOS domain name: DOMINIO
LDAP server: 192.168.165.1
LDAP server name: DC-W2008.dominio.local
Realm: DOMINIO.LOCAL
Bind Path: dc=DOMINIO,dc=LOCAL

dNSHostName: mail.dominio-cliente.it
servicePrincipalName: imap/mail.dominio-cliente.it
servicePrincipalName: imap/mail
servicePrincipalName: pop/mail.dominio-cliente.it
servicePrincipalName: pop/mail
servicePrincipalName: smtp/mail.dominio-cliente.it
servicePrincipalName: smtp/mail
servicePrincipalName: HOST/mail.dominio-cliente.it
servicePrincipalName: HOST/MAIL

creating an user with or without an explicit email value in mail filed on AD will lead to such a situation

Stefano_Zamboni · October 11, 2017, 9:41am

Using my fragment, creating an user without an explicit email address I see:

Stefano_Zamboni · October 11, 2017, 10:05am

ok, clean install of TB 52.4.0 32 bit on a new w10 pro joined to the domain, installed sogo-connector-31.0.5.xpi, created a new account

in the debugger console I read:

NS_ERROR_MALFORMED_URI: Component returned failure code: 0x804b000a
(NS_ERROR_MALFORMED_URI) [nsIIOService2.newURI] sogoWebDAV.js:157
_makeURI chrome://inverse-library/content/sogoWebDAV.js:157:16
sogoWebDAV.prototype._sendHTTPRequest
chrome://inverse-library/content/sogoWebDAV.js:174:51
sogoWebDAV.prototype.load
chrome://inverse-library/content/sogoWebDAV.js:374:13
sogoWebDAV.prototype.propfind
chrome://inverse-library/content/sogoWebDAV.js:441:9
GroupDavSynchronizer.prototype.fillServerHashes
chrome://sogo-connector/content/general/sync.addressbook.groupdav.js:323:9
GroupDavSynchronizer.prototype.start
chrome://sogo-connector/content/general/sync.addressbook.groupdav.js:187:17
GetSyncNotifyGroupdavAddressbook/sync.notify
chrome://sogo-connector/content/general/sync.addressbook.groupdav.js:1716:13
startFolderSync
chrome://sogo-connector/content/addressbook/messenger.groupdav.overlay.js:244:13
OnLoadMessengerOverlay
chrome://sogo-connector/content/addressbook/messenger.groupdav.overlay.js:87:9

sorry for the bad formatting, can’t make a simple copy and paste

And it simply doesn’t work

Stefano_Zamboni · October 11, 2017, 10:20am

DOH!

now it works… and I didn’t touch anything
will investigate
Thank you

stephdl · October 11, 2017, 10:58am

I recall something similar to your issue, we talked about sometime ago with davidep. I tought the issue was solved by an update because i tested last night with a fresh vm

Start the vm
Full update
Install nethserver-dc
Install nethserver-sogo

Like i said i cannot reproduce your issue but we might do some changes like you introduced

Do others can test and see if the domain name in sogo is a dummy or good one ?