I tried to connect sogo to the local mailserver, but if open mail tab at SOGo it shows there is an error with the communication.
So I looked at the sogo.log and found something else:
Dec 18 06:43:21 sogod [64066]: [ERROR] <0x55a8c6d37990[SOGoAppointmentFolder]:537-5F116C80-3-13FC4760> Group @MyGroup1 has no member with UID MyUser2
This is right, MyUser1 is member of group MyGroup1, but it reports this message for every group with this user. Also every other user is reported.
At the end I have the following:
It is every user at the ad who uses sogo with caldavsynchronizer. The passwords are correct and some without special characters.
This is not possible, we have one ou “Users” (only System-Users), one ou “Verwaltung” and one ou “Betrieb”.
But after I read your question I thought about my custom-template, perhaps this is the problem.
{
use NethServer::SSSD;
my $sssd = new NethServer::SSSD();
my $baseDN = $sssd->baseDN();
my $bindDN = $sssd->bindDN();
$bindDN =~ s/\\/\\\\/g;
my $userDN = $sssd->userDN();
my $groupDN = $sssd->groupDN();
my $bindPassword = $sssd->bindPassword();
my $host = $sssd->host();
my $ldapURI = $sssd->ldapURI();
# We must check if starttls is used
$tls = $sssd->startTls();
if ($tls){
$ldapURI = $ldapURI . '/????!StartTLS';
}
# select the email field in case of Microsotf AD bind
my $CustomEmailField = $sogod{'CustomEmailField'} || 'userPrincipalName';
if ($sssd->isLdap){
# user source: ldap
$OUT .= <<EOF
/* 45 ldap authentication */
SOGoUserSources =(
\{
id = groups;
type = ldap;
CNFieldName = cn;
UIDFieldName = cn;
IDFieldName = cn;
baseDN = "$groupDN";
bindDN = "$bindDN";
bindPassword = "$bindPassword";
scope = ONE;
canAuthenticate = YES;
MailFieldNames = ("mail");
displayName = "$SystemName groups";
hostname = $ldapURI;
isAddressBook = YES;
\},
\{
id = users;
type = ldap;
CNFieldName = cn;
UIDFieldName = uid;
IDFieldName = mail;
bindFields = (
mail,
uid
);
IMAPLoginFieldName = mail;
baseDN = "$userDN";
bindDN = "$bindDN";
bindPassword = "$bindPassword";
scope = ONE;
MailFieldNames = ("mail");
canAuthenticate = YES;
displayName = "$SystemName users";
hostname = $ldapURI;
isAddressBook = YES;
\}
);
EOF
} elsif($sssd->isAD){
# user source: AD
$bindPassword =~ s/"/\"/;
$OUT .= <<EOF
/* 45 AD authentication */
SOGoUserSources =(
\{
id = AD_Users_1;
type = ldap;
CNFieldName = cn;
IDFieldName = sAMAccountName;
UIDFieldName = sAMAccountName;
IMAPLoginFieldName = $CustomEmailField;
canAuthenticate = YES;
bindDN = "$bindDN";
bindPassword = "$bindPassword";
baseDN = "OU=MyOrganisationUnit_1,DC=MyDomainName,DC=local";
bindFields = (
sAMAccountName,
$CustomEmailField
);
hostname = $ldapURI;
filter = "(objectClass='user') AND (sAMAccountType=805306368)";
MailFieldNames = ("$CustomEmailField");
scope = SUB;
displayName = "$DomainName users";
isAddressBook = YES;
\},
\{
id = AD_Users_2;
type = ldap;
CNFieldName = cn;
IDFieldName = sAMAccountName;
UIDFieldName = sAMAccountName;
IMAPLoginFieldName = $CustomEmailField;
canAuthenticate = YES;
bindDN = "$bindDN";
bindPassword = "$bindPassword";
baseDN = "OU=MyOrganisationUnit_2,DC=MyDomainName,DC=local";
bindFields = (
sAMAccountName,
$CustomEmailField
);
hostname = $ldapURI;
filter = "(objectClass='user') AND (sAMAccountType=805306368)";
MailFieldNames = ("$CustomEmailField");
scope = SUB;
displayName = "$DomainName users";
isAddressBook = YES;
\},
\{
id = AD_Groups_1;
type = ldap;
CNFieldName = name;
IDFieldName = sAMAccountName;
UIDFieldName = sAMAccountName;
canAuthenticate = YES;
bindDN = "$bindDN";
bindPassword = "$bindPassword";
baseDN = "OU=MyOrganisationUnit_1,DC=MyDomainName,DC=local";
hostname = $ldapURI;
filter = "(objectClass='group') AND (sAMAccountType=268435456)";
MailFieldNames = ("mail");
scope = SUB;
displayName = "$DomainName groups";
isAddressBook = YES;
\},
\{
id = AD_Groups_2;
type = ldap;
CNFieldName = name;
IDFieldName = sAMAccountName;
UIDFieldName = sAMAccountName;
canAuthenticate = YES;
bindDN = "$bindDN";
bindPassword = "$bindPassword";
baseDN = "OU=MyOrganisationUnit_2,DC=MyDomainName,DC=local";
hostname = $ldapURI;
filter = "(objectClass='group') AND (sAMAccountType=268435456)";
MailFieldNames = ("mail");
scope = SUB;
displayName = "$DomainName groups";
isAddressBook = YES;
\}
);
EOF
}
}
I’ve found, why I didn’t have a connection to the mail server. sssd service was disabled, I don’t know why.
After enabling it, I’ve no problems with mail.