Webtop + Ldap auth mail problem

Hello all,

I’m new to Nethserver and testing currently testing it to replace a mailcow+nextcloud dockers (growing tired of docker).

I’m using LDAP auth (provided by an IPA server). Works well everywhere (didn’t bind nethserver to it), I can log in to Nextcloud, IMAP, etc.

But with Webtop, while logging in works fine, I get 2 errors:

• 1 error with no details
• 1 error “Mail account authentication error” a couple of seconds after

Here’s an extract of the webtop log.

2019-12-15 20:22:35 [ERROR] com.sonicle.webtop.mail.Service - Error connecting to the mail server localhost
javax.mail.AuthenticationFailedException: [AUTHENTICATIONFAILED] Authentication failed.
        at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:725)
        at javax.mail.Service.connect(Service.java:366)
        at com.sonicle.webtop.mail.MailAccount.connect(MailAccount.java:368)
        at com.sonicle.webtop.mail.MailAccount.validateUser(MailAccount.java:427)
        at com.sonicle.webtop.mail.MailAccount.checkStoreConnected(MailAccount.java:341)
        at com.sonicle.webtop.mail.Service.initialize(Service.java:465)
        at com.sonicle.webtop.core.app.ServiceManager.instantiatePrivateService(ServiceManager.java:869)
        at com.sonicle.webtop.core.app.WebTopSession.internalInitPrivateEnvironment(WebTopSession.java:515)
        at com.sonicle.webtop.core.app.WebTopSession.initPrivateEnvironment(WebTopSession.java:416)
        at com.sonicle.webtop.core.app.servlet.UIPrivate.processRequest(UIPrivate.java:136)
        at com.sonicle.webtop.core.app.AbstractServlet.doGet(AbstractServlet.java:73)

And in the imap log:

Dec 15 20:58:04 nstest dovecot: imap-login: Disconnected (auth failed, 1 attempts in 4 secs): user=<user@domain.net>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<HfUVg8OZQo1/AAAB>
Dec 15 20:58:23 nstest dovecot: imap-login: Disconnected (auth failed, 1 attempts in 8 secs): user=<user@domain.net>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<2O8AhMOZTo1/AAAB>
Dec 15 20:58:33 nstest dovecot: imap-login: Disconnected (auth failed, 1 attempts in 4 secs): user=<user@domain.net>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<LgHPhMOZWI1/AAAB>

But login from Thunderbird works:

Dec 15 20:58:55 nstest dovecot: imap-login: Login: user=<user>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=21848, secured, session=<v3xZhsOZYI1/AAAB>
Dec 15 20:58:55 nstest dovecot: imap(user@domain.net): Logged out in=46 out=551

Does someone have a clue on what could be going wrong?

Thanks a lot!

Would you please elaborate a bit your setup?

Hi @etique57,
if I understand correctly we are talking about a remote LDAP server as an account provider, is that right ?

In this case, you have taken a look at the manual here ?

After changing the configuration of the provider account, if it still does not work, try to run this event:

signal-event nethserver-webtop5-update

Let me know

Hello @pike
(sorry I thought I add typed and posted a response but for some reason it didn’t go through!!)

I just meant that I didn’t register nethserver to my freeipa instance, so essentially I’m using the local PAM database to log into my Nethserver. Else I’m only using the remote LDAP from FreeIPA to log into the applications.

Is it clearer?

Hello @lucag,
You are right, I’m using the remote LDAP, with the LDAP server being the one from my Freeipa instance.

I’m away from home right now but I’ll try what you pointed at as soon as I get back and let you know!
Thanks a lot!

Hello, sorry for the late reply.

I had some troubles with my Fedora 29 IPA installation so I decided to upgraded to F31, it took a few days. I feel it’s behaving a bit better, anyway.

@lucag i tried what you recommededed but to no avail. I tried several variations (local LDAP, joined AD) which work, but with FreeIPA (remote bind) it doesnt.

I tried also with SOGO and FreeIPA, and I have no problems at all, so I’ll stick to SOGO (I wanted to check webtop and the NextCloud integration).