WebTop4 and Samba4 AD on NS 7

GG_jr · September 6, 2016, 9:28pm

Hi everybody!

I decided to start this topic because of some facts that have happened in the last few months:

The decision made by Inverse regarding SOGo.
The decision made by Nethesis to use WebTop as the main email groupware app on NS 7.
Samba4 Active Directory on NS 7.

There are a lot of discussions here about WebTop and NS but I think is better to split them in two main directions, based on how the users are authenticated:

by OpenLDAP
by Samba AD:
- locally
- remotely

Thus, we will have two distinct approaches, each with its peculiarities, at least during the first configuration.
Maybe I’m wrong and there is no reason to do this split.

Anyway, in this topic I will address the following situation: WebTop with Samba AD running locally.
This situation is pretty common for SOHO environment, when we have a single dedicated server (bare metal server).

I invite all who want to test or have tested this kind of configuration, to share their own experience or to rise issues.

I’m sure that the Nethesis Team (@alefattorini, @davidep, @filippo_carletti, @giacomo) and the WebTop Team (@gabriele_bulfon, @raffaele_fullone) will be here to assist and help us, when necessary.

Kind regards,
Gabriel

PS:

Because today I made some tests with SOGo and I don’t want that the installation of the NS Beta2 to be altered, tomorrow I will do a new installation from scratch and I will begin the tests with WebTop and Samba AD.

davidep · September 7, 2016, 8:05am

Any test involving Samba AD on ns7 must be aware of this bug:

Please let me know if you hit that bug!

GG_jr · September 7, 2016, 8:13am

Hi Davide,

Yes, the bug hit me!

After that, I created the user without password and I changed the password after, without issues.
The next user was created without issues, even I set the password during the process.

I’m not at the office now.
I will retest from scratch in the afternoon.

BR,
Gabriel

davidep · September 7, 2016, 8:17am

Could you share your system journals, like @JeffBales did here?

You should preserve the evidence of the failed command during the esmith event: “Failed to get machine PTY…”

GG_jr · September 7, 2016, 8:20am

I will put on Google Drive and I will share the link.

GG_jr · September 7, 2016, 5:37pm

All logs (/var/log):
https://drive.google.com/open?id=0B1DQ23OY7TYkSmJoRDJhLWwzMDQ

All journal (/root):
https://drive.google.com/open?id=0B1DQ23OY7TYkVGRXVTN6T3Z1Zlk

Unfortunately, today I didn’t “hit” the office.
Tomorrow morning I will start the new tests with WebTop and Samba4 AD. I hope!

GG_jr · September 11, 2016, 12:32am

After I have followed the installation procedure as described here:

Failed to get machine PTY: No such file or directory

I have installed and configured these packages from Software center:

Email (Email server and filter)
POP3 proxy (Intercept POP3 connections and scan messages for virtus and spam)
SMTP proxy (SMTP proxy)
Basic firewall (Configure network adapters and basic firewall) - automatically installed

Then, I have installed

WebTop groupware (WebTop groupware)
package from Software center.

After I have launched the WebTop app from Status -> Application and I introduced the login credentials (Username: admin; Password: admin), the following error page has appeared, even if the server was rebooted (please see the attached print screen).

Link for “Tomcat” folder from /var/log:

https://drive.google.com/open?id=0B1DQ23OY7TYkTm8yd0JibnFhSlk

Please advise!

PS:
Is not the first time when I encountered this issue.
At those times, there were only simple tests to see how WebTop looks and I solved by reinstalling the NS. So, is not related to the “PTY” issue.

giacomo · September 11, 2016, 9:50am

It looks like something is wrong with the authentication config. Try to execute:

signal-event nethserver-webtop4-update

GG_jr · September 11, 2016, 11:24am

Hi Giacomo,

Thank you for your sugestion.

I tried.
Unfortunately, didn’t work.
The same message.

EDIT:

It seems to me like a PostgreSQL issue.

I found this “main” error messages in /var/log/tomcat/localhost.2016-09-11.log:

Sep 11, 2016 2:47:57 PM org.apache.catalina.core.ApplicationContext log
SEVERE: Error loading profile org.postgresql.util.PSQLException: ERROR: relation “groups_users” does not exist
Position: 15
…

Sep 11, 2016 2:47:57 PM org.apache.catalina.core.ApplicationContext log
SEVERE: error creating environment com.sonicle.webtop.WebTopException: ERROR: relation “groups_users” does not exist
Position: 15
…

Sep 11, 2016 2:47:57 PM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet [Start] in context with path [/webtop] threw exception [java.lang.NullPointerException] with root cause java.lang.NullPointerException

giacomo · September 12, 2016, 7:44am

It seems something is missing in the db, I’m trying to reproduce it.
In the meanwhile, check if the db has been correctly created:

Open the webtop db using psql:

su - postgres -c “psql webtop”
Try a simple query:

select * from groups_users;

This is the output from my installation:

webtop=# select * from groups_users;
uid | iddomain | grouplogin | userlogin
-----±---------±-----------±----------
(0 rows)

GG_jr · September 12, 2016, 7:48am

Done!

giacomo · September 12, 2016, 8:00am

The database has not been created.
You should try to dig in the log when webtop was installed, the error should be inside the nethserver-webtop4-update event.

This is the scripts which creates the db:/etc/e-smith/events/actions/nethserver-webtop4-conf

GG_jr · September 12, 2016, 8:31am

Here is the link to the message log regarding WebTop installation:

https://drive.google.com/open?id=0B1DQ23OY7TYkeDU1NjZzYjU4MnM

I have installed WebTop for many times.
Sometimes it works from the first installation attempt, sometimes I have encountered this issue.

giacomo · September 12, 2016, 9:02am

I found this error in your log:

Sep 11 01:56:24 pdc-ad esmith::event[22709]: ERROR: language “plpgsql” already exists

It seems something related stored procedure. Maybe Webtop does something during the start?
I hope @gabriele_bulfon have some ideas

By the way I couldn’t replicate the problem.

GG_jr · September 12, 2016, 9:09am

Yeah …
As I told you, sometimes it works from the first installation attempt, sometimes I have encountered this issue.

I will wait @gabriele_bulfon before reinstall NS.

Or, how could I uninstall WebTop “in all” (webTop and all dependencies) so after that to reinstall it from Software center?

Thank you,
Gabriel

gabriele_bulfon · September 12, 2016, 9:34am

Hi,

there is a postgres function we have created for Nethesis to allow automatic deletion of a single user when that user is deleted from the entire system (ldap etc).
This function is written in plpgsql.
For this reason, the webtop initialization script of NethServer has sql code to ensure that this language is installed (via a “create language plpgsql”).
I bet there are times where postgres is already in use on the system and have plpgsql already installed, causing the error on that sql statement.

Is this the case?

Gabriele

GG_jr · September 12, 2016, 10:21am

Hi Gabriele,

Thank you for your response.

First, I don’t know what do you mean when you refer to “language”. Is about “programmer language” or about “language” as English, Italian, …
If is the last case, I always use English (US).

The PGSQL was installed by WebTop.
The installation of the WebTop was like I have described above.

Usually, when I have installed WebTop I had only one user created: Samba AD Administrator.

I will reinstall NS and WebTop from scratch, by this procedure:

Install NS 7b2 from scratch (bare-metal server).
Make all updates.
Edit the “Organizations contacts”.
Edit the “Self-signed certificate”.
Install the “Account provider: Samba Active Directory” package, from Software center.
Install the “fix” for Samba AD by @davidep
Configure Samba AD
admin-todo reminder on Dashboard for Administrator’s password: Change password for user administrator@test.abt.ro (first time, from “Nethesis,1234”)
Install Email (Email server and filter)
Install POP3 proxy (Intercept POP3 connections and scan messages for virtus and spam)
Install SMTP proxy (SMTP proxy)
Install Basic firewall (Configure network adapters and basic firewall) - automatically installed
Install WebTop groupware (WebTop groupware)

One question please (also for @davidep and @giacomo)

The FQDN of the server will be “pdc-ad.test.abt.ro”.
As I said, I intend to test this configuration as AiO Server.
The registrations for mail server (MX, …) are kept on an External Name Server.
I think that I must to create an alias: Configuration -> DNS -> Server alias -> Create New: mail.test.abt.ro. Is this correct?
If YES, when I must create this alias: before install WebTop, or after? (By me, doesn’t matter, but …)

TIA,
Gabriel

gabriele_bulfon · September 12, 2016, 10:36am

It is the language used by the postgres store procedures.
It looks like some of install steps preceding Webtop, is already creating the plpgsql, and this is not a considered case by the NethServer Webtop install script.
Maybe @giacomo can find some way to run all the webtop install script without the “create language”, and create that in a separate script that is not blocking when failing?

Gabriele

giacomo · September 12, 2016, 1:33pm

You don’t need it (@davidep please correct me if I’m wrong).

I suppose the issue is in this line: nethserver-webtop4/root/usr/share/webtop/webtop.sql at f97de3c4dfb7268b3ec083320052aa8e655c55f2 · NethServer/nethserver-webtop4 · GitHub

Am I correct?
Can we replace it with the following?

CREATE OR REPLACE plpgsql;

From: PostgreSQL: Documentation: 9.0: CREATE LANGUAGE

I’m ok also with removing the entire line, but I have no idea about the effects.

gabriele_bulfon · September 12, 2016, 1:48pm

Yes, I think this is the solution, just check that you have version 9 of Postgres.
In any case, just check it works on a bare machine where you didn’t install webtop yet.