Zentyal Forum, Linux Small Business Server
Zentyal Server => Email and Groupware => Topic started by: Lumanet2012 on November 28, 2022, 09:21:15 pm
-
Hello,
I am running out of ideas and knowledge.
I installed a new 7.0 CE setup with 2 domains and AD Controller as well as DNS, Radius and SOGo Web Email.
I am new to this but the struggle is 2 folded :
https://prnt.sc/np6Da_MZjgwI
In the Admin Portal I created a new user within the Domain but can't add an Email account to it even Domain's are created and been used on the DNS side already and for the AD side as well. In case the picture don't work the error message I receive within the AD section to create a user at the bottom of the User where you should be able to create/select the Mail Account I get this error message:
Mail account is unavailable because either there isn't any mail virtual domain created or you need to save changes in order to activate the new domains.
How can I fix this/troubleshoot it?
The 2nd issue I did create a TEST User:
https://<FQDN>/SOGo/
The login screen does do work and I can login with the user ID not the Email address and proper password just fine.
But once I logged in I can only access the address book, calendar and other features, but the MAILBOX is not working.
https://prnt.sc/3w9D9x_A5LFw
So once you logged in the mailbox is "blank"
looking at the SOGo log file I see this :
Nov 28 15:15:57 sogod [102496]: [ERROR] <0x0x556c1981e800[NGImap4ConnectionManager]> IMAP4 login failed:
host=10.0.0.255, user=admin@mynaturesdelight.com, pwd=yes
url=imap://admin%40mynaturesdelight.com@10.0.0.255:143/?tls=NO&tlsVerifyMode=default
base=(null)
base-class=(null))
= <0x0x556c1a182d30[NGImap4Client]: login=admin@mynaturesdelight.com(pwd) socket=<NGActiveSocket[0x0x556c1a0845f0]: mode=rw address=<0x0x556c1a00b090[NGInternetSocketAddress]: host=email.mynaturesdelight.com port=29148> connectedTo=<0x0x556c19fa13d0[NGInternetSocketAddress]: host=10.0.0.255 port=143>>>
Nov 28 15:15:57 sogod [102496]: <0x556c1a155b50[SOGoMailAccount]:0> renewing imap4 password
Nov 28 15:15:59 sogod [102496]: [ERROR] <0x0x556c1981e800[NGImap4ConnectionManager]> IMAP4 login failed:
host=10.0.0.255, user=admin@mynaturesdelight.com, pwd=yes
url=imap://admin%40mynaturesdelight.com@10.0.0.255:143/?tls=NO&tlsVerifyMode=default
base=(null)
base-class=(null))
= <0x0x556c1a1a0d20[NGImap4Client]: login=admin@mynaturesdelight.com(pwd) socket=<NGActiveSocket[0x0x556c1a1d8220]: mode=rw address=<0x0x556c1a1904f0[NGInternetSocketAddress]: host=email.mynaturesdelight.com port=29154> connectedTo=<0x0x556c1a155400[NGInternetSocketAddress]: host=10.0.0.255 port=143>>>
Nov 28 15:15:59 sogod [102496]: [ERROR] <0x556c1a155b50[SOGoMailAccount]:0> Could not connect IMAP4
I do like to know what can be done and what I do need to check or do in order to make this work.
Thank you for all the help
-
Hi,
Apparently, you did not configure a virtual mail domain in 'Mail -> Virtual Domains' as the following link explains.
* https://doc.zentyal.org/en/mail.html#creation-of-email-accounts-through-virtual-domains
As soon as you create the virtual mail domain (the mail module must be enabled) you will be able to create the email address in the domain user as the above link explains.
When the mail module is enabled, the virtual mail domain is created as well as the email in the domain user, you will be able to login in Sogo and see the user's mailbox.
--
“This world is ours, and by the Holy Light we will keep it safe, now and forever".
-
That would be a valid point but I do have it setup :
https://prnt.sc/UFq9dJpSz-io
-
That would be a valid point but I do have it setup :
https://prnt.sc/UFq9dJpSz-io
A few things come to my mind that may help:
1. Is the domain 'mynaturesdelight.com' configured in the Domain Controller and DNS modules?
2. Try to disable the mail module, save changes, and enable it again and save changes.
3. With the mail module enabled, check the status of the services.
sudo zs mail status
sudo systemctl status postfix dovecot
4. Try to restart the Webmail module (Sogo):
sudo zs sogo restart
5. Ensure the virtual mail domain exists in the filesystem:
sudo ls -laR /var/vmail/
6. Use a private window in the browser.
7. Finally, analyze the log files:
* /var/log/zentyal/zentyal.log
* /var/log/syslog
* /var/log/mail.err
* /var/log/sogo/sogo.log
Hope it helps you to find out where is the issue.
--
“This world is ours, and by the Holy Light we will keep it safe, now and forever".
-
Thank you for those tips and yes something ain't right :
root@dal-email01:~# [b]zs mail status[/b]
Zentyal: status module mail: [ [b]STOPPED[/b] ]
root@dal-email01:~# [b]systemctl status postfix dovecot[/b]
● postfix.service - Postfix Mail Transport Agent
Loaded: loaded (/lib/systemd/system/postfix.service; disabled; vendor preset: enabled)
Active: active (exited) since Thu 2022-12-01 12:12:46 EST; 7min ago
Main PID: 2641 (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 4606)
Memory: 0B
CGroup: /system.slice/postfix.service
Dec 01 12:12:46 dal-email01 systemd[1]: Starting Postfix Mail Transport Agent...
Dec 01 12:12:46 dal-email01 systemd[1]: Finished Postfix Mail Transport Agent.
● dovecot.service - Dovecot IMAP/POP3 email server
Loaded: loaded (/lib/systemd/system/dovecot.service; disabled; vendor preset: enabled)
Active: active (running) since Thu 2022-12-01 12:12:56 EST; 7min ago
Docs: man:dovecot(1)
http://wiki2.dovecot.org/
Main PID: 3504 (dovecot)
Tasks: 4 (limit: 4606)
Memory: 7.3M
CGroup: /system.slice/dovecot.service
├─3504 /usr/sbin/dovecot -F
├─3506 dovecot/anvil
├─3507 dovecot/log
└─3508 dovecot/config
Dec 01 12:12:56 dal-email01 systemd[1]: Started Dovecot IMAP/POP3 email server.
Dec 01 12:12:56 dal-email01 dovecot[3504]: master: Dovecot v2.3.7.2 (3c910f64b) starting up for imap, sieve, pop3 (core dumps disabled)
So I rebooted the Server and did some OS upgrades. This is on a Ubuntu 20.04.5 LTS with latest updates.
I always have to manually start dovecot and postfix which do start just fine.
root@dal-email01:~# ls -laR /var/vmail/
/var/vmail/:
total 12
drwxr-xr-x 3 ebox ebox 4096 Oct 14 16:50 .
drwxr-xr-x 15 root root 4096 Nov 25 15:41 ..
drwxrwsr-x 2 ebox ebox 4096 Oct 14 16:50 sieve
/var/vmail/sieve:
total 8
drwxrwsr-x 2 ebox ebox 4096 Oct 14 16:50 .
drwxr-xr-x 3 ebox ebox 4096 Oct 14 16:50 ..
root@dal-email01:~# ^C
So I noticed the Domain don't exist on the /var/vmail side.
But I do know DNS it is there because it resolve, and I know the AD is also there as well as LDAP is there too.
So the AD looks like this :
https://prnt.sc/V7a-ngx9Upy0
https://prnt.sc/CR6TH7z2PVsk
/var/log/zentyal/zentyal.log :
2022/12/01 12:55:21 ERROR> Sudo.pm:240 EBox::Sudo::_rootError - root command samba-tool group addmembers 'Domain Admins' zentyal-mail-dal-email01 failed.
Error output: lpcfg_do_global_parameter: WARNING: The "lanman auth" option is deprecated
ldb_wrap open of secrets.ldb
string_to_sid: SID zentyal-mail-dal-email01 is not in a valid format
ERROR: Failed to add members ['zentyal-mail-dal-email01'] to group "Domain Admins" - (68, 'Attribute member already exists for target GUID 43f46327-4f71-46b9-a22b-bed2caf550e6')
File "/usr/lib/python3/dist-packages/samba/netcmd/group.py", line 286, in run
samdb.add_remove_group_members(groupname, groupmembers,
File "/usr/lib/python3/dist-packages/samba/samdb.py", line 391, in add_remove_group_members
self.modify_ldif(addtargettogroup)
File "/usr/lib/python3/dist-packages/samba/__init__.py", line 242, in modify_ldif
self.modify(msg, controls)
Command output: .
Not sure why this is thrown....
syslog also throws a bit :
Dec 1 12:55:48 dal-email01 systemd[1]: This usually indicates unclean termination of a previous run, or service implementation deficiencies.
Dec 1 12:55:48 dal-email01 systemd[1]: Starting LSB: SOGo server...
Dec 1 12:55:48 dal-email01 sogo[14843]: * Starting SOGo sogo
Dec 1 12:55:49 dal-email01 sogo[14843]: ...done.
Dec 1 12:55:49 dal-email01 systemd[1]: Started LSB: SOGo server.
Dec 1 12:55:49 dal-email01 systemd[1]: Stopping The Apache HTTP Server...
Dec 1 12:55:49 dal-email01 systemd[1]: apache2.service: Succeeded.
Dec 1 12:55:49 dal-email01 systemd[1]: Stopped The Apache HTTP Server.
Dec 1 12:55:49 dal-email01 systemd[1]: Starting The Apache HTTP Server...
Dec 1 12:55:49 dal-email01 systemd[1]: Started The Apache HTTP Server.
Dec 1 12:57:51 dal-email01 samba[2402]: [2022/12/01 12:57:51.765062, 0] ../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Dec 1 12:57:51 dal-email01 samba[2402]: /usr/sbin/samba_kcc: lpcfg_do_global_parameter: WARNING: The "lanman auth" option is deprecated
Dec 1 13:02:35 dal-email01 samba[2405]: [2022/12/01 13:02:35.441920, 0] ../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Dec 1 13:02:35 dal-email01 samba[2405]: /usr/sbin/samba_spnupdate: lpcfg_do_global_parameter: WARNING: The "lanman auth" option is deprecated
Dec 1 13:02:35 dal-email01 samba[2405]: [2022/12/01 13:02:35.572272, 0] ../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Dec 1 13:02:35 dal-email01 samba[2405]: /usr/sbin/samba_dnsupdate: lpcfg_do_global_parameter: WARNING: The "lanman auth" option is deprecated
Dec 1 13:02:38 dal-email01 systemd[1]: proc-sys-fs-binfmt_misc.automount: Got automount request for /proc/sys/fs/binfmt_misc, triggered by 15135 (find)
Dec 1 13:02:38 dal-email01 systemd[1]: Mounting Arbitrary Executable File Formats File System...
Dec 1 13:02:38 dal-email01 systemd[1]: Mounted Arbitrary Executable File Formats File System.
Dec 1 13:02:51 dal-email01 samba[2402]: [2022/12/01 13:02:51.870541, 0] ../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Dec 1 13:02:51 dal-email01 samba[2402]: /usr/sbin/samba_kcc: lpcfg_do_global_parameter: WARNING: The "lanman auth" option is deprecated
Dec 1 13:06:36 dal-email01 snmpd[998]: Cannot statfs /sys/kernel/debug/tracing: Permission denied
Dec 1 13:07:51 dal-email01 samba[2402]: [2022/12/01 13:07:51.962058, 0] ../../lib/util/util_runcmd.c:352(samba_runcmd_io_handler)
Dec 1 13:07:51 dal-email01 samba[2402]: /usr/sbin/samba_kcc: lpcfg_do_global_parameter: WARNING: The "lanman auth" option is deprecated
Dec 1 13:11:35 dal-email01 snmpd[998]: Cannot statfs /sys/kernel/debug/tracing: Permission denied
mail.err just argues about the SSL but I will fix that :
Dec 1 11:40:06 dal-email01 dovecot: pop3-login: Error: Failed to initialize SSL server context: Can't load SSL certificate: There is no valid PEM certificate.: user=<>, rip=45.155.126.4, lip=162.251.146.150, session=<anSk38buVr8tm34E>
By looking at this I think it's either the SSL but for sure the vmail domain not been proper created. I even added a 2nd one and it did not show either. So for sure it's there what cause the issue.
Any idea ?
-
UPDATE :
so I did fix the SSL issue in dovecot :
ssl_cert = </etc/ssl/certs/mynaturesdelight.com.crt
ssl_key = </etc/ssl/private/mynaturesdelight.com.key
I had forgotten to leave the "<" infront of the path... so that is now fixed.
-
So since fixing now also the SSL Cert the mail status shows up as running :
zs mail status
https://prnt.sc/U94dF7NJTj5I
-
Update :
I found this :
root@dal-email01:/var/vmail# zs mail start
* Restarting Zentyal module: mail [fail]
root command samba-tool group addmembers 'Domain Admins' zentyal-mail-dal-email01 failed.
Error output: lpcfg_do_global_parameter: WARNING: The "lanman auth" option is deprecated
ldb_wrap open of secrets.ldb
string_to_sid: SID zentyal-mail-dal-email01 is not in a valid format
ERROR: Failed to add members ['zentyal-mail-dal-email01'] to group "Domain Admins" - (68, 'Attribute member already exists for target GUID 43f46327-4f71-46b9-a22b-bed2caf550e6')
File "/usr/lib/python3/dist-packages/samba/netcmd/group.py", line 286, in run
samdb.add_remove_group_members(groupname, groupmembers,
File "/usr/lib/python3/dist-packages/samba/samdb.py", line 391, in add_remove_group_members
self.modify_ldif(addtargettogroup)
File "/usr/lib/python3/dist-packages/samba/__init__.py", line 242, in modify_ldif
self.modify(msg, controls)
Command output: .
Exit value: 255
root@dal-email01:/var/vmail# zs mail status
Zentyal: status module mail: [ STOPPED ]
root@dal-email01:/var/vmail# ^C
root@dal-email01:/var/vmail# samba-tool group removemembers 'Domain Admins' zentyal-mail-dal-email01
lpcfg_do_global_parameter: WARNING: The "lanman auth" option is deprecated
ldb_wrap open of secrets.ldb
string_to_sid: SID zentyal-mail-dal-email01 is not in a valid format
Removed members from group Domain Admins
root@dal-email01:/var/vmail# zs mail status
Zentyal: status module mail: [ STOPPED ]
root@dal-email01:/var/vmail# zs mail start
* Restarting Zentyal module: mail [ OK ]
root@dal-email01:/var/vmail#
somehow running this command : samba-tool group removemembers 'Domain Admins' zentyal-mail-dal-email01
it now enabled the Mail service to start
And now it also let me do the EMAIL config :
https://prnt.sc/s5e5mMd05G4b
Ok now I do can work a lot more still SOGo is an issue :
Dec 01 16:41:57 sogod [7271]: [ERROR] <0x0x55831c1b6960[NGImap4ConnectionManager]> IMAP4 login failed:
host=127.0.0.1, user=obecker@mynaturesdelight.com, pwd=yes
url=imap://obecker%40mynaturesdelight.com@127.0.0.1:143/?tls=NO&tlsVerifyMode=default
base=(null)
base-class=(null))
= <0x0x55831c9230c0[NGImap4Client]: login=obecker@mynaturesdelight.com(pwd) address=<0x0x55831c769d30[NGInternetSocketAddress]: host=127.0.0.1 port=143>>
Dec 01 16:41:57 sogod [7271]: <0x55831ca59b20[SOGoMailAccount]:0> renewing imap4 password
Dec 01 16:41:57 sogod [7271]: [ERROR] <0x0x55831c1b6960[NGImap4ConnectionManager]> IMAP4 login failed:
host=127.0.0.1, user=obecker@mynaturesdelight.com, pwd=yes
url=imap://obecker%40mynaturesdelight.com@127.0.0.1:143/?tls=NO&tlsVerifyMode=default
base=(null)
base-class=(null))
= <0x0x55831c044940[NGImap4Client]: login=obecker@mynaturesdelight.com(pwd) address=<0x0x55831c303aa0[NGInternetSocketAddress]: host=127.0.0.1 port=143>>
Dec 01 16:41:57 sogod [7271]: [ERROR] <0x55831ca59b20[SOGoMailAccount]:0> Could not connect IMAP4
Dec 01 16:41:57 sogod [7271]: 24.129.186.154 "GET /SOGo/so/obecker/Mail/0/view HTTP/1.1" 200 17/0 0.004 - - 0 - 31
Dec 01 16:41:57 sogod [7271]: [ERROR] <0x0x55831c1b6960[NGImap4ConnectionManager]> IMAP4 login failed:
host=127.0.0.1, user=obecker@mynaturesdelight.com, pwd=yes
url=imap://obecker%40mynaturesdelight.com@127.0.0.1:143/?tls=NO&tlsVerifyMode=default
base=(null)
base-class=(null))
= <0x0x55831c8b1550[NGImap4Client]: login=obecker@mynaturesdelight.com(pwd) address=<0x0x55831c8927f0[NGInternetSocketAddress]: host=127.0.0.1 port=143>>
Dec 01 16:41:57 sogod [7271]: <0x55831ca60f10[SOGoMailAccount]:0> renewing imap4 password
Dec 01 16:41:57 sogod [7271]: [ERROR] <0x0x55831c1b6960[NGImap4ConnectionManager]> IMAP4 login failed:
-
Great, the mail module is running, so users should be able to use a mail client like Thunderbird.
Regarding Sogo, things that you can check:
1. Ensure that the mailbox of the user exists in '/var/vmail/mynaturesdelight.com' and that the permissions are right (ebox:ebox , 0700).
drwx------ 3 ebox ebox 4096 nov 14 11:15 /var/vmail/somedomain.com/maria/
2. The port '143/tcp' is listening in '127.0.0.1' or 0.0.0.0.
sudo ss -tunpl | grep ':143'
3. Disable the Webadmin module, saving changes. Enable and save changes again.
4. Analysis of the configuration located at '/etc/sogo/sogo.conf', especially the section 'LDAP authentication. Basically, you must ensure that the values of the parameters: 'bindDN' and 'bindPassword' are correct. The password can be found in '/var/lib/zentyal/conf/zentyal-mail-_your_hostname.passwd' and the user: 'samba-tool group listmembers 'Domain Admins' and 'ldbsearch -H /var/lib/samba/private/sam.ldb sAMAccountName='zentyal-mail-_your_hostname'.
Hope it helps you.
--
“This world is ours, and by the Holy Light we will keep it safe, now and forever".