Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1] 2
1
Email and Groupware / SOGoTrustProxyAuthentication = YES results in IMAP4 login failed
« on: October 15, 2017, 01:13:03 pm »
Hello all,
I'm implementing 2FA to strengthen my webmail security using this great project - https://github.com/clems4ever/authelia
Following https://sogo.nu/nc/support/faq/article/how-to-use-webauth-with-sogo-2.html login is working and the user gets passed into the SOGo webmail with access to contacts and calendar, however no emails show as the IMAP login fails as no password is passed, however no password is available as the authentication has been handled before reaching SOGo.
The SOGo logs shows;
Oct 15 12:03:36 sogod [7]: [ERROR] <0x0x56494a8b8b30[NGImap4ConnectionManager]> IMAP4 login failed:
host=10.10.1.101, user=user@domain.email, pwd=no
url=imaps://user%40domain.email@10.10.1.101/?tls=YES
base=(null)
base-class=(null))
= <0x0x56494a9ffba0[NGImap4Client]: login=user@domain.email(pwd) socket=<NGActiveSSLSocket[0x0x56494acc7130]: mode=rw address=(null)>>
Oct 15 12:03:36 sogod [7]: <0x56494aba22f0[SOGoMailAccount]:0> renewing imap4 password
Oct 15 12:03:36 sogod [7]: [ERROR] <0x56494aba22f0[SOGoMailAccount]:0> no IMAP4 password available
Oct 15 12:03:36 sogod [7]: [ERROR] <0x56494aba22f0[SOGoMailAccount]:0> Could not connect IMAP4
And in the mail.log
Oct 15 12:07:29 zentyal dovecot: imap-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<user@domail.email>, method=PLAIN, rip=10.10.1.105, lip=10.10.1.101, TLS: Disconnected, session=<qFww5ZNbUgAKCgFp>
Oct 15 12:07:32 zentyal dovecot: imap(user@domain.email): Disconnected: Logged out in=24114 out=752986
Any ideas if it's possible to authenticate dovecote with just the username etc?
Thanks.
I'm implementing 2FA to strengthen my webmail security using this great project - https://github.com/clems4ever/authelia
Following https://sogo.nu/nc/support/faq/article/how-to-use-webauth-with-sogo-2.html login is working and the user gets passed into the SOGo webmail with access to contacts and calendar, however no emails show as the IMAP login fails as no password is passed, however no password is available as the authentication has been handled before reaching SOGo.
The SOGo logs shows;
Oct 15 12:03:36 sogod [7]: [ERROR] <0x0x56494a8b8b30[NGImap4ConnectionManager]> IMAP4 login failed:
host=10.10.1.101, user=user@domain.email, pwd=no
url=imaps://user%40domain.email@10.10.1.101/?tls=YES
base=(null)
base-class=(null))
= <0x0x56494a9ffba0[NGImap4Client]: login=user@domain.email(pwd) socket=<NGActiveSSLSocket[0x0x56494acc7130]: mode=rw address=(null)>>
Oct 15 12:03:36 sogod [7]: <0x56494aba22f0[SOGoMailAccount]:0> renewing imap4 password
Oct 15 12:03:36 sogod [7]: [ERROR] <0x56494aba22f0[SOGoMailAccount]:0> no IMAP4 password available
Oct 15 12:03:36 sogod [7]: [ERROR] <0x56494aba22f0[SOGoMailAccount]:0> Could not connect IMAP4
And in the mail.log
Oct 15 12:07:29 zentyal dovecot: imap-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<user@domail.email>, method=PLAIN, rip=10.10.1.105, lip=10.10.1.101, TLS: Disconnected, session=<qFww5ZNbUgAKCgFp>
Oct 15 12:07:32 zentyal dovecot: imap(user@domain.email): Disconnected: Logged out in=24114 out=752986
Any ideas if it's possible to authenticate dovecote with just the username etc?
Thanks.
2
Installation and Upgrades / nginx-auth-ldap with Zentyal 4.0
« on: February 14, 2015, 04:36:50 pm »
Hello,
Has anyone manged to get this working, authentication of nginx against Zentyal 4.0?
I think my issue is with the LDAP configuration in the nginx.config file......
Does anyone have a working example?
Please help!
Thanks.
Has anyone manged to get this working, authentication of nginx against Zentyal 4.0?
I think my issue is with the LDAP configuration in the nginx.config file......
Does anyone have a working example?
Please help!
Thanks.
3
Installation and Upgrades / Re: [SOLVED]Odoo8+Zentyal4
« on: February 01, 2015, 07:05:27 pm »
Hi,
This doesn't to work for me for whatever reason.....
Can you confrm the other setting you made in Odoo, like check boxes etc.
Also, do you then use your Zentyal username to log on to Odoo, or an email address?
Thanks.
This doesn't to work for me for whatever reason.....
Can you confrm the other setting you made in Odoo, like check boxes etc.
Also, do you then use your Zentyal username to log on to Odoo, or an email address?
Thanks.
4
Installation and Upgrades / Re: PFSense OpenVPN with Zentyal Samba Backend
« on: December 18, 2014, 04:53:05 pm »
Hi,
If your still looking into this I've responded below
If your still looking into this I've responded below
Hi,
So what you're basically doing is the following:
1. Create a user in LDAP in Zentyal, which has appropriate username and password. A new certificate for the user is NOT created in Zentyal, but rather in Pfsense. - Yes
2. Create a new certificate in Pfsense by using built-in certificate manager? - Yes, a server certificate. I used the wizard to create the OpenVPN profile which creates the user certificate in the process.
3. Export the OpenVPN profile through Client Export in Pfsense and use that to connect to the VPN server. - Yep.
I still have a couple of questions:
1. If I understand your words correctly, you keep the users information in Zentyal, while the certificates are stored in Pfsense? - Yes, one server and one user certificate.
2. When creating a new certificate in pfsense, how do you ensure it's linked with an existing user from Zentyal? - I just have one. I'm not sure if you can do this and it I think it would mean that you would have to create a different OpenVPN config file for every user?
3. How do you ensure that a certificate of a user B is not allowed to be used to authenticate user A? I only have one certificate.
I'm still not completely sure how your setup is configured. Can you write a more detailed answer of the steps that you need to take to add a new openvpn user to your setup: zentyal + pfsense? If you like, if the above doesn't answer.
Thank you
5
Installation and Upgrades / Re: where is user mail stored in zentyal 4?
« on: December 18, 2014, 04:41:05 pm »
Hi,
Have you gone right into the path, sent mail should be in here;
/var/vmail/****your mail domain****/***user***/Maildir/.Sent/cur#
Go back upto /Maildir and you should see the other folders.......
You will probably need to su sudo to see!
Cheers.
Have you gone right into the path, sent mail should be in here;
/var/vmail/****your mail domain****/***user***/Maildir/.Sent/cur#
Go back upto /Maildir and you should see the other folders.......
You will probably need to su sudo to see!
Cheers.
6
Installation and Upgrades / Re: Sharing from remote server
« on: December 18, 2014, 04:36:37 pm »
Hi,
From what I understand you just need to mount your remote shares by adding the appropriate lines to /etc/fstab (google mount ntfs share in fstba etc.....), with the mount point either into the Zentyal share or a probably better to different share and they use a symbolic link.
Cheers.
From what I understand you just need to mount your remote shares by adding the appropriate lines to /etc/fstab (google mount ntfs share in fstba etc.....), with the mount point either into the Zentyal share or a probably better to different share and they use a symbolic link.
Cheers.
7
Installation and Upgrades / SOGo Activesync with a BIG mailbox – Working, need help with Zentyal defaults
« on: November 28, 2014, 11:22:15 am »
Hello all and hopefully this will help some of you out.....
So, sticking with Zentyal 4.0 I exported my 3.2 mail box via offlineimap in to a Maildir changed the owner to ebox:ebox and then moved to my /var/vmail/user/Maildir
My offlineimap config file to generate the .INBOX and rename and omit a few folders;
*******
# Sample minimal config file. Copy this to ~/.offlineimaprc and edit to
# get started fast.
[general]
accounts = zentyal
[Account zentyal]
localrepository = Local
remoterepository = Remote
[Repository Local]
type = Maildir
localfolders = ~/your mail folder
sep = .
[Repository Remote]
type = IMAP
remotehost = xx.xx.xx.xx
remoteuser = user
remotepass = password #can comment out and it will prompt
createfolders = false
nametrans = lambda folder: re.sub('(^.{1})', '.\\1', re.sub('.*Deleted Items$', 'Trash', re.sub('.*Sent Items$', 'Sent', re.sub('.*Sent Items/20*', 'Sent.20', re.sub('.*INBOX$', '', folder)))))
folderfilter = lambda folder: folder not in ['Trash', 'Outbox', 'Public folders', 'Junk E-mail', 'Sync Issues', 'Sync Issues/Conflicts','Sync Issues/Local Failures', 'Sync Issues/Server Failures']
********
chown -R ebox:ebox xxxxx whatever you called your mail folder
Copy including hidden folders / files with - tar pcf - .| (cd /destination/folder/; tar pxf -)
All went well, and my emails (thousands of) could be accessed from webmail.
I then tried to use my phone….. ow no, no longer syncing and everything was stuck.
After a bit of googleing about I found adding these parameters into the config files solved the problem and now everything is working again. I have no idea if these are optimum settings, but they work;
/etc/sogo/sogo.conf
WOListenQueueSize = 32;
SxVMemLimit = 1000;
/etc/init.d/sogo
PREFORK=10
Then;
/etc/init.d/sogo restart
Now, here's the next issue. Obviously if I restart Zentyal these settings get overridden. Please, please, please can someone tell me where to enter them so Zentyal puts them in the config files when it auto-generates them on startup.
I understand it is something to do with ~/GNUstep/Defaults/.GNUstepDefaults but I don’t have one, well not that I can find anyway……
Thanks.
So, sticking with Zentyal 4.0 I exported my 3.2 mail box via offlineimap in to a Maildir changed the owner to ebox:ebox and then moved to my /var/vmail/user/Maildir
My offlineimap config file to generate the .INBOX and rename and omit a few folders;
*******
# Sample minimal config file. Copy this to ~/.offlineimaprc and edit to
# get started fast.
[general]
accounts = zentyal
[Account zentyal]
localrepository = Local
remoterepository = Remote
[Repository Local]
type = Maildir
localfolders = ~/your mail folder
sep = .
[Repository Remote]
type = IMAP
remotehost = xx.xx.xx.xx
remoteuser = user
remotepass = password #can comment out and it will prompt
createfolders = false
nametrans = lambda folder: re.sub('(^.{1})', '.\\1', re.sub('.*Deleted Items$', 'Trash', re.sub('.*Sent Items$', 'Sent', re.sub('.*Sent Items/20*', 'Sent.20', re.sub('.*INBOX$', '', folder)))))
folderfilter = lambda folder: folder not in ['Trash', 'Outbox', 'Public folders', 'Junk E-mail', 'Sync Issues', 'Sync Issues/Conflicts','Sync Issues/Local Failures', 'Sync Issues/Server Failures']
********
chown -R ebox:ebox xxxxx whatever you called your mail folder
Copy including hidden folders / files with - tar pcf - .| (cd /destination/folder/; tar pxf -)
All went well, and my emails (thousands of) could be accessed from webmail.
I then tried to use my phone….. ow no, no longer syncing and everything was stuck.
After a bit of googleing about I found adding these parameters into the config files solved the problem and now everything is working again. I have no idea if these are optimum settings, but they work;
/etc/sogo/sogo.conf
WOListenQueueSize = 32;
SxVMemLimit = 1000;
/etc/init.d/sogo
PREFORK=10
Then;
/etc/init.d/sogo restart
Now, here's the next issue. Obviously if I restart Zentyal these settings get overridden. Please, please, please can someone tell me where to enter them so Zentyal puts them in the config files when it auto-generates them on startup.
I understand it is something to do with ~/GNUstep/Defaults/.GNUstepDefaults but I don’t have one, well not that I can find anyway……
Thanks.
8
Installation and Upgrades / Re: Zentyal 4.0 - Incomplete install in VMware player
« on: November 22, 2014, 12:15:08 am »
I'm running in esxi, all I can see is the default Linux login screen.
Have you tried going to https://your_ip:8443
Have you tried going to https://your_ip:8443
9
Installation and Upgrades / Zentyal 4.0, is it time to go back to 3.3?
« on: November 18, 2014, 12:52:42 pm »
Hello all,
So after wanting to reset up my small home domain I though 4.0 was the perfect opportunity………
I wasn’t too sad to see most of the modules go as I have a visualized set up with FreeNAS (yes I know the issues and have direct pass-through, plenty of RAM assigned and independent backups of critical data), pfSense , Zentyal and ownCloud and between the four have all my needs covered.
Everything appeared to set up and work, but, and here is the but the more I try to use it the more issues, or the ‘I just don’t can’t see a way of doing that’ appear.
A big plus for me was storing email out of a database for easy backup (running on a FreeNAS iSCSI mount keeping the Zentyal VM disc nice and small and not needing to worry about expansion) etc., but also keeping push sync and Outlook support (although I really am starting to question the need for this in the future, particularly as 2013 supports active-sync in any case – are there really any benefits of this ‘big achievement’ that OpenChange brings?). I also assumed something similar would happen for contacts and calendar….. but no. And for me I have no idea how I go about backing these up. I have setup rSync for the home and mail directories for off-site backup and obviously my iSCSI is on a raidz2 array; all of which is working perfectly.
Another major issue is obviously the lack of push / inbox refresh, however manageable in my situation (for now anyway, but far from ideal) with a 5min sync period. My Blackberry plays nicely so far with sogo-active-sync, my Samsung S4 however will not sync contacts no matter what I try…. odd! I did find that I had issues with z-push and the Blackberry OS10, although I’m not too sure if it was up-to-date.
Auto refresh is a hung over issued from when I tried 3.5 and still not working, and given the other niggles I really think it may be better to use 3.3, which, just well, appears to work!
So this is where I am after the first few weeks of trying to use 4.0….. and really trying to stick with it. Any help or info / timescales on fixes for the above would be appreciated.
Thanks.
So after wanting to reset up my small home domain I though 4.0 was the perfect opportunity………
I wasn’t too sad to see most of the modules go as I have a visualized set up with FreeNAS (yes I know the issues and have direct pass-through, plenty of RAM assigned and independent backups of critical data), pfSense , Zentyal and ownCloud and between the four have all my needs covered.
Everything appeared to set up and work, but, and here is the but the more I try to use it the more issues, or the ‘I just don’t can’t see a way of doing that’ appear.
A big plus for me was storing email out of a database for easy backup (running on a FreeNAS iSCSI mount keeping the Zentyal VM disc nice and small and not needing to worry about expansion) etc., but also keeping push sync and Outlook support (although I really am starting to question the need for this in the future, particularly as 2013 supports active-sync in any case – are there really any benefits of this ‘big achievement’ that OpenChange brings?). I also assumed something similar would happen for contacts and calendar….. but no. And for me I have no idea how I go about backing these up. I have setup rSync for the home and mail directories for off-site backup and obviously my iSCSI is on a raidz2 array; all of which is working perfectly.
Another major issue is obviously the lack of push / inbox refresh, however manageable in my situation (for now anyway, but far from ideal) with a 5min sync period. My Blackberry plays nicely so far with sogo-active-sync, my Samsung S4 however will not sync contacts no matter what I try…. odd! I did find that I had issues with z-push and the Blackberry OS10, although I’m not too sure if it was up-to-date.
Auto refresh is a hung over issued from when I tried 3.5 and still not working, and given the other niggles I really think it may be better to use 3.3, which, just well, appears to work!
So this is where I am after the first few weeks of trying to use 4.0….. and really trying to stick with it. Any help or info / timescales on fixes for the above would be appreciated.
Thanks.
10
Installation and Upgrades / Re: PFSense OpenVPN with Zentyal Samba Backend
« on: November 18, 2014, 12:04:28 am »
Hi,
I just use the certificate manager in pfSense.
I don't think the openVPN wizard create the user certificate automatically though. So create or import and change the auth setting in the vpn profile.
I just use the certificate manager in pfSense.
I don't think the openVPN wizard create the user certificate automatically though. So create or import and change the auth setting in the vpn profile.
11
Installation and Upgrades / Re: deactivate https for Zentyal web admin
« on: November 14, 2014, 11:55:06 pm »
Agreed, and I use it to access just about everything on my network, although sometimes it's handy to have web access when you can install a VPN client on a work computer for example 
12
Installation and Upgrades / Re: deactivate https for Zentyal web admin
« on: November 14, 2014, 11:44:54 pm »
Looks like VPN is the only way then...... 
13
Installation and Upgrades / Re: Zentyal 4.x 32 bit install iso ?
« on: November 14, 2014, 11:40:51 pm »
Now I wonder if all the packages / modules are x86..... I'd be doing this if so!
Thanks
Thanks
14
Directory and Authentication / Re: Zentyal 4 and ownCloud with centralized user management (LDAP)
« on: November 14, 2014, 11:32:27 pm »
Hi Julio,
Can you help me with a few point please.
Which versions of ownCloud and Zentyal are you using?
Do you mean sudo apt-get install php5-ldap ....... with the number 5, and I install this on my ownCloud machine?
I had this all working perfectly with Zentyal 3.2 and this is such a pain...... Oddly I can get pfSense to talk happily for my vpn authentication using the ldap username and password in here - /etc/postfix/login.cf so I'm a bit lost!!!
Thanks.
UPDATE - Got it working. Re-set up the latest ownCloud (it wouldn't update from 7.0.2 with the updater for some reason), had the same issue; I put in all the LDAP details and it wouldn't load the 'only from those groups:' box, then I manually refreshed the web page, and voila a green circle appeared!! Now I can go to bed.
Can you help me with a few point please.
Which versions of ownCloud and Zentyal are you using?
Do you mean sudo apt-get install php5-ldap ....... with the number 5, and I install this on my ownCloud machine?
I had this all working perfectly with Zentyal 3.2 and this is such a pain...... Oddly I can get pfSense to talk happily for my vpn authentication using the ldap username and password in here - /etc/postfix/login.cf so I'm a bit lost!!!
Thanks.
UPDATE - Got it working. Re-set up the latest ownCloud (it wouldn't update from 7.0.2 with the updater for some reason), had the same issue; I put in all the LDAP details and it wouldn't load the 'only from those groups:' box, then I manually refreshed the web page, and voila a green circle appeared!! Now I can go to bed.
15
Installation and Upgrades / Re: Zentyal 4.x 32 bit install iso ?
« on: November 14, 2014, 10:18:42 pm »
The latest Ubunutu server which Zentyal 4.0 is based upon is on 64 bit, so I wouldn't hold out any hope!
Pages: [1] 2