View Issue Details

IDProjectCategoryView StatusLast Update
0001906SOGo Native Outlook Compatibility (obsolete)public2012-08-07 17:40
Reporteroooo1 Assigned To 
PrioritynormalSeveritymajorReproducibilityalways
Status closedResolutionfixed 
Product Version2.0.0beta4 
Summary0001906: Appliance of SOGo RC4, Samba4 a18, a20, b1, Cyrus SASL doesn' t work with Cyrus Imap. All authorized by built-in Samba4 LDAP.
Description

I have tried SOGo RC4 appliance with Samba4 alpha18, alpha20, beta1 and with not Dovecot (as it was earlier) but with Cyrus SASL and Imapd (all the latest Ubuntu package versions) , all components such as SOGo in itself, SASL and Imap are authorized by built-in Samba4 LDB. All are installed on Ubuntu 12.04 Server TLS x32 and MS Outlook 2010 are used as client.
But I got almost the same issues I got with Dovecot and new other one.
I was got using MS Outlook only, with Web GUI or vis telnet localhost 143 all works fine.
The same as with Dovecot:

  • no IMAP4 password available;
  • could not connect IMAP4 & MAPIStoreIOException, reason: unable to fetch created folder;
  • NSInvalidArgumentException, reason: '_name' must not be an empty string
  • no key found for sorting, using 'DATE';
    new one:
  • unimplemented method: setSortOrder,
    but Cyrus supports Sorting by Object THREAD=ORDEREDSUBJECT unlike Dovecot.
    If it necassary I can attach full logs.
TagsNo tags attached.

Relationships

has duplicate 0001858 closedludovic SOPE/SOGo crashes Samba4 during user with its password differs from its login name using MS Outlook ! 

Activities

ludovic

ludovic

2012-08-02 19:15

administrator   ~0004245

Connecting Dovecot/SOGo to Samba4's LDAP server WILL NOT GIVE YOU THE REQUIRED IMAP TRUST.

You MUST, MUST, MUST, have a trust.

To do so, you MUST have something like this in your Dovecot configuration.

passdb {
driver = static
args = nopassword=y allow_nets=192.168.0.0/24
}

oooo1

oooo1

2012-08-03 15:25

reporter   ~0004249

But can OpenLDAP give required IMAP trust ?

oooo1

oooo1

2012-08-03 15:29

reporter   ~0004250

I will check you offered passdb variant, but to the moment I tried static passd but without "args = nopassword=y" .

oooo1

oooo1

2012-08-03 20:05

reporter   ~0004252

So, I tried your offering and got:

samba [19239]: [ERROR] <0x0x9608b38[NGImap4ConnectionManager]> IMAP4 login failed:
host=localhost, user=test, pwd=yes
url=imap://test@localhost:143/
base=(null)
base-class=(null))
= <0x0x97301a0[NGImap4Client]: login=test(pwd) socket=<NGActiveSocket[0x0x9ce0d30]: mode=rw address=<0x0x9ce0e18[NGInternetSocketAddress]: host=localhost po
samba[19239] Note(NGImap4Connection): using '/' as the IMAP4 folder separator.
samba [19239]: <0x09FB3AB0[SOGoMailAccount]:0> renewing imap4 password
samba [19239]: [ERROR] <0x09FB3AB0[SOGoMailAccount]:0> no IMAP4 password available
samba [19239]: [ERROR] <0x09FB3AB0[SOGoMailAccount]:0> Could not connect IMAP4

ludovic

ludovic

2012-08-03 20:10

administrator   ~0004253

Bring that to the Dovecot mailing list, it has nothing to do with SOGo/OpenChange.

oooo1

oooo1

2012-08-04 22:24

reporter   ~0004254

Why to Dovecot mailimg list, if login via Web GUI or telnet with 1543 port with built-in Samba4 LDAP authorization is passed well ?

ludovic

ludovic

2012-08-04 22:43

administrator   ~0004255

Because your trust DOES NOT WORK. Do you understand that when you authenticate using Outlook through OpenChange, OpenChange/SOGO CANNOT use any kind of password to authenticate to the IMAP Server?

It has nothing to do with the SOGo's web interface. I'm quite sick of repeating this now.

oooo1

oooo1

2012-08-04 23:35

reporter   ~0004256

I have understood it some and some time ago.
I got message from Julien where he said that "According to SOGo dev, sogo:// URI in openchange don't include anymore the password and require IMAP server to blindly accept authentication from openchange/samba IP address." about little bit more then 2 month ago.
But I tried Dovecot with some variants of my configuration, tried your offering, tried Cyrus SASL with Imapd.
But got almost the same 2 errors or no Imap password or _name must be.
I talked about authorization made only by built-in SAmba4 LDAP.

Can you kindly send me your Cyrus SASL/Imapd & SOGo config files to look at?

2012-08-05 19:32

 

zeg_error_1.jpg (212,417 bytes)   
zeg_error_1.jpg (212,417 bytes)   

2012-08-05 19:32

 

zeg_error_2.jpg (222,554 bytes)   
zeg_error_2.jpg (222,554 bytes)   

2012-08-05 19:32

 

zeg_saslauthd_conf.jpg (82,366 bytes)   
zeg_saslauthd_conf.jpg (82,366 bytes)   

2012-08-05 19:33

 

zeg_sogo_conf.jpg (135,822 bytes)   
zeg_sogo_conf.jpg (135,822 bytes)   
oooo1

oooo1

2012-08-05 19:37

reporter   ~0004258

It sounds funny but I have got the same situation with ZEG RC4 and MS Outlook 200 as a client.
I didn' t make any changes to ZEG.
I used MS Outlook 2010 Russian version (sometimes it could create some IMAP folders in Russian that is in UTF-7 encoding) .
Look at attached photos.
User was added successfully to MS Outlook, but folders couldn' t be opened.
One thing I suupose to that is time difference beetwen ZEG internal time (other time zone) and computer where MS Outlook had been installed.

ludovic

ludovic

2012-08-05 19:48

administrator   ~0004259

For Cyrus IMAP with Cyrus SASL, use sasl_pwcheck_method: alwaystrue in /etc/imapd.conf

oooo1

oooo1

2012-08-06 13:27

reporter   ~0004260

Today I have downloaded ZEG 2.0.0RC4 version from SOGo site, added zeg IP address to hosts file, run it, added user sogo1 to MS Outlook 2010 Rus, it has been added successfully.
I didn' t make any changes to or at it.
When I tried to login using MS Outlook as sogo1 user I got the error:

no IMAP password available
Could not connect IMAP4

... some part of log

and then
MAPIStoreIOException unable to fetch created folder.
And the same result was got with ZEG at other machine, in other city by other user.

As following, it is not connected as I think with TRUST you wrote earlier.
Or your virtual image with appliance has some errors / mismatching of parametres in cofs or there are some troubles with MS Outlook 2010 Rus or with DNS or other networks issues.
Moreover, I tried sasl_pwcheck_method: alwaystrue with saslauthd started or without saslauthd started but got the same result.

By the way as I have understood while sasl_pwcheck_method is set to alwaystrue, runnig of saslauth daemon is not necassary at all.

oooo1

oooo1

2012-08-06 15:16

reporter   ~0004265

If logs from Zeg or my installation are necassary, I can either attach or send.

oooo1

oooo1

2012-08-06 23:47

reporter   ~0004277

Last edited: 2012-08-07 00:58

Thanks for God, for developers, in particular Ludovik, Wolfgang, Julien, for me also. :)
But at the time the last version of all components such as Samba4 beta5 & Openchange 4090 & SOPE & SOGo & SOGo Openchange plug-in downloaded from mnt about 2 hours ago have been worked more stable with Cyrus and even Dovecot and at least MS Outlook 2010 Rus user' s profile is already opened and a little bit been synchronizing, or though tried to be synchronizing.
I think it has began from solving of 0001917 issue:
http://mtn.inverse.ca/revision/diff/d538a70c8651aa1849c88eedda7782a21b41b591/with/a6dfa4114eeabf1790dbbd7a169d81c988375c12

May be above mentioned fixed issue is not connected with the current workability of appliance with IMAP (regarding aurthorization) but the latest SOPE & SOGo & plug-in version has been brought so.

But now Cyrus doesn' t create folders in itself while MS Outlook is loading a profile.
And there are some errors up to Samba4 panic while Dovecot is used.
I will post it errors a little bit later (it is necassary to make additional investigations) .

oooo1

oooo1

2012-08-07 14:38

reporter   ~0004283

I don' t know exactly what has been fixed it and don' t know exactly whether some code changes will be made which will be caused of issue again but I think, at the moment this issue is solved.

ludovic

ludovic

2012-08-07 17:40

administrator   ~0004285

Closing. Many issues were fixed in the past few hours and commited to ca.inverse.sogo and SVN's OpenChange repo, "sogo" branch.

Issue History

Date Modified Username Field Change
2012-07-31 10:38 oooo1 New Issue
2012-08-02 19:15 ludovic Note Added: 0004245
2012-08-02 19:19 ludovic Relationship added has duplicate 0001858
2012-08-03 15:25 oooo1 Note Added: 0004249
2012-08-03 15:29 oooo1 Note Added: 0004250
2012-08-03 20:05 oooo1 Note Added: 0004252
2012-08-03 20:10 ludovic Note Added: 0004253
2012-08-04 22:24 oooo1 Note Added: 0004254
2012-08-04 22:43 ludovic Note Added: 0004255
2012-08-04 23:35 oooo1 Note Added: 0004256
2012-08-05 19:32 oooo1 File Added: zeg_error_1.jpg
2012-08-05 19:32 oooo1 File Added: zeg_error_2.jpg
2012-08-05 19:32 oooo1 File Added: zeg_saslauthd_conf.jpg
2012-08-05 19:33 oooo1 File Added: zeg_sogo_conf.jpg
2012-08-05 19:37 oooo1 Note Added: 0004258
2012-08-05 19:48 ludovic Note Added: 0004259
2012-08-06 13:27 oooo1 Note Added: 0004260
2012-08-06 15:16 oooo1 Note Added: 0004265
2012-08-06 23:47 oooo1 Note Added: 0004277
2012-08-07 00:56 oooo1 Note Edited: 0004277
2012-08-07 00:58 oooo1 Note Edited: 0004277
2012-08-07 14:38 oooo1 Note Added: 0004283
2012-08-07 17:40 ludovic Note Added: 0004285
2012-08-07 17:40 ludovic Status new => closed
2012-08-07 17:40 ludovic Resolution open => fixed