***UNCHECKED*** Kolab policy with alias domains

Franz Skale i.bin at dah.am
Mon Sep 1 19:32:42 CEST 2014



Hi,
i think you ran into the same problem i had.
The problem was, that the ldap_searchbase didn't set variables on the
ldap dc.
So, fo me it worked out as follows:
I filled up the ptscache.db with the normal search base. (static dc on
the admin domain)
File: /var/lib/imap/ptclient/ptscache.db
Then i waited some minutes, so that the db get filled up with the
default domain.
Then i changed file: /etc/imapd.conf
Variable dc:
ldap_base: dc=%2,dc=%1
ldap_group_base: dc=%2,dc=%1
ldap_member_base: ou=People,dc=%2,dc=%1
ldap_filter:
(|(&(|(uid=cyrus-admin)(uid=cyrus-murder))(uid=%U))(&(|(uid=%U)(mail=%U@%d)(mail=%U@%r))(objectclass=kolabinetorgperson)))
ldap_user_attribute: mail
ldap_group_filter:
(&(cn=%u)(objectclass=ldapsubentry)(objectclass=nsroledefinition))
ldap_group_scope: one
Also check these entries:
/etc/kolab-freebusy/config.ini:base_dn = "%dc"
/etc/roundcubemail/config.inc.php:                   
'base_dn'                   => 'ou=People,%dc',
/etc/roundcubemail/config.inc.php:                   
'search_base_dn'            => 'ou=People,%dc',
/etc/roundcubemail/config.inc.php:                           
'base_dn'           => 'ou=Groups,%dc',
/etc/roundcubemail/defaults.inc.php:  // %dc - The domain name
hierarchal string e.g. "dc=test,dc=domain,dc=com"
/etc/roundcubemail/defaults.inc.php:  // for the groups base_dn, the
user replacements %fu, %u, $d and %dc work as for base_dn (see above)
/etc/roundcubemail/password.inc.php:    // '%dc' will be replaced by
domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
/etc/roundcubemail/password.inc.php:    // '%dc' will be replaced by
domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
/etc/roundcubemail/kolab_auth.inc.php:       
'base_dn'                   => 'ou=People,%dc',
/etc/roundcubemail/kolab_auth.inc.php:               
'base_dn'           => 'ou=Groups,%dc',

Comment all default static definitions.
I derived this changed by reading this patches i found googling around:
Filelisting:
-rw-r--r-- 1 root root 1.3K Jul 22 13:45
sleepTimeBetweenDomainOperationsBug2491.patch
-rw-r--r-- 1 root root  828 Jul 22 13:46 freebusyMultiDomainBug2630.patch
-rw-r--r-- 1 root root 3.1K Jul 22 13:49 deleteDomainWithUsersBug1869.patch
-rw-r--r-- 1 root root 2.7K Jul 22 13:58
validateAliasDomainPostfixVirtualFileBug2658.patch
-rw-r--r-- 1 root root 1.4K Jul 22 14:36
freebusyMultiDomainBugHTTP2630.patch

Dunno, if 3.3 already changed the default strategy to %dc. I use 3.2 for
now.
I'm testing all aspects, also Kontact client on OSX. (There's a
korganizer Bug, i will send details soon)

Hope this may help

Rgds.

Franz






 Am 01.09.14 16:25, schrieb Sebastian Walter:
> Dear list,
>
> This is about a new installation of Kolab 3.3 on CentOS 7. I followd the
> Multi-Domain Howto on docs.kolab.org and overall the system is working
> fine. Amongst other small issues (to be posted later) I have a problem
> of sending mails from other e-mail addresses than the parent domain.
>
> I try to explain the issue with this virtual example: the parent domain
> is example.org and an alias domain myexample.org is added via the Kolab
> Web Admin. The user joe at example.org has a lot of secondary email
> addresses (catchall for other domains), as well as one specific address
> mail at myexample.org. He wants to send emails from this address with his
> user account. The mail server replies with:
>
> An (SMTP) error occurred while sending mail. The server responded: 
> 5.7.1 <DATA>: Data command rejected: Could not find envelope sender user
> mail at myexample.org.
>
> The only working workaround is to empty the
> "submission_data_restrictions" direction in /etc/postfix/main.cf but I
> would prefer to not disable Kolabs policies.
>
> As a consequence, I got lots of errors from
> /usr/libexec/postfix/kolab_smtp_access_policy (premature end-of-input)
> which I got rid of by commenting out the "chache_uri" directive in
> kolab.conf.
>
> I guess my ldap system is somehow messed. Has anybody an idea?
> Any help is greatly appreciated!
>
> Sebastian
> _______________________________________________
> users mailing list
> users at lists.kolab.org
> https://lists.kolab.org/mailman/listinfo/users


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4254 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.kolab.org/pipermail/users/attachments/20140901/8304da55/attachment.p7s>


More information about the users mailing list