Kolab 3.4 on CentOS 6.6 (ptload completely failed)
Soliva Andrea
soliva at comcept.ch
Wed Sep 23 09:33:13 CEST 2015
Hi Paul
first of all many thanks for your help appriciated! At the Moment I'm
confiused regarding this issue! :-(
What you mean exact with "Try running your python and see what it
Outputs"? Means your sentence to enable for kolabd serivice debug? If
yes you mean activate following in following file and restart kolabd
Service?
vi /etc/default/kolab-server
FLAGS="-l debug -d 9"
service restart kolabd
If no can you please point me in the right direction regarding "Try
running your python and see what it Outputs"?
As mentioned for this domain and user I tried - with enabled
canonification and ptloader- to create the domain as the user.
Impact....the domain is correctly created in dirsrv without any errors
(debug mode). If I create after logging out and in again the user under
the specific domain I can see in dirsrv that the user is created
correctly without any errro (debug mode). I can see in cyrus-imapd that
ptloader don't get any data back from dirsrv from this point of view no
mailbox is created (Output of debug in previous post). Also in this
state I'm able with "testsaslauthd" to login successful with the new
user. If I try to login with the new user on roundcube I have the error
which Points to your sentence "Are you getting a "bad user ID" and it
says an email address didn't auth?" which means absolutly YES:
==> /var/log/imapd/imapd.log <==
Sep 23 08:51:10 kolab imap/imap[16917]: ptload(): empty response from
ptloader server
Sep 23 08:51:10 kolab imap/imap[16917]: ptload completely failed: unable
to canonify identifier: user at juventusclub-lucerna.ch
Sep 23 08:51:10 kolab imap/imap[16917]: SASL bad userid authenticated
Sep 23 08:51:10 kolab imap/imap[16917]: badlogin: kolab [127.0.0.1]
PLAIN [SASL(-13): authentication failure: bad userid authenticated]
Sep 23 08:51:10 kolab imap/ptloader[16942]: starting: ptloader.c,v
git2.5+0
After that I deleted the user as the Domain completly as refreshing the
Service with:
# service kolabd stop
Delete User from LDAP:
# /usr/lib/mozldap/ldapdelete -D cn="Directory Manager" -w [Your
Password] uid=deaduser,ou=People,dc=domain,dc=ch
Delete IMAP Mailbox (even this is not existing):
# kolab dm user/deaduser at domain.ch
# service cyrus-imapd stop
# pkill idled
# service cyrus-imapd start
# service kolabd start
Clean-Up all DELETED stuff (carefull alsl DELETED marked stuff as
deleted Messages etc will be removed):
# /usr/lib/cyrus-imapd/cyr_expire -D 0 -E 0 -X 0
Delete new created Domain:
# cd /usr/share/kolab-webadmin/lib/
# /usr/bin/php domain_delete.php
After that I disabled canonification in /etc/imapd.conf as following:
# log to seperated log
syslog_prefix: imap
syslog_facility: local6
# enable 1 /disable 0 debug mode
debug: 1
configdirectory: /var/lib/imap
defaultpartition: default
partition-default: /var/spool/imap
partition-archive: /var/spool/imap
admins: cyrus-admin
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail
#sasl_pwcheck_method: auxprop saslauthd
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN LOGIN
allowplaintext: no
#tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.pem
#tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_server_cert: /etc/pki/tls/certs/kolab.comcept.ch.crt
tls_server_key: /etc/pki/tls/private/kolab.comcept.ch.key
#tls_server_ca_file: /etc/pki/tls/certs/comcept.ch.ca-chain.pem
# used with Cyrus 2.5
tls_ciphers:
EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
# used with Cyrus 2.4
#tls_ciphers_list:
EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
# uncomment this if you're operating in a DSCP environment (RFC-4594)
# qosmarking: af13
#
#auth_mech: pts
#pts_module: ldap
#ldap_servers: ldap://localhost:389
#ldap_sasl: 0
#ldap_base: dc=comcept,dc=ch
#ldap_bind_dn: uid=kolab-service,ou=Special Users,dc=comcept,dc=ch
#ldap_password: [Your Password]
#ldap_filter:
(|(&(|(uid=cyrus-admin)(uid=cyrus-murder))(uid=%U))(&(|(uid=%U)(mail=%U@%d)(mail=%U@%r))(objectclass=kolabinetorgperson)))
#ldap_user_attribute: mail
#ldap_group_base: dc=comcept,dc=ch
#ldap_group_filter:
(&(cn=%u)(objectclass=ldapsubentry)(objectclass=nsroledefinition))
#ldap_group_scope: one
#ldap_member_base: ou=People,dc=comcept,dc=ch
#ldap_member_method: attribute
#ldap_member_attribute: nsrole
#ldap_restart: 1
#ldap_timeout: 10
#ldap_time_limit: 10
unixhierarchysep: 1
virtdomains: userid
annotation_definitions: /etc/imapd.annotations.conf
sieve_extensions: fileinto reject envelope body vacation imapflags
notify include regex subaddress relational copy date index
allowallsubscribe: 0
allowusermoves: 1
altnamespace: 1
hashimapspool: 1
anysievefolder: 1
fulldirhash: 0
sieveusehomedir: 0
sieve_allowreferrals: 0
lmtp_downcase_rcpt: 1
lmtp_fuzzy_mailbox_match: 1
username_tolower: 1
deletedprefix: DELETED
delete_mode: delayed
expunge_mode: delayed
postuser: shared
#
# Below lines add MultiDomain Support Kolab 3.4
ldap_domain_base_dn: cn=kolab,cn=config
ldap_domain_filter:
(&(objectclass=domainrelatedobject)(associateddomain=%s))
ldap_domain_name_attribute: associatedDomain
ldap_domain_scope: sub
ldap_domain_result_attribute: inetdomainbasedn
In /etc/cyrus.conf I did following:
# standard standalone server implementation
START {
# do not delete this entry!
recover cmd="ctl_cyrusdb -r"
# this is only necessary if using idled for IMAP IDLE
idled cmd="idled"
}
# UNIX sockets start with a slash and are put into /var/lib/imap/sockets
SERVICES {
# add or remove based on preferences
imap cmd="imapd" listen="imap" proto="tcp4" prefork=5
imaps cmd="imapd -s" listen="imaps" proto="tcp4"
prefork=5
# pop3 cmd="pop3d" listen="pop3" prefork=3
pop3s cmd="pop3d -s" listen="pop3s" proto="tcp4"
prefork=1
sieve cmd="timsieved" listen="sieve" proto="tcp4"
prefork=0
# ptloader cmd="ptloader" listen="/var/lib/imap/ptclient/ptsock"
prefork=1
# these are only necessary if receiving/exporting usenet via NNTP
#nntp cmd="nntpd" listen="nntp" prefork=3
#nntps cmd="nntpd -s" listen="nntps" prefork=1
# at least one LMTP is required for delivery
#lmtp cmd="lmtpd" listen="lmtp" prefork=0
lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1
# this is only necessary if using notifications
notify cmd="notifyd" listen="/var/lib/imap/socket/notify"
proto="udp" prefork=1
}
EVENTS {
# this is required
checkpoint cmd="ctl_cyrusdb -c" period=30
# this is only necessary if using duplicate delivery suppression,
# Sieve or NNTP
duplicateprune cmd="cyr_expire -E 3" at=0400
# Expire data older then 69 days. Two full months of 31 days
# each includes two full backup cycles, plus 1 week margin
# because we run our full backups on the first sat/sun night
# of each month.
deleteprune cmd="cyr_expire -E 4 -D 69" at=0430
expungeprune cmd="cyr_expire -E 4 -X 69" at=0445
# this is only necessary if caching TLS sessions
tlsprune cmd="tls_prune" at=0400
# Create search indexes regularly
#squatter cmd="squatter -s -i" at=0530
}
After that I stoped and started cyrus-imapd. Now I creaed the domain new
as the user. It took about 30 Seconds and the Mailbox of the user was
correctly created. During this time kolabd was in debug mode with
"FLAGS="-l debug -d 9"
" as cyrus-imapd" as "dirsrv" and absolutly no error. I tested to login
in roundcubemail with the new user from the new Domain as the otherones
which are existing and all works fine. I tested mail function to
external and internal all successful. Because you said that ptloader has
to run I enabled this morning ptloader again without enabling
canonification which means I only activated in /etc/cyrus.conf following
line:
ptloader cmd="ptloader" listen="/var/lib/imap/ptclient/ptsock"
prefork=1
Restartet the cyrus-imapd Service and tried to login with the new user
from the new domain and it was successful no problems except that within
start of cyrus-imapd for the ptloader following is shown:
PTS module afskrb not supported
After that I tried to enabled canonfication again in following way:
# log to seperated log
syslog_prefix: imap
syslog_facility: local6
# enable 1 /disable 0 debug mode
debug: 1
configdirectory: /var/lib/imap
defaultpartition: default
partition-default: /var/spool/imap
partition-archive: /var/spool/imap
admins: cyrus-admin
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail
sasl_pwcheck_method: auxprop saslauthd
#sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN LOGIN
allowplaintext: no
#tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.pem
#tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_server_cert: /etc/pki/tls/certs/kolab.comcept.ch.crt
tls_server_key: /etc/pki/tls/private/kolab.comcept.ch.key
#tls_server_ca_file: /etc/pki/tls/certs/comcept.ch.ca-chain.pem
# used with Cyrus 2.5
tls_ciphers:
EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
# used with Cyrus 2.4
#tls_ciphers_list:
EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
# uncomment this if you're operating in a DSCP environment (RFC-4594)
# qosmarking: af13
#
auth_mech: pts
pts_module: ldap
ldap_servers: ldap://localhost:389
ldap_sasl: 0
ldap_base: dc=comcept,dc=ch
ldap_bind_dn: uid=kolab-service,ou=Special Users,dc=comcept,dc=ch
ldap_password: [Your Password]
ldap_filter:
(|(&(|(uid=cyrus-admin)(uid=cyrus-murder))(uid=%U))(&(|(uid=%U)(mail=%U@%d)(mail=%U@%r))(objectclass=kolabinetorgperson)))
ldap_user_attribute: mail
ldap_group_base: dc=comcept,dc=ch
ldap_group_filter:
(&(cn=%u)(objectclass=ldapsubentry)(objectclass=nsroledefinition))
ldap_group_scope: one
ldap_member_base: ou=People,dc=comcept,dc=ch
ldap_member_method: attribute
ldap_member_attribute: nsrole
ldap_restart: 1
ldap_timeout: 10
ldap_time_limit: 10
unixhierarchysep: 1
virtdomains: userid
annotation_definitions: /etc/imapd.annotations.conf
sieve_extensions: fileinto reject envelope body vacation imapflags
notify include regex subaddress relational copy date index
allowallsubscribe: 0
allowusermoves: 1
altnamespace: 1
hashimapspool: 1
anysievefolder: 1
fulldirhash: 0
sieveusehomedir: 0
sieve_allowreferrals: 0
lmtp_downcase_rcpt: 1
lmtp_fuzzy_mailbox_match: 1
username_tolower: 1
deletedprefix: DELETED
delete_mode: delayed
expunge_mode: delayed
postuser: shared
#
# Below lines add MultiDomain Support Kolab 3.4
ldap_domain_base_dn: cn=kolab,cn=config
ldap_domain_filter:
(&(objectclass=domainrelatedobject)(associateddomain=%s))
ldap_domain_name_attribute: associatedDomain
ldap_domain_scope: sub
ldap_domain_result_attribute: inetdomainbasedn
Restartet the Service cyrus-imapd and tried to login to roundcubemail
with new user from the new Domain and it was NOT successful with
following error:
==> /var/log/imapd/imapd.log <==
Sep 23 08:51:10 kolab imap/imap[16917]: ptload(): empty response from
ptloader server
Sep 23 08:51:10 kolab imap/imap[16917]: ptload completely failed: unable
to canonify identifier: user at juventusclub-lucerna.ch
Sep 23 08:51:10 kolab imap/imap[16917]: SASL bad userid authenticated
Sep 23 08:51:10 kolab imap/imap[16917]: badlogin: kolab [127.0.0.1]
PLAIN [SASL(-13): authentication failure: bad userid authenticated]
All other Domains/user can login without problems only the new domain
and the new user can not login if canonification is activated!? for
pykolab.log I have no output no error at all?! Sorry but this I do not
understand. By the way if the above error appears "SASL bad userid
authenticated" the pdloader gets a Segmentation fault and will be
terminated but only for this domain and user not for the otherones!?
At the moment canonification is deactivated and ptloader is running no
errors and new user from new domain can login! Imap log shown in this
Moment:
==> /var/log/imapd/imapd.log <==
Sep 23 09:27:04 kolab imap/imap[17977]: starttls: TLSv1 with cipher
ECDHE-RSA-AES256-SHA (256/256 bits new) no authentication
Sep 23 09:27:04 kolab imap/imap[17977]: login: kolab [127.0.0.1]
user at juventusclub-lucerna.ch PLAIN+TLS User logged in
SESSIONID=<imap-17977-1442993224-1-13226265222377919693>
Sep 23 09:27:04 kolab imap/imap[17977]: USAGE
user at juventusclub-lucerna.ch user: 0.072989 sys: 0.008999
Sep 23 09:27:04 kolab imap/imap[18000]: starttls: TLSv1 with cipher
ECDHE-RSA-AES256-SHA (256/256 bits new) no authentication
Sep 23 09:27:04 kolab imap/imap[18000]: login: kolab [127.0.0.1]
user at juventusclub-lucerna.ch PLAIN+TLS User logged in
SESSIONID=<imap-18000-1442993224-1-10401950705182342627>
What I do really not understand is that the Overall stuff is working for
all other Domains as users only for this new Domain as user the stuff is
not working. Can not understand this!? As mentioned I can give you some
additional Output for python but please tell me how to do that etc.
Again many thanks for your help really appriciated.
---
Kind regards
Andrea
Email: andrea.soliva at comcept.ch
Am 23-09-2015 00:49, schrieb signaldeveloper at gmail.com:
> Andrea,
>
> Don't turn off ptloader it's needed in many functions. I've seen this
> issue before so many times and it always seems to be a syntax problem
> with primary_mail...
>
> Try running your python and see what it outputs. Are you getting a
> "bad user ID" and it says an email address didn't auth? Post that
> entry. That will help us diagnose.
>
> - Paul
>
>> On Sep 22, 2015, at 7:16 AM, Soliva Andrea <soliva at comcept.ch> wrote:
>>
>> Hi
>>
>> ok now it works....I disabled canonification and disabled ptloader and
>> all works as desigend. Below again a Output of the debug after
>> creation of the user if canonification is enabled as ptloader is
>> running. The issue is clearly that the ptloader receives no
>> information data back from dirsrv and from this no Mailbox will be
>> created etc. Authentication test works for the user (see below). In
>> pykolab.log even debug is enable absolutly no error etc. I do not
>> understand it. What I do also not understand at the moment is the
>> advantage/disadvantage of cononification disable/enable and using
>> ptloader or not. I confiused.....! I do not see any performance Impact
>> by not using ptloader etc. in both cases using memcached or not
>> memcached (db mysql). Any hints on this...?
>>
>> ==> /var/log/imapd/imapd.log <==
>> Sep 22 10:03:05 kolab imap/imaps[24421]: ptload(): pinging ptloader
>> Sep 22 10:03:05 kolab imap/imaps[24421]: connected with no delay
>> Sep 22 10:03:05 kolab imap/imaps[24421]: ptload(): connected
>> Sep 22 10:03:05 kolab imap/imaps[24421]: timeout_select: sock = 16, rp
>> = 0x0, wp = 0xbfd472c8, sec = 30
>> Sep 22 10:03:05 kolab imap/ptloader[24784]: accepted connection
>> Sep 22 10:03:05 kolab imap/imaps[24421]: timeout_select exiting. r =
>> 1; errno = 2
>> Sep 22 10:03:05 kolab imap/imaps[24421]: ptload sent data
>> Sep 22 10:03:05 kolab imap/imaps[24421]: timeout_select: sock = 16, rp
>> = 0xbfd47348, wp = 0x0, sec = 30
>> Sep 22 10:03:05 kolab imap/ptloader[24784]: Attempting to get domain
>> for deaduser at domain.ch from cn=kolab,cn=config
>> Sep 22 10:03:05 kolab imap/ptloader[24784]: Domain filter:
>> (&(objectclass=domainrelatedobject)(associateddomain=domain.ch))
>> Sep 22 10:03:05 kolab imap/ptloader[24784]: Domain domain.ch is an
>> alias domain for parent domain domain.ch
>> Sep 22 10:03:05 kolab imap/ptloader[24784]: ptsmodule_standard_root_dn
>> called for domain domain.ch
>> Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now
>> Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now ,dc=
>> Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now ,dc=domain
>> Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now ,dc=domain
>> Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now ,dc=domain,dc=
>> Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now
>> ,dc=domain,dc=ch
>> Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now
>> ,dc=domain,dc=ch
>> Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now
>> dc=domain,dc=ch
>> Sep 22 10:03:05 kolab imap/ptloader[24784]: Continuing with
>> ptsm->base: dc=domain,dc=ch
>> Sep 22 10:03:05 kolab imap/imaps[24421]: timeout_select exiting. r =
>> 1; errno = 2
>> Sep 22 10:03:05 kolab imap/imaps[24421]: ptload read data back
>> Sep 22 10:03:05 kolab imap/imaps[24421]: ptload(): empty response from
>> ptloader server
>> Sep 22 10:03:05 kolab imap/imaps[24421]: No data available at all from
>> ptload()
>> Sep 22 10:03:05 kolab imap/imaps[24421]: ptload completely failed:
>> unable to canonify identifier: deaduser at domain.ch
>> Sep 22 10:03:05 kolab imap/imaps[24421]: SASL bad userid authenticated
>> Sep 22 10:03:05 kolab imap/imaps[24421]: badlogin: kolab [127.0.0.1]
>> PLAIN [SASL(-13): authentication failure: bad userid authenticated]
>>
>> ==> /var/log/postfix/postfix.log <==
>> Sep 22 10:03:05 kolab imap/master[23912]: process type:SERVICE
>> name:ptloader path:/usr/lib/cyrus-imapd/ptloader age:3.776s pid:24784
>> signaled to death by signal 6 (Aborted)
>> Sep 22 10:03:05 kolab imap/master[23912]: service ptloader/unix pid
>> 24784 in READY state: terminated abnormally
>> Sep 22 10:03:05 kolab imap/master[23912]: too many failures for
>> service ptloader/unix, disabling until next SIGHUP
>>
>> ==> /var/log/messages <==
>> Sep 22 10:03:09 kolab imap/imaps[23925]: ptload(): can't connect to
>> ptloader server: Connection refused
>> Sep 22 10:03:09 kolab imap/imaps[23925]: ptload completely failed:
>> unable to canonify identifier: deaduser at domain.ch
>> Sep 22 10:03:09 kolab imap/imaps[23925]: SASL bad userid authenticated
>>
>> ==> /var/log/imapd/imapd.log <==
>> Sep 22 10:03:09 kolab imap/imaps[23925]: accepted connection
>> Sep 22 10:03:09 kolab imap/imaps[23925]: SSL_accept() incomplete ->
>> wait
>> Sep 22 10:03:09 kolab imap/imaps[23925]: SSL_accept() succeeded ->
>> done
>> Sep 22 10:03:09 kolab imap/imaps[23925]: starttls: TLSv1.2 with cipher
>> ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits new) no authentication
>> Sep 22 10:03:09 kolab imap/imaps[23925]: ptload(): fetched cache
>> record (cyrus-admin)(mark 1442905202, current 1442908989, limit
>> 1442898189)
>> Sep 22 10:03:09 kolab imap/imaps[23925]: ptload returning data
>> Sep 22 10:03:09 kolab imap/imaps[23925]: canonified cyrus-admin ->
>> cyrus-admin
>> Sep 22 10:03:09 kolab imap/imaps[23925]: ptload(): pinging ptloader
>> Sep 22 10:03:09 kolab imap/imaps[23925]: ptload(): can't connect to
>> ptloader server: Connection refused
>> Sep 22 10:03:09 kolab imap/imaps[23925]: No data available at all from
>> ptload()
>> Sep 22 10:03:09 kolab imap/imaps[23925]: ptload completely failed:
>> unable to canonify identifier: deaduser at domain.ch
>> Sep 22 10:03:09 kolab imap/imaps[23925]: SASL bad userid authenticated
>> Sep 22 10:03:09 kolab imap/imaps[23925]: badlogin: kolab [127.0.0.1]
>> PLAIN [SASL(-13): authentication failure: bad userid authenticated]
>>
>>
>> # testsaslauthd -u deaduser at domain.ch -p ********
>> 0: OK "Success."
>>
>> ---
>> Kind regards
>>
>> Andrea
>>
>> Email: andrea.soliva at comcept.ch
>>
>> Am 22-09-2015 00:49, schrieb signaldeveloper at gmail.com:
>>> Andrea,
>>> Do you have canonification on or off? I had a similar issue. Note
>>> that
>>> when you create a user on kolab web admin you may need to wait for up
>>> to 30 seconds for it to be created fully. If you log in too fast it
>>> will give you this error. Watch maillog as soon as you create a user
>>> and you'll see what I mean. Take a minute sometimes.
>>> Otherwise I would run testsaslauth commands (can't think of them off
>>> the top of my head) and see if you can log in. What's your pykolab
>>> log
>>> say? If your SASL fails (which it is showing it is) then it won't be
>>> created in IMAP. Again try running the test sasl commands and see if
>>> you can log in with the user.
>>> Depending on your canonification I would also try logging in with
>>> both
>>> the FULL email and the name to see what happens.
>>> In kolab conf ensure your Python is correct for primary_mail as if
>>> you
>>> change this it will cause problems. Kolab doesn't accept the general
>>> python syntax.
>>> - Paul
>>>> On Sep 21, 2015, at 4:46 PM, Soliva Andrea <soliva at comcept.ch>
>>>> wrote:
>>>> Hi all
>>>> after several hours debugging and looking to this issue I do not
>>>> have anymore any ideas how to proceed:
>>>> I have a installation with 5 main Domains and 1 domain with a
>>>> associated domain. For this installation I have created in the last
>>>> two month about 25 users without any problems. I was in the last two
>>>> weeks in holidays from this point of view it did not change anyhting
>>>> on the config :-) Specially one domain was new created as the users
>>>> before I left to holidays. All is working fine also for the domain
>>>> for the users created before leaving to holidays. From this point of
>>>> view it can be actually not a config issue because as mentioned for
>>>> all existing user absolutly no problems for connection and
>>>> authentication.
>>>> Today I created a new main domain as one user for this domain. The
>>>> domain was created in dirsrv without any Errors (debug). Actually
>>>> the user was also created in dirsrv but the mailbox etc could not be
>>>> created. In a later phase I saw in debug the reason which means:
>>>> Even all other users can be verified as the Domains for this
>>>> specific Domain as user ptload gets no data back from dirsrv!
>>>> the debug of dirsrv Shows to 100% that the search for the new Domain
>>>> is successful (canonify) but it shows also "not data back" message
>>>> from ptload which means for some reason ptload can not get from
>>>> dirsrv for this particular domain as this user any Information. This
>>>> will be also shown in the logs with:
>>>> ==> /var/log/imapd/imapd.log <==
>>>> Sep 21 21:58:26 kolab imap/imaps[12877]: accepted connection
>>>> Sep 21 21:58:26 kolab imap/imaps[12877]: SSL_accept() incomplete ->
>>>> wait
>>>> Sep 21 21:58:26 kolab imap/imaps[12877]: SSL_accept() succeeded ->
>>>> done
>>>> Sep 21 21:58:26 kolab imap/imaps[12877]: starttls: TLSv1.2 with
>>>> cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits new) no
>>>> authentication
>>>> Sep 21 21:58:26 kolab imap/imaps[12877]: ptload(): fetched cache
>>>> record (cyrus-admin)(mark 1442861102, current 1442865506, limit
>>>> 1442854706)
>>>> Sep 21 21:58:26 kolab imap/imaps[12877]: ptload returning data
>>>> Sep 21 21:58:26 kolab imap/imaps[12877]: canonified cyrus-admin ->
>>>> cyrus-admin
>>>> Sep 21 21:58:27 kolab imap/imaps[12877]: ptload(): pinging ptloader
>>>> Sep 21 21:58:27 kolab imap/imaps[12877]: ptload(): can't connect to
>>>> ptloader server: Connection refused
>>>> Sep 21 21:58:27 kolab imap/imaps[12877]: No data available at all
>>>> from ptload()
>>>> Sep 21 21:58:27 kolab imap/imaps[12877]: ptload completely failed:
>>>> unable to canonify identifier: deaduser at domain.ch
>>>> Sep 21 21:58:27 kolab imap/imaps[12877]: SASL bad userid
>>>> authenticated
>>>> Sep 21 21:58:27 kolab imap/imaps[12877]: badlogin: kolab [127.0.0.1]
>>>> PLAIN [SASL(-13): authentication failure: bad userid authenticated]
>>>> Sep 21 21:58:27 kolab imap/imap[12577]: accepted connection
>>>> Sep 21 21:58:27 kolab imap/imap[12577]: TLS Server Name Indication
>>>> (SNI) Extension: "localhost"
>>>> Again to have no misunderstanding: it Looks like ptloader can not
>>>> connect but for all other Domains as users no Problems works. As
>>>> soon as this happens to often the ptloader goes to a Segmentation
>>>> fault which is shown under dmesg. But even this happens all other
>>>> user can connect without Problems!
>>>> I saw on the list some old messages pointing to the same issue which
>>>> should happen from time to time which means that this happens
>>>> always. The orkaround which is listed in this message is following
>>>> as to reach the goal to clean up the new domain and user to beginn
>>>> from scratch:
>>>> # service kolabd stop
>>>> Delete User from LDAP:
>>>> # /usr/lib/mozldap/ldapdelete -D cn="Directory Manager" -w [Your
>>>> Password] uid=deaduser,ou=People,dc=domain,dc=ch
>>>> Delete IMAP Mailbox (even this is not existing):
>>>> # kolab dm user/deaduser at domain.ch
>>>> # service cyrus-imapd stop
>>>> # pkill idled
>>>> # service cyrus-imapd start
>>>> # service kolabd start
>>>> Clean-Up all DELETED stuff (carefull alsl DELETED marked stuff as
>>>> deleted Messages etc will be removed):
>>>> # /usr/lib/cyrus-imapd/cyr_expire -D 0 -E 0 -X 0
>>>> Delete new created Domain:
>>>> # cd /usr/share/kolab-webadmin/lib/
>>>> # /usr/bin/php domain_delete.php
>>>> I tried several times also with restarting all Services etc. but no
>>>> success. I have no more ideas how to proceed with this new Domain
>>>> and/or user to get it working!
>>>> Any help really appriciated!
>>>> --
>>>> Kind regards
>>>> Andrea
>>>> Email: andrea.soliva at comcept.ch
>>>> _______________________________________________
>>>> users mailing list
>>>> users at lists.kolab.org
>>>> https://lists.kolab.org/mailman/listinfo/users
>> _______________________________________________
>> users mailing list
>> users at lists.kolab.org
>> https://lists.kolab.org/mailman/listinfo/users
More information about the users
mailing list