New user login problems
Axel
ar at xlrs.de
Sun May 1 20:13:53 CEST 2016
*bump*
No one can help me out?
Am Samstag, 23. April 2016, 00:32:07 CEST schrieb Axel:
> Hi,
>
> i experience login problems with new created users.
> There's a thread on the german list with no further help and I already
> tried to debug and solve this problem as described in the
> troubleshooting guide and Google with no luck. Perhaps can anyone point
> me to the right direction...
>
> System:
>
> Centos 7 with these packages
> 389-ds-base.x86_64 1.3.4.0-29.el7_2 @updates
> cyrus-imapd.x86_64 2.5-108.3.el7.kolab_3.4 @Kolab_3.4_Updates
> kolab.noarch 3.1.9-3.4.el7.kolab_3.4 @Kolab_3.4_Updates
> roundcubemail.noarch 1.1.4-4.11.el7.kolab_3.4 @Kolab_3.4_Updates
>
>
> Situation:
> Create an user in Kolab Webadmin and it doesn't matter whether I chose
> "Kolab User" or "Mail enabled Kolab user".
>
> Login to Roundcube not possible according to the logs
>
> ===
> /var/log/roundcubemail/userlogins
>
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> Failed login for
> name.surname at domain.tld from 10.100.10.2(X-Real-IP:
> 1.2.3.4,X-Forwarded-For: 1.2.3.4) in session 9eis8qgu8eokcsiaf2cjjfvbd7
> (error: 0)
>
> ===
> /var/log/roundcubemail/imap
>
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] S: * OK
> [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS LOGINDISABLED]
> kolab.domain.tld Cyrus IMAP git2.5+0-Kolab-2.5-108.3.el7.kolab_3.4
> server ready
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] C: A0001 STARTTLS
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] S: A0001 OK Begin
> TLS negotiation now
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] C: A0002
> CAPABILITY
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] S: * CAPABILITY
> IMAP4rev1 LITERAL+ ID ENABLE ACL RIGHTS=kxten QUOTA MAILBOX-REFERRALS
> NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY
> CATENATE CONDSTORE ESEARCH SORT SORT=MODSEQ SORT=DISPLAY SORT=UID
> THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE
> ANNOTATE-EXPERIMENT-1 METADATA LIST-EXTENDED LIST-STATUS LIST-MYRIGHTS
> WITHIN QRESYNC SCAN XLIST XMOVE MOVE SPECIAL-USE CREATE-SPECIAL-USE
> URLAUTH URLAUTH=BINARY X-NETSCAPE AUTH=PLAIN AUTH=LOGIN SASL-IR
> COMPRESS=DEFLATE X-QUOTA=STORAGE X-QUOTA=MESSAGE
> X-QUOTA=X-ANNOTATION-STORAGE X-QUOTA=X-NUM-FOLDERS IDLE
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] S: A0002 OK
> Completed
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] C: A0003 ID
> ("name" "Roundcube" "version" "1.1.4" "php" "5.4.16" "os" "Linux"
> "command" "/roundcubemail/?_task=login")
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] S: * ID ("name"
> "Cyrus IMAPD" "version" "git2.5+0-Kolab-2.5-108.3.el7.kolab_3.4 "
> "vendor" "Project Cyrus" "support-url" "http://www.cyrusimap.org" "os"
> "Linux" "os-version" "3.10.0-327.13.1.el7.x86_64" "environment" "Built
> w/Cyrus SASL 2.1.26; Running w/Cyrus SASL 2.1.26; Built w/OpenSSL
> 1.0.1e-fips 11 Feb 2013; Running w/OpenSSL 1.0.1e-fips 11 Feb 2013;
> Built w/zlib 1.2.7; Running w/zlib 1.2.7; CMU Sieve 2.4; TCP Wrappers;
> NET-SNMP; mmap = shared; lock = fcntl; nonblock = fcntl; idle = idled")
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] S: A0003 OK
> Completed
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] C: A0004
> AUTHENTICATE PLAIN ****** [45]
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] S: A0004 OK
> [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE ACL RIGHTS=kxten QUOTA
> MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN
> MULTIAPPEND BINARY CATENATE CONDSTORE ESEARCH SORT SORT=MODSEQ
> SORT=DISPLAY SORT=UID THREAD=ORDEREDSUBJECT THREAD=REFERENCES
> ANNOTATEMORE ANNOTATE-EXPERIMENT-1 METADATA LIST-EXTENDED LIST-STATUS
> LIST-MYRIGHTS WITHIN QRESYNC SCAN XLIST XMOVE MOVE SPECIAL-USE
> CREATE-SPECIAL-USE URLAUTH URLAUTH=BINARY X-NETSCAPE LOGINDISABLED
> COMPRESS=DEFLATE X-QUOTA=STORAGE X-QUOTA=MESSAGE
> X-QUOTA=X-ANNOTATION-STORAGE X-QUOTA=X-NUM-FOLDERS IDLE] Success (tls
> protection)
> SESSIONID=<kolab.domain.tld-23872-1461362875-1-4100288112662633837>
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] C: A0005
> NAMESPACE
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] S: * NAMESPACE
> (("" "/")) (("Other Users/" "/")) (("Shared Folders/" "/"))
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] S: A0005 OK
> Completed
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] C: A0006 LOGOUT
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] S: * BYE LOGOUT
> received
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> [DEAB] S: A0006 OK
> Completed
>
> ===
> /var/log/roundcubemail/ldap
>
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> C: Connect
> [localhost:389]
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> S: OK
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> C: Bind [dn:
> uid=kolab-service,ou=Special Users,dc=domain,dc=tld]
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> S: OK
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> C: Search base dn:
> [ou=People,dc=domain,dc=tld] scope [sub] with filter
> [(&(objectClass=kolabInetOrgPerson)(|(uid=name)(mail=name at domain.tld)(alias=
> name at domain.tld)))] [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> Using
> function
> ldap_search on scope sub ($ns_function is ldap_search)
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> C: (Without VLV) Setting
> a filter of
> (&(objectClass=kolabInetOrgPerson)(|(uid=name)(mail=name at domain.tld)(alias=n
> ame at domain.tld))) [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> Executing
> search with return attributes: array (
> 0 => 'displayname',
> 1 => 'mail',
> 2 => 'alias',
> 3 => 'nsroledn',
> 4 => 'uid',
> )
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> S: 1 record(s) found
> [23-Apr-2016 00:07:55,000000 +0200]: <9eis8qgu> C: Close
>
>
> Although the user seems to get a correct LDAP entry and a mailbox:
>
> ===
> * ~# ldapsearch -D "uid=kolab-service,ou=Special Users,dc=domain,dc=tld"
> -w password -b "ou=People,dc=domain,dc=tld" uid=name
>
> # extended LDIF
> #
> # LDAPv3
> # base <dc=domain,dc=tld> with scope subtree
> # filter: uid=name
> # requesting: ALL
> #
>
> # name, People, domain.tld
> dn: uid=name,ou=People,dc=domain,dc=tld
> alias: j.name at domain.tld
> alias: name at domain.tld
> givenName: Name
> kolabInvitationPolicy: ACT_MANUAL
> loginShell: /usr/bin/zsh
> mailQuota: 4194304
> preferredLanguage: en_US
> sn: Surname
> cn: Name Surname
> displayName: Surname, Name
> gidNumber: 1002
> homeDirectory: /home/name
> mail: name.surname at domain.tld
> uid: name
> uidNumber: 1002
> objectClass: inetorgperson
> objectClass: kolabinetorgperson
> objectClass: mailrecipient
> objectClass: organizationalperson
> objectClass: person
> objectClass: posixaccount
> objectClass: top
> mailHost: localhost
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
>
> ===
> * ~# kolab lm "user/name.surname at domain.tld"
> user/name.surname at domain.tld
>
> * ~# kolab list-mailbox-metadata user/name.surname at domain.tld
> Folder user/jana.tasch at xlrs.intern
> /shared/vendor/cmu/cyrus-imapd/partition default
> /shared/vendor/cmu/cyrus-imapd/lastupdate 22-Apr-2016 23:15:50
> +0200
> /shared/vendor/cmu/cyrus-imapd/duplicatedeliver false
> /shared/vendor/cmu/cyrus-imapd/pop3newuidl true
> /shared/vendor/cmu/cyrus-imapd/size 0
> /shared/vendor/cmu/cyrus-imapd/sharedseen false
> /shared/vendor/cmu/cyrus-imapd/uniqueid
> 12345678-acc7-4ec7-b564-12345678
>
> ===
> * cyrus at localhost ~# cyradm -u cyrus-admin localhost
>
> lm user/name.surname at domain.tld
> user/name.surname at domain.tld (\HasChildren)
>
> lam user/name.surname at domain.tld
> name.surname at domain.tld lrswipkxtecdan
>
>
> What's the next step? Where should I look next?
>
> THX
>
> *
> https://docs.kolab.org/administrator-guide/verifying-the-installation.html
> _______________________________________________
> users mailing list
> users at lists.kolab.org
> https://lists.kolab.org/mailman/listinfo/users
More information about the users
mailing list