Kolab 3.2 multidomain issue

Gelpi Andrea liste at gelpi.it
Mon Jun 30 18:44:49 CEST 2014 

Il 30/06/2014 15:59, Gelpi Andrea ha scritto:
> Il 30/06/2014 11:26, Gelpi Andrea ha scritto:
>> Hi,
>> 	on a fresh kolab 3.2 on debian 7.5 I added multidomain following this
>> document.
>>
>> http://docs.kolab.org/howtos/multi-domain.html
>>
>> I can create kolab user only in primary domain.
>>
>> In secondary domain th user is not correctly created in cyrus.
>>
>> kolab lm return for user in secondary domain only
>>
>> user/info a secondarydomain.it
>>
>> All other entry are missing.
>>
>> Where can I look to understand what's happening?
>>

I start kolab-serer in debug mode "-l debug -d 9"

After creating user and the root user folder the system cannot create
additional folder because of a cyrus login failure.

>From followinf debug line a change password with XXXXXX e authentication
string with xxxxxxxxxxxxx for obvious reason.

  04:04.80 untagged responses dump:
                CAPABILITY: "IMAP4rev1 LITERAL+ ID ENABLE ACL
RIGHTS=kxten QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME
UNSELECT CHILDREN MULTIAPPEND BINARY CATENATE CONDSTORE ESEARCH
SEARCH=FUZZY SORT SORT=MODSEQ SORT=DISPLAY SORT=UID
THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE
ANNOTATE-EXPERIMENT-1 METADATA LIST-EXTENDED LIST-STATUS LIST-MYRIGHTS
WITHIN QRESYNC SCAN XLIST XMOVE MOVE SPECIAL-USE CREATE-SPECIAL-USE
DIGEST=SHA1 URLAUTH URLAUTH=BINARY LOGINDISABLED AUTH=PLAIN AUTH=LOGIN
X-QUOTA=STORAGE X-QUOTA=MESSAGE X-QUOTA=X-ANNOTATION-STORAGE
X-QUOTA=X-NUM-FOLDERS IDLE"
  04:04.80 > LKDC17 NOOP
  04:04.80 < LKDC17 OK Completed
  04:04.80      matched r'(?P<tag>LKDC\d+) (?P<type>[A-Z]+)
(?P<data>.*)' => ('LKDC17', 'OK', 'Completed')
2014-06-30 18:04:04,809 pykolab.imap DEBUG [8229]: Reusing existing IMAP
server connection to localhost
  04:04.81 > LKDC18 LIST "" "user/prova. a astrofilitrentini.it"
  04:04.83 < LKDC18 OK Completed (0.000 secs)
  04:04.83      matched r'(?P<tag>LKDC\d+) (?P<type>[A-Z]+)
(?P<data>.*)' => ('LKDC18', 'OK', 'Completed (0.000 secs)')
[LIST] No results
2014-06-30 18:04:04,833 pykolab.imap DEBUG [8229]: Looking for folder
'user/prova. a astrofilitrentini.it', we found folders: []
2014-06-30 18:04:04,834 pykolab.imap INFO Creating new mailbox for user
prova. a astrofilitrentini.it
  04:04.83 > LKDC19 CREATE "user/prova. a astrofilitrentini.it"
  04:05.10 < LKDC19 OK Completed
  04:05.10      matched r'(?P<tag>LKDC\d+) (?P<type>[A-Z]+)
(?P<data>.*)' => ('LKDC19', 'OK', 'Completed')
[CREATE user/prova. a astrofilitrentini.it partition=None] OK: Completed
  04:05.10 > LKDC20 LIST "" "user/prova. a astrofilitrentini.it"
  04:05.11 < * LIST (\HasNoChildren) "/" user/prova. a astrofilitrentini.it
  04:05.11      matched r'\* (?P<type>[A-Z-]+)( (?P<data>.*))?' =>
('LIST', ' (\\HasNoChildren) "/" user/prova. a astrofilitrentini.it',
'(\\HasNoChildren) "/" user/prova. a astrofilitrentini.it')
  04:05.11 untagged_responses[LIST] 0 += ["(\HasNoChildren) "/"
user/prova. a astrofilitrentini.it"]
  04:05.11 < LKDC20 OK Completed (0.000 secs 2 calls)
  04:05.11      matched r'(?P<tag>LKDC\d+) (?P<type>[A-Z]+)
(?P<data>.*)' => ('LKDC20', 'OK', 'Completed (0.000 secs 2 calls)')
  04:05.11 untagged_responses[LIST] => ['(\\HasNoChildren) "/"
user/prova. a astrofilitrentini.it']
2014-06-30 18:04:05,115 pykolab.imap DEBUG [8229]: Looking for folder
'user/prova. a astrofilitrentini.it', we found folders:
[u'user/prova. a astrofilitrentini.it']
2014-06-30 18:04:05,115 pykolab.plugins DEBUG [8229]: Executing hook
create_user_folders for plugin defaultfolders
2014-06-30 18:04:05,116 pykolab.imap DEBUG [8229]: Creating additional
folders for user prova. a astrofilitrentini.it
  04:05.22 > GGIB1 AUTHENTICATE PLAIN
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  04:08.49 < GGIB1 NO authentication failure
  04:08.49      matched r'(?P<tag>GGIB\d+) (?P<type>[A-Z]+)
(?P<data>.*)' => ('GGIB1', 'NO', 'authentication failure')
  04:08.49 NO response: authentication failure
[LOGIN_PLAIN cyrus-admin XXXXXXXXXXXX prova. a astrofilitrentini.it] BAD:
authentication failure
2014-06-30 18:04:08,493 pykolab.imap DEBUG [8229]: Waiting for the Cyrus
murder to settle... CYRUSError(16, 'LOGIN_PLAIN', 'authentication failure')
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/pykolab/imap/__init__.py", line
528, in user_mailbox_create_additional_folders
    self.login_plain(admin_login, admin_password, folder)
  File "/usr/lib/python2.7/dist-packages/cyruslib.py", line 430, in
login_plain
    res, msg = self.__docommand("login_plain", username, password, asUser)
  File "/usr/lib/python2.7/dist-packages/cyruslib.py", line 391, in
__docommand
    self.__doexception(function, msg[0], *args)
  File "/usr/lib/python2.7/dist-packages/cyruslib.py", line 359, in
__doexception
    self.__doraise( function.upper(), msg )
  File "/usr/lib/python2.7/dist-packages/cyruslib.py", line 368, in
__doraise
    raise CYRUSError( idError[0], mode, msg )
CYRUSError: (16, 'LOGIN_PLAIN', 'authentication failure')
  04:09.08 > IPCE1 AUTHENTICATE PLAIN
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  04:12.32 < IPCE1 NO authentication failure
  04:12.32      matched r'(?P<tag>IPCE\d+) (?P<type>[A-Z]+)
(?P<data>.*)' => ('IPCE1', 'NO', 'authentication failure')
  04:12.32 NO response: authentication failure
[LOGIN_PLAIN cyrus-admin Cyrus-Admin-14 prova. a astrofilitrentini.it]
BAD: authentication failure


In imap log there is:

un 30 18:04:04 mail ptloader[8353]: starting: ptloader.c,v git2.5+0
Jun 30 18:04:04 mail imaps[8199]: ptload(): bad response from ptloader
server: identifier not found
Jun 30 18:04:04 mail imaps[8199]: ptload completely failed: unable to
canonify identifier: prova. a astrofilitrentini.it
Jun 30 18:04:05 mail imaps[8247]: starttls: TLSv1.2 with cipher
DHE-RSA-AES256-GCM-SHA384 (256/256 bits new) no authentication

So it seems that Cyrus cannot login to new user if domain is not the
primary.


-- 
ing. Andrea Gelpi
***************************************************
La Terra non la abbiamo ereditata dai nostri avi,
ma la abbiamo presa in prestito dai nostri bambini.
***************************************************
We do not inherit the Earth from our parents,
but borrow it from our children.
***************************************************

More information about the users mailing list