Login Failed

Franz Skale i.bin at dah.am
Sat Apr 11 10:11:58 CEST 2015



Hi,
i don't think, that you use the right mirror.
Kolab 3.4 depends on cyrus 2.5 features.
Check the kolab.org wiki for how to setup package repo and general setup.
Also i think, you have client certs enabled in cyrus.
tls_server_cert and tls_server_key (version 2.5) are sufficient for SSL
setup.
The cert must contain the ca cert and intermediate certs.


Rgds.

Franz
Am 10.04.15 um 21:29 schrieb Hector Tapia:
> All,
>
> I was recently testing out Kolab 3.4  on Centos 7 with a lot of
> success.  During testing I upgraded to Centos 7.1 and also applied the
> Roundcube updates that recently appeared in the Kolab 3.4 repo.
> Everything worked great, so I decided to wipe the server and start
> with a fresh install of everything in preparation for a demo.  I
> immediately had problems with Cyrus-IMAP not starting due to a sieve
> extension issue that was resolved in another thread.
>
> Unfortunately, I can't log into roundcube now.  I tried changing
> passwords and creating new users, but they all fail.  
>
> This is what I see in cat /var/log/roundcubemail/errors:
>
> [10-Apr-2015 13:40:44,000000 -0400]: <cukd2rcp> IMAP Error: Login
> failed for test.user at example.com from ###.###.###.###. LOGIN: Login
> only available under a layer in
> /usr/share/roundcubemail/program/lib/Roundcube/rcube_imap.php on line
> 198 (POST /roundcubemail/?_task=login?_task=login&_action=login)
>
> I used "kolab lm" to see if the mailbox had been created, but the
> command just hangs until I press control-c at which point I get this:
>
> 2015-04-10 13:44:15,274 pykolab.imap WARNING Could not connect to
> Cyrus IMAP server 'imaps://localhost:993'
>
> I used the command, "nmap -sT -O localhost" to confirm that 993/tcp is
> open.
>
> Here is the output from "systemctl -l status cyrus-imapd":
>
> cyrus-imapd.service - Cyrus-imapd IMAP/POP3 email server
>    Loaded: loaded (/usr/lib/systemd/system/cyrus-imapd.service; enabled)
>    Active: active (running) since Fri 2015-04-10 10:25:34 EDT; 4h
> 42min ago
>   Process: 1108 ExecStartPre=/usr/lib/cyrus-imapd/cyr_systemd_helper
> start (code=exited, status=0/SUCCESS)
>  Main PID: 3944 (cyrus-master)
>    CGroup: /system.slice/cyrus-imapd.service
>            ├─ 3944 /usr/lib/cyrus-imapd/cyrus-master
>            ├─ 4002 idled
>            ├─ 4008 lmtpd
>            ├─ 4009 notifyd
>            ├─ 4012 pop3d
>            ├─ 4017 pop3d
>            ├─ 4018 imapd
>            ├─ 4019 pop3d
>            ├─ 4023 pop3d
>            ├─ 4028 imapd
>            ├─ 4073 imapd
>            ├─ 4690 pop3d
>            ├─ 4691 imapd
>            ├─ 7601 imapd
>            ├─ 7603 pop3d
>            ├─ 7632 imapd
>            ├─ 7634 ptloader
>            ├─12239 imapd
>            ├─12987 imapd
>            ├─16995 imapd
>            ├─25250 [imapd]
>            ├─25253 pop3d -s
>            ├─25255 imapd -s
>            └─30509 imapd
>
> Apr 10 15:08:06 host.exmple.com pop3s[25241]: pop3s: required OpenSSL
> options not present
> Apr 10 15:08:06 host.exmple.com imaps[25242]: imaps: required OpenSSL
> options not present
> Apr 10 15:08:06 host.exmple.com pop3s[25243]: pop3s: required OpenSSL
> options not present
> Apr 10 15:08:06 host.exmple.com pop3s[25245]: pop3s: required OpenSSL
> options not present
> Apr 10 15:08:06 host.exmple.com imaps[25246]: imaps: required OpenSSL
> options not present
> Apr 10 15:08:06 host.exmple.com pop3s[25247]: pop3s: required OpenSSL
> options not present
> Apr 10 15:08:06 host.exmple.com imaps[25251]: imaps: required OpenSSL
> options not present
> Apr 10 15:08:06 host.exmple.com imaps[25251]: Fatal error: imaps:
> required OpenSSL options not present
> Apr 10 15:08:06 host.exmple.com imaps[25250]: imaps: required OpenSSL
> options not present
> Apr 10 15:08:06 host.exmple.com imaps[25250]: Fatal error: imaps:
> required OpenSSL options not present
>
> Here is the output for "rpm -qa | grep openssl":
>
> openssl-libs-1.0.1e-42.el7.4.x86_64
> openssl-1.0.1e-42.el7.4.x86_64
>
> Here is the output for "rpm -qa | grep cyrus":
>
> cyrus-sasl-plain-2.1.26-17.el7.x86_64
> cyrus-sasl-lib-2.1.26-17.el7.x86_64
> cyrus-imapd-utils-2.4.17-8.el7_1.x86_64
> cyrus-sasl-2.1.26-17.el7.x86_64
> cyrus-sasl-md5-2.1.26-17.el7.x86_64
> cyrus-imapd-2.4.17-8.el7_1.x86_64
> cyrus-sasl-gssapi-2.1.26-17.el7.x86_64
>
> Finally, here is the output for "rpm -qa | grep php":
>
> php-ldap-5.4.16-23.el7_0.3.x86_64
> php-kolabformat-1.1.git.1422810799-29.1.el7.kolab_3.4.x86_64
> php-pear-Auth-SASL-1.0.6-5.el7.noarch
> php-Net-LDAP3-1.0.2-2.1.el7.kolab_3.4.noarch
> php-pear-HTTP-Request2-2.2.1-1.el7.noarch
> php-pear-DB-1.7.14-6.el7.noarch
> php-pear-MDB2-Driver-mysqli-1.5.0-0.8.b4.el7.noarch
> php-ZendFramework-1.12.5-11.1.el7.kolab_3.4.noarch
> php-mbstring-5.4.16-23.el7_0.3.x86_64
> php-cli-5.4.16-23.el7_0.3.x86_64
> php-pear-Net-Socket-1.0.14-1.el7.noarch
> php-pear-Net-LDAP2-2.0.12-20.1.el7.kolab_3.4.noarch
> php-pear-Net-URL2-2.1.1-1.el7.noarch
> php-pear-Net-Sieve-1.3.4-1.el7.noarch
> php-mysql-5.4.16-23.el7_0.3.x86_64
> php-bcmath-5.4.16-23.el7_0.3.x86_64
> php-common-5.4.16-23.el7_0.3.x86_64
> php-Smarty-3.1.21-1.el7.noarch
> php-pear-1.9.4-21.el7.noarch
> php-pear-Mail-Mime-1.8.9-1.el7.noarch
> php-pear-Net-IDNA2-0.1.1-10.el7.noarch
> php-pear-Mail-1.2.0-7.el7.noarch
> php-pdo-5.4.16-23.el7_0.3.x86_64
> php-kolab-0.6.0-3.el7.kolab_3.4.x86_64
> php-mcrypt-5.4.16-3.el7.x86_64
> php-xml-5.4.16-23.el7_0.3.x86_64
> php-process-5.4.16-23.el7_0.3.x86_64
> php-pear-Net-SMTP-1.6.2-1.el7.noarch
> php-pear-MDB2-2.5.0-0.9.b5.el7.noarch
> php-pear-Mail-mimeDecode-1.5.5-7.el7.noarch
> php-5.4.16-23.el7_0.3.x86_64
> php-gd-5.4.16-23.el7_0.3.x86_64
>
> I'm also going to list the content of my /etc/imap.conf:
>
> configdirectory: /var/lib/imap
> partition-default: /var/spool/imap
> admins: cyrus-admin
> sievedir: /var/lib/imap/sieve
> sendmail: /usr/sbin/sendmail
> sasl_pwcheck_method: auxprop saslauthd
> sasl_mech_list: PLAIN LOGIN
> allowplaintext: no
> tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.pem
> tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd.pem
> # uncomment this if you're operating in a DSCP environment (RFC-4594)
> # qosmarking: af13
> auth_mech: pts
> pts_module: ldap
> ldap_servers: ldap://localhost:389
> ldap_sasl: 0
> ldap_base: dc=example,dc=com
> ldap_bind_dn: uid=kolab-service,ou=Special Users,dc=example,dc=com
> ldap_password: xxx
> ldap_filter:
> (|(&(|(uid=cyrus-admin)(uid=cyrus-murder))(uid=%U))(&(|(uid=%U)(mail=%U@%d)(mail=%U@%r))(objectclass=kolabinetorgperson)))
> ldap_user_attribute: mail
> ldap_group_base: dc=example,dc=com
> ldap_group_filter:
> (&(cn=%u)(objectclass=ldapsubentry)(objectclass=nsroledefinition))
> ldap_group_scope: one
> ldap_member_base: ou=People,dc=example,dc=com
> ldap_member_method: attribute
> ldap_member_attribute: nsrole
> ldap_restart: 1
> ldap_timeout: 10
> ldap_time_limit: 10
> unixhierarchysep: 1
> virtdomains: userid
> annotation_definitions: /etc/imapd.annotations.conf
> sieve_extensions: fileinto reject envelope body vacation imapflags
> notify include regex subaddress relational copy
> allowallsubscribe: 0
> allowusermoves: 1
> altnamespace: 1
> hashimapspool: 1
> anysievefolder: 1
> fulldirhash: 0
> sieveusehomedir: 0
> sieve_allowreferrals: 0
> lmtp_downcase_rcpt: 1
> lmtp_fuzzy_mailbox_match: 1
> username_tolower: 1
> deletedprefix: DELETED
> delete_mode: delayed
> expunge_mode: delayed
> postuser: shared
>
> Am I missing an openssl package or is their something in a config file
> that I should change?
>
> Thanks!
>
> Hector
>
>
> _______________________________________________
> users mailing list
> users at lists.kolab.org
> https://lists.kolab.org/mailman/listinfo/users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kolab.org/pipermail/users/attachments/20150411/b9da583d/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4254 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.kolab.org/pipermail/users/attachments/20150411/b9da583d/attachment-0001.p7s>


More information about the users mailing list