Kolab 3.4 on CentOS 6.6 (ptload completely failed)
signaldeveloper at gmail.com
signaldeveloper at gmail.com
Wed Sep 23 00:49:20 CEST 2015
Andrea,
Don't turn off ptloader it's needed in many functions. I've seen this issue before so many times and it always seems to be a syntax problem with primary_mail...
Try running your python and see what it outputs. Are you getting a "bad user ID" and it says an email address didn't auth? Post that entry. That will help us diagnose.
- Paul
> On Sep 22, 2015, at 7:16 AM, Soliva Andrea <soliva at comcept.ch> wrote:
>
> Hi
>
> ok now it works....I disabled canonification and disabled ptloader and all works as desigend. Below again a Output of the debug after creation of the user if canonification is enabled as ptloader is running. The issue is clearly that the ptloader receives no information data back from dirsrv and from this no Mailbox will be created etc. Authentication test works for the user (see below). In pykolab.log even debug is enable absolutly no error etc. I do not understand it. What I do also not understand at the moment is the advantage/disadvantage of cononification disable/enable and using ptloader or not. I confiused.....! I do not see any performance Impact by not using ptloader etc. in both cases using memcached or not memcached (db mysql). Any hints on this...?
>
> ==> /var/log/imapd/imapd.log <==
> Sep 22 10:03:05 kolab imap/imaps[24421]: ptload(): pinging ptloader
> Sep 22 10:03:05 kolab imap/imaps[24421]: connected with no delay
> Sep 22 10:03:05 kolab imap/imaps[24421]: ptload(): connected
> Sep 22 10:03:05 kolab imap/imaps[24421]: timeout_select: sock = 16, rp = 0x0, wp = 0xbfd472c8, sec = 30
> Sep 22 10:03:05 kolab imap/ptloader[24784]: accepted connection
> Sep 22 10:03:05 kolab imap/imaps[24421]: timeout_select exiting. r = 1; errno = 2
> Sep 22 10:03:05 kolab imap/imaps[24421]: ptload sent data
> Sep 22 10:03:05 kolab imap/imaps[24421]: timeout_select: sock = 16, rp = 0xbfd47348, wp = 0x0, sec = 30
> Sep 22 10:03:05 kolab imap/ptloader[24784]: Attempting to get domain for deaduser at domain.ch from cn=kolab,cn=config
> Sep 22 10:03:05 kolab imap/ptloader[24784]: Domain filter: (&(objectclass=domainrelatedobject)(associateddomain=domain.ch))
> Sep 22 10:03:05 kolab imap/ptloader[24784]: Domain domain.ch is an alias domain for parent domain domain.ch
> Sep 22 10:03:05 kolab imap/ptloader[24784]: ptsmodule_standard_root_dn called for domain domain.ch
> Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now
> Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now ,dc=
> Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now ,dc=domain
> Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now ,dc=domain
> Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now ,dc=domain,dc=
> Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now ,dc=domain,dc=ch
> Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now ,dc=domain,dc=ch
> Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now dc=domain,dc=ch
> Sep 22 10:03:05 kolab imap/ptloader[24784]: Continuing with ptsm->base: dc=domain,dc=ch
> Sep 22 10:03:05 kolab imap/imaps[24421]: timeout_select exiting. r = 1; errno = 2
> Sep 22 10:03:05 kolab imap/imaps[24421]: ptload read data back
> Sep 22 10:03:05 kolab imap/imaps[24421]: ptload(): empty response from ptloader server
> Sep 22 10:03:05 kolab imap/imaps[24421]: No data available at all from ptload()
> Sep 22 10:03:05 kolab imap/imaps[24421]: ptload completely failed: unable to canonify identifier: deaduser at domain.ch
> Sep 22 10:03:05 kolab imap/imaps[24421]: SASL bad userid authenticated
> Sep 22 10:03:05 kolab imap/imaps[24421]: badlogin: kolab [127.0.0.1] PLAIN [SASL(-13): authentication failure: bad userid authenticated]
>
> ==> /var/log/postfix/postfix.log <==
> Sep 22 10:03:05 kolab imap/master[23912]: process type:SERVICE name:ptloader path:/usr/lib/cyrus-imapd/ptloader age:3.776s pid:24784 signaled to death by signal 6 (Aborted)
> Sep 22 10:03:05 kolab imap/master[23912]: service ptloader/unix pid 24784 in READY state: terminated abnormally
> Sep 22 10:03:05 kolab imap/master[23912]: too many failures for service ptloader/unix, disabling until next SIGHUP
>
> ==> /var/log/messages <==
> Sep 22 10:03:09 kolab imap/imaps[23925]: ptload(): can't connect to ptloader server: Connection refused
> Sep 22 10:03:09 kolab imap/imaps[23925]: ptload completely failed: unable to canonify identifier: deaduser at domain.ch
> Sep 22 10:03:09 kolab imap/imaps[23925]: SASL bad userid authenticated
>
> ==> /var/log/imapd/imapd.log <==
> Sep 22 10:03:09 kolab imap/imaps[23925]: accepted connection
> Sep 22 10:03:09 kolab imap/imaps[23925]: SSL_accept() incomplete -> wait
> Sep 22 10:03:09 kolab imap/imaps[23925]: SSL_accept() succeeded -> done
> Sep 22 10:03:09 kolab imap/imaps[23925]: starttls: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits new) no authentication
> Sep 22 10:03:09 kolab imap/imaps[23925]: ptload(): fetched cache record (cyrus-admin)(mark 1442905202, current 1442908989, limit 1442898189)
> Sep 22 10:03:09 kolab imap/imaps[23925]: ptload returning data
> Sep 22 10:03:09 kolab imap/imaps[23925]: canonified cyrus-admin -> cyrus-admin
> Sep 22 10:03:09 kolab imap/imaps[23925]: ptload(): pinging ptloader
> Sep 22 10:03:09 kolab imap/imaps[23925]: ptload(): can't connect to ptloader server: Connection refused
> Sep 22 10:03:09 kolab imap/imaps[23925]: No data available at all from ptload()
> Sep 22 10:03:09 kolab imap/imaps[23925]: ptload completely failed: unable to canonify identifier: deaduser at domain.ch
> Sep 22 10:03:09 kolab imap/imaps[23925]: SASL bad userid authenticated
> Sep 22 10:03:09 kolab imap/imaps[23925]: badlogin: kolab [127.0.0.1] PLAIN [SASL(-13): authentication failure: bad userid authenticated]
>
>
> # testsaslauthd -u deaduser at domain.ch -p ********
> 0: OK "Success."
>
> ---
> Kind regards
>
> Andrea
>
> Email: andrea.soliva at comcept.ch
>
> Am 22-09-2015 00:49, schrieb signaldeveloper at gmail.com:
>> Andrea,
>> Do you have canonification on or off? I had a similar issue. Note that
>> when you create a user on kolab web admin you may need to wait for up
>> to 30 seconds for it to be created fully. If you log in too fast it
>> will give you this error. Watch maillog as soon as you create a user
>> and you'll see what I mean. Take a minute sometimes.
>> Otherwise I would run testsaslauth commands (can't think of them off
>> the top of my head) and see if you can log in. What's your pykolab log
>> say? If your SASL fails (which it is showing it is) then it won't be
>> created in IMAP. Again try running the test sasl commands and see if
>> you can log in with the user.
>> Depending on your canonification I would also try logging in with both
>> the FULL email and the name to see what happens.
>> In kolab conf ensure your Python is correct for primary_mail as if you
>> change this it will cause problems. Kolab doesn't accept the general
>> python syntax.
>> - Paul
>>> On Sep 21, 2015, at 4:46 PM, Soliva Andrea <soliva at comcept.ch> wrote:
>>> Hi all
>>> after several hours debugging and looking to this issue I do not have anymore any ideas how to proceed:
>>> I have a installation with 5 main Domains and 1 domain with a associated domain. For this installation I have created in the last two month about 25 users without any problems. I was in the last two weeks in holidays from this point of view it did not change anyhting on the config :-) Specially one domain was new created as the users before I left to holidays. All is working fine also for the domain for the users created before leaving to holidays. From this point of view it can be actually not a config issue because as mentioned for all existing user absolutly no problems for connection and authentication.
>>> Today I created a new main domain as one user for this domain. The domain was created in dirsrv without any Errors (debug). Actually the user was also created in dirsrv but the mailbox etc could not be created. In a later phase I saw in debug the reason which means:
>>> Even all other users can be verified as the Domains for this specific Domain as user ptload gets no data back from dirsrv!
>>> the debug of dirsrv Shows to 100% that the search for the new Domain is successful (canonify) but it shows also "not data back" message from ptload which means for some reason ptload can not get from dirsrv for this particular domain as this user any Information. This will be also shown in the logs with:
>>> ==> /var/log/imapd/imapd.log <==
>>> Sep 21 21:58:26 kolab imap/imaps[12877]: accepted connection
>>> Sep 21 21:58:26 kolab imap/imaps[12877]: SSL_accept() incomplete -> wait
>>> Sep 21 21:58:26 kolab imap/imaps[12877]: SSL_accept() succeeded -> done
>>> Sep 21 21:58:26 kolab imap/imaps[12877]: starttls: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits new) no authentication
>>> Sep 21 21:58:26 kolab imap/imaps[12877]: ptload(): fetched cache record (cyrus-admin)(mark 1442861102, current 1442865506, limit 1442854706)
>>> Sep 21 21:58:26 kolab imap/imaps[12877]: ptload returning data
>>> Sep 21 21:58:26 kolab imap/imaps[12877]: canonified cyrus-admin -> cyrus-admin
>>> Sep 21 21:58:27 kolab imap/imaps[12877]: ptload(): pinging ptloader
>>> Sep 21 21:58:27 kolab imap/imaps[12877]: ptload(): can't connect to ptloader server: Connection refused
>>> Sep 21 21:58:27 kolab imap/imaps[12877]: No data available at all from ptload()
>>> Sep 21 21:58:27 kolab imap/imaps[12877]: ptload completely failed: unable to canonify identifier: deaduser at domain.ch
>>> Sep 21 21:58:27 kolab imap/imaps[12877]: SASL bad userid authenticated
>>> Sep 21 21:58:27 kolab imap/imaps[12877]: badlogin: kolab [127.0.0.1] PLAIN [SASL(-13): authentication failure: bad userid authenticated]
>>> Sep 21 21:58:27 kolab imap/imap[12577]: accepted connection
>>> Sep 21 21:58:27 kolab imap/imap[12577]: TLS Server Name Indication (SNI) Extension: "localhost"
>>> Again to have no misunderstanding: it Looks like ptloader can not connect but for all other Domains as users no Problems works. As soon as this happens to often the ptloader goes to a Segmentation fault which is shown under dmesg. But even this happens all other user can connect without Problems!
>>> I saw on the list some old messages pointing to the same issue which should happen from time to time which means that this happens always. The orkaround which is listed in this message is following as to reach the goal to clean up the new domain and user to beginn from scratch:
>>> # service kolabd stop
>>> Delete User from LDAP:
>>> # /usr/lib/mozldap/ldapdelete -D cn="Directory Manager" -w [Your Password] uid=deaduser,ou=People,dc=domain,dc=ch
>>> Delete IMAP Mailbox (even this is not existing):
>>> # kolab dm user/deaduser at domain.ch
>>> # service cyrus-imapd stop
>>> # pkill idled
>>> # service cyrus-imapd start
>>> # service kolabd start
>>> Clean-Up all DELETED stuff (carefull alsl DELETED marked stuff as deleted Messages etc will be removed):
>>> # /usr/lib/cyrus-imapd/cyr_expire -D 0 -E 0 -X 0
>>> Delete new created Domain:
>>> # cd /usr/share/kolab-webadmin/lib/
>>> # /usr/bin/php domain_delete.php
>>> I tried several times also with restarting all Services etc. but no success. I have no more ideas how to proceed with this new Domain and/or user to get it working!
>>> Any help really appriciated!
>>> --
>>> Kind regards
>>> Andrea
>>> Email: andrea.soliva at comcept.ch
>>> _______________________________________________
>>> users mailing list
>>> users at lists.kolab.org
>>> https://lists.kolab.org/mailman/listinfo/users
> _______________________________________________
> users mailing list
> users at lists.kolab.org
> https://lists.kolab.org/mailman/listinfo/users
More information about the users
mailing list