1 Topic by noxwaste (edited by noxwaste 2019-10-18 05:53:18)

  • noxwaste
  • Member
  • Offline
  • Registered: 2019-10-18
  • Posts: 3

Topic: Issue logging into SOGo and iRedAdmin with LDAP

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9 OPENLDAP edition
- Deployed with iRedMail Easy or the downloadable installer? Downloadable
- Linux/BSD distribution name and version: Debian 9 Stretch
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP (tied to Active Directory)
- Web server (Apache or Nginx): Default that's shipped with iRedMail (Nginx)
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Our users can login to Roundcube web without any issues. We can send/receive e-mail to each other just fine (this isn't a public mail server just yet, but will be). No other issues that I can tell right off the bat other than I cannot login to SOGo or iRedAdmin on the web at all using my e-mail credentials.

When I try and login to SOGo, I get the following error:

Oct 17 15:55:10 sogod [6314]: |SOGo| starting method 'POST' on uri '/SOGo/connect'
Oct 17 15:55:10 sogod [6314]: <0x0x55dbd94da0f0[NGLdapConnection]> Using ldap_initialize for LDAP URL: ldap://127.0.0.1:389
Oct 17 15:55:10 sogod [6314]: <0x0x55dbd90dc9f0[NGLdapConnection]> Using ldap_initialize for LDAP URL: ldap://127.0.0.1:389
Oct 17 15:55:10 sogod [6314]: [ERROR] <0x0x55dbd93f5d30[LDAPSource]> Could not bind to the LDAP server ldap://127.0.0.1:389 (389) using the bind DN: cn=vmail,DC=company,DC=com
Oct 17 15:55:10 sogod [6314]: [ERROR] <0x0x55dbd93f5d30[LDAPSource]> <NSException: 0x55dbd91f1560> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{"error_code" = 49; login = "cn=vmail,DC=company,DC=com"; }
Oct 17 15:55:10 sogod [6314]: SOGoRootPage Login from '192.168.1.209, 192.168.0.9' for user 'myusername@company.com' might not have worked - password policy: 65535  grace: -1  expire: -1  bound: 0
Oct 17 15:55:10 sogod [6314]: |SOGo| request took 0.006071 seconds to execute
Oct 17 15:55:10 sogod [6314]: 192.168.1.209, 192.168.0.9 "POST /SOGo/connect HTTP/1.0" 403 34/80 0.007 - - 940K

I'm not entirely sure where to look for the iRedAdmin log. I also cannot login to SOGo with the default "postmaster@company.com" account. This is a completely default install, other than me going through and setting up the LDAP information.

I should also mention that this is, of course, not allowing us to create the accounts in Microsoft Office 2016 (same sort of error saying that the username/password isn't correct), even though we can login to RoundCube without any problems.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by noxwaste

  • noxwaste
  • Member
  • Offline
  • Registered: 2019-10-18
  • Posts: 3

Re: Issue logging into SOGo and iRedAdmin with LDAP

So after messing around with the configuration for SOGo and modifying the LDAP connection stuff (bind DN, password, etc), I am still unable to login, however now the error message has slightly changed:

Oct 17 16:35:02 sogod [16837]: <0x0x55f13e493ac0[NGLdapConnection]> Using ldap_initialize for LDAP URL: ldap://company.com:389
Oct 17 16:35:02 sogod [16837]: <0x0x55f13e573530[NGLdapConnection]> Using ldap_initialize for LDAP URL: ldap://company.com:389
2019-10-17 16:35:02.778 sogod[16837:16837] -[NGLdapConnection _searchAtBaseDN:qualifier:attributes:scope:]: search at base '' filter '(objectClass=*)' for attrs 'subschemaSubentry'
2019-10-17 16:35:02.779 sogod[16837:16837] -[NGLdapConnection _searchAtBaseDN:qualifier:attributes:scope:]: search at base 'CN=Aggregate,CN=Schema,CN=Configuration,DC=company,DC=com' filter '(objectClass=*)' for attrs 'objectclasses'
2019-10-17 16:35:02.799 sogod[16837:16837] -[NGLdapConnection _searchAtBaseDN:qualifier:attributes:scope:]: search at base 'o=domains,dc=company,dc=com' filter '(&(mail=myusername@company.com)(objectClass=user))' for attrs 'dn'
Oct 17 16:35:02 sogod [16837]: SOGoRootPage Login from '192.168.1.209, 192.168.0.9' for user 'myusername@company.com' might not have worked - password policy: 65535  grace: -1  expire: -1  bound: 0
Oct 17 16:35:02 sogod [16837]: |SOGo| request took 0.031888 seconds to execute
Oct 17 16:35:02 sogod [16837]: 192.168.1.209, 192.168.0.9 "POST /SOGo/connect HTTP/1.0" 403 34/80 0.034 - - 1M

I know for a fact the password is good because it is the same password I use all the time. I also modified the filter to be just "objetclass=User" since it was trying to pull Exchange-related information (I think) and we, of course, do not have an Exchange server installed.

Am I getting closer? Or still way far off?

3 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,792

Re: Issue logging into SOGo and iRedAdmin with LDAP

Are you integrating iRedMail with Microsoft AD? iRedAdmin(-Pro) doesn't work with AD.

4 Reply by noxwaste

  • noxwaste
  • Member
  • Offline
  • Registered: 2019-10-18
  • Posts: 3

Re: Issue logging into SOGo and iRedAdmin with LDAP

ZhangHuangbin wrote:

Are you integrating iRedMail with Microsoft AD? iRedAdmin(-Pro) doesn't work with AD.

Yes I am. I'm not much concerned about iRedAdmin as I am with SOGo.

5 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,792

Re: Issue logging into SOGo and iRedAdmin with LDAP

I didn't test SOGo with AD yet, you have to try it yourself and maybe share your (SOGo) integration configuration?
We miss that part in our document: https://docs.iredmail.org/active.directory.html