Can login without Password

[tmueko]

I have a very strange Problem: I can login throug the web interface without a password.
The ist one account where I can't log in (not even with the right password).

I don't use this "/webmail/?username=xxx&password=yyy" url

We use RHEL5 und just updated to 11.4.2 a week ago.

PS: I allready did omscan an a lot of other things mentioned here:-(

[schmoe90]

SWA can be set to auto-login...

[tmueko]

I just upgraded to 11.4.3: Still the same Problem. How do I disable this "auto login" (ab how was it enabled).

I Just checked /sac: I can even login as sxadmin with a wrong password
What is going wrong here?

[PrisonMind]

you can set this in

/etc/opt/scalix/webmail/swa.properties

swa.system.hasAutoLogin.

or for the user they can do this with
Login to SWA. Then click on Tools -> Options. In the new window, click General on the left, then check "Auto Log In"

i have no idea how this scalix do this, but i think they use the local cache...
i would clean my local browser cache in your issue...

[tmueko]

I think our problem is not that simple:

- There is one account where I can't login throug webmail not with url "webmail/?username=name@domain&password=xxx" nor by filling out the Webform.

- All other accounts can login with a wrong or empty password.

- I clear the cache, I changed between Firefox 2 and 3. I tested from another machine.

- I just noticed this: I can even login by Imap with a wrong password!

- I created a new account: same Problem with the new account.

- When I use omread, I must give the right password.

So this is the wrong group What to do?

[Valerion]

Your IMAP PAM file may be incorrect and not actually enforcing a password. Verify /var/opt/scalix/??/s/sys/pam.d has all the files correctly done. If omlogon works fine, you can use ual.local as a reference. Look at ual.remote specifically.

[tmueko]

Your IMAP PAM file may be incorrect and not actually enforcing a password. Verify /var/opt/scalix/??/s/sys/pam.d has all the files correctly done. If omlogon works fine, you can use ual.local as a reference. Look at ual.remote specifically.

Okey, It looks as somebody implemented a timebomb im pam.d.
I removed everything in /var/opt/scalix/ge/s/sys/pam.d and copied the contentd from /opt/scalix/template/release.sys/pam.d/

Now there is jut the one account which can't login via swa. This seemse to be a problem with that account. How kan I check this?

(Or better close this thread und open a new one with a better subject?)

[Valerion]

Can you log in via omlogon? If you can, check the user's allowed to use SWA in the SAC. Also check with another IMAP client maybe.

It may also be that the account has got issues. omcscan it, change the password and see if it works. If not, it's possible you may have to delete and re-create it (see sxmboximp/sxmboxexp for backups).

[tmueko]

omlogon is working.
swa is enabled (when i disable it i get the message that swa was disabled)

Next trick is backup the account, delete it, rerceate it, restore it?

[Valerion]

First change the password and retest. Then check the logs and do a integrity scan. omshowlog and the tomcat logs in /var/opt/scalix/??/tomcat/logs. If none of these give you an indication, you may need to delete and recreate.

[tmueko]

I did a lot of "omcheck" "omscan" with no effect.

I raised log level in /var/opt/scalix/ge/webmail/log4j.properties to "INFO"

and got this logfile: /var/opt/scalix/ge/tomcat/logs/scalix-swa-activity.log

Code: Select all

2009-01-20 12:07:45,348  INFO [Authenticate.init:169] AUTH - session: Ox5f776e7f75353a303f2e342e222f2b2d2e262709, user: xx@xxx.xx - authenticating user against mail service.
2009-01-20 12:07:45,466  INFO [Authenticate.init:278] AUTH - session: Ox5f776e7f75353a303f2e342e222f2b2d2e262709, user: xx@xxx.xx - authentication failed: Ungültiger Benutzername


So it says "unknown username" which is <nam>@<domain>. When I used omlogon i took the long name ...
What next?