access privat address book returns a error!

[stony007_de]

hey scalix folk!

i run SX11.3.0 Ent. with AD sync.

Some of my "standard user" add address´s to their private contact-folder.

If a new mail is created, they want to access the contact folder to select the aim contact.
In standard config, the global system address book will be shown.
if i select in "Search in" --> "Contacts" i get a error.

like "...an error accoured.... .. contact your admin.."


where is my error?
what can i do?

[ltward]

Does this affect EVERY user, or just one or two?
That will help determine whether the problem is with the user account(s) or with the Scalix system.

If the problem is just with one account, go to their user folder (omshowu -f to find where their user folder is) and check the ownership/permissions of the 0000003 file. It should be 660 scalix:scalix

Have you checked your event log (omshowlog) and catalina.out (/var/opt/scalix/??/tomcat/logs/catalina.out) right after this error is displayed?

[stony007_de]

it effect every user!

i have checked the permission on the 0000003 user file. -->

Code: Select all

-rw-rw----  1 scalix scalix 2567424 May 29 12:23 0000003

i think it´s ok!
i have test it with the sxadmin user --> he can see his private contats in the folder!
the omshowlog and the catalina.out doesn´t show any error for this event!

i think, the direction of a permission error is right! but which persmission missing

EDIT

an other fact:
my users will be add in scalix with the omldapsync!
if i add a user with the sac, the access to the contacts are ok!
??a missing group???

[stony007_de]

no more ideas???

i have foud!

if a user is created by omldapsync --> no scalix userpassword will be set!
in my case, the auth will provided over krb5!

if the the status of the passwort =

Code: Select all

"Password : set"

the addressbook run´s fine.

if the status =

Code: Select all

"Password : unset"

the error apperas.

what can i done to set the local passort for the "importred" user??

[sla]

You need to configure scalix to use kerberos for the authentication. To do this edit the file /var/opt/scalix/??/?/sys/pam.d/omslapdeng

This is what omsldapeng looks here:

Code: Select all

auth   sufficient om_auth nullok
auth   sufficient om_krb5 use_first_pass
auth   required pam_deny
account  required om_auth


--
sven

[stony007_de]

great that looks fine!

it works!!!

thank you!!!

[tsanchez88]

This fixed my issue with a garbled personal address book when using Active Directory to authenticate users. Just to make sure people find it in the future thought I'd post some keywords and a couple of fixes to this problem.

error = "An error has occurred. Contact your *garbled* administrator if the problem persists. #AS020"

Personal Address Book requires the above change plus make sure your swa.properites is correctly setup:

swa.ldap.2.type=personal
swa.ldap.2.server=%h
swa.ldap.2.port=389
swa.ldap.2.baseDN=o=MyContacts
swa.ldap.2.displayName.resourceID=addressbooksearch_title_personal
swa.ldap.2.displayName.resourceLabel=Personal Contacts
swa.ldap.2.authType=simple
swa.ldap.2.bindDN=rfc822mailbox=%u
swa.ldap.2.filter=(&(!(omExCdaDirectory=*))(|(&(cn=%s*)(|(mail=*)(304=4)))(&(sn=%s*)(mail=*))(&(gn=%s*)(mail=*))(mail=%s*)(&(omalias=%s*)(mail=*))))
swa.ldap.2.timeout=100000

If you see this with your Global Address Book the fix would be different

edit: /var/opt/scalix/s?/webmail/swa.properties

by changing
swa.ldap.1.authType=simple

to
swa.ldap.1.authType=none