Hi all
I have Scalix 11.1 installed. I first set it up to use OpenLDAP for authentication, created an account in Scalix and was able to logon using OpenLDAP for the password. I then took the next step of syncing the OpenLDAP database to Scalix. After a little mucking about and following guides in the forum, I got that working also. I have all the accounts I wish populated in the Scalix directory, options greyed out and therefore managed by OpenLDAP.
Problem now, is when I try to logon to SWA, I get "The username or password is incorrect. Note that passwords are case sensitive. Try again". The OpenLDAP logs seems to indicate that The logon part there is working, reporting correctly when I do put in an incorrect password, but with a correct password something strange is returned (at least to me): See logs. This occurs whether I am using an OpenLDAP account or the sxadmin account. However, the sxadmin sucessfully logons to the sac.
Please see the OpenLDAP log for an incorrect password entry, a correct password entry and also the scalix-swa-activity.log. Should there be other logs I'm looking at too?
Incorrect Password
Aug 1 15:57:40 management slapd[24325]: conn=2223 fd=35 ACCEPT from IP=192.168.1.15:34321 (IP=0.0.0.0:389)
Aug 1 15:57:40 management slapd[24325]: conn=2223 op=0 STARTTLS
Aug 1 15:57:40 management slapd[24325]: conn=2223 op=0 RESULT oid= err=0 text=
Aug 1 15:57:40 management slapd[24325]: conn=2223 fd=35 TLS established tls_ssf=256 ssf=256
Aug 1 15:57:40 management slapd[24325]: conn=2223 op=1 BIND dn="" method=128
Aug 1 15:57:40 management slapd[24325]: conn=2223 op=1 RESULT tag=97 err=0 text=
Aug 1 15:57:40 management slapd[24325]: conn=2223 op=2 SRCH base="ou=Users,dc=airspeed,dc=local" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=ptuite))"
Aug 1 15:57:40 management slapd[24325]: conn=2223 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text=
Aug 1 15:57:40 management slapd[24325]: conn=2223 op=3 BIND dn="uid=ptuite,ou=Users,dc=airspeed,dc=local" method=128
Aug 1 15:57:40 management slapd[24325]: conn=2223 op=3 RESULT tag=97 err=49 text=
Aug 1 15:57:40 management in.imap41d: pam_ldap: error trying to bind as user "uid=ptuite,ou=Users,dc=airspeed,dc=local" (Invalid credentials)
Correct Password
Aug 1 15:55:44 management slapd[24325]: conn=2220 op=0 STARTTLS
Aug 1 15:55:44 management slapd[24325]: conn=2220 op=0 RESULT oid= err=0 text=
Aug 1 15:55:44 management slapd[24325]: conn=2220 fd=35 TLS established tls_ssf=256 ssf=256
Aug 1 15:55:44 management slapd[24325]: conn=2220 op=1 BIND dn="" method=128
Aug 1 15:55:44 management slapd[24325]: conn=2220 op=1 RESULT tag=97 err=0 text=
Aug 1 15:55:44 management slapd[24325]: conn=2220 op=2 SRCH base="ou=Users,dc=airspeed,dc=local" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=ptuite))"
Aug 1 15:55:44 management slapd[24325]: conn=2220 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text=
Aug 1 15:55:44 management slapd[24325]: conn=2220 op=3 BIND dn="uid=ptuite,ou=Users,dc=airspeed,dc=local" method=128
Aug 1 15:55:44 management slapd[24325]: conn=2220 op=3 BIND dn="uid=ptuite,ou=Users,dc=airspeed,dc=local" mech=SIMPLE ssf=0
Aug 1 15:55:44 management slapd[24325]: conn=2220 op=3 RESULT tag=97 err=0 text=
Aug 1 15:55:44 management slapd[24325]: conn=2220 op=4 BIND anonymous mech=implicit ssf=0
Aug 1 15:55:44 management slapd[24325]: conn=2220 op=4 BIND dn="" method=128
Aug 1 15:55:44 management slapd[24325]: conn=2220 op=4 RESULT tag=97 err=0 text=
Aug 1 15:55:44 management slapd[24325]: conn=2220 op=5 UNBIND
Aug 1 15:55:44 management slapd[24325]: conn=2220 fd=35 closed
Aug 1 15:55:44 management slapd[24325]: conn=2221 fd=35 ACCEPT from IP=192.168.1.15:34316 (IP=0.0.0.0:389)
Aug 1 15:55:44 management slapd[24325]: conn=2221 op=0 STARTTLS
Aug 1 15:55:44 management slapd[24325]: conn=2221 op=0 RESULT oid= err=0 text=
Aug 1 15:55:44 management slapd[24325]: conn=2221 fd=35 TLS established tls_ssf=256 ssf=256
Aug 1 15:55:44 management slapd[24325]: conn=2221 op=1 BIND dn="" method=128
Aug 1 15:55:44 management slapd[24325]: conn=2221 op=1 RESULT tag=97 err=0 text=
Aug 1 15:55:44 management slapd[24325]: conn=2221 op=2 SRCH base="ou=Users,dc=airspeed,dc=local" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uidNumber=60536))"
Aug 1 15:55:44 management slapd[24325]: conn=2221 op=2 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass
Aug 1 15:55:44 management slapd[24325]: conn=2221 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text=
Aug 1 15:55:44 management slapd[24325]: conn=2222 fd=53 ACCEPT from IP=192.168.1.15:34317 (IP=0.0.0.0:389)
Aug 1 15:55:44 management slapd[24325]: conn=2222 op=0 STARTTLS
Aug 1 15:55:44 management slapd[24325]: conn=2222 op=0 RESULT oid= err=0 text=
Aug 1 15:55:44 management slapd[24325]: conn=2222 fd=53 TLS established tls_ssf=256 ssf=256
Aug 1 15:55:44 management slapd[24325]: conn=2222 op=1 BIND dn="" method=128
Aug 1 15:55:44 management slapd[24325]: conn=2222 op=1 RESULT tag=97 err=0 text=
Aug 1 15:55:44 management slapd[24325]: conn=2222 op=2 SRCH base="ou=Users,dc=airspeed,dc=local" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=tuite\1Dpatrick\1D\1D\1Dmanagement\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\17patrick tuite))"
Scalix scalix-swa-activity.log
2007-08-07 09:56:40,282 INFO [Authenticate.init:176] AUTH - session: Ox6b76623960646b6265622932272d2632292c220a, user: sxadmin - authenticating user against mail service.
2007-08-07 09:56:40,376 INFO [Authenticate.init:190] AUTH - session: Ox6b76623960646b6265622932272d2632292c220a, user: sxadmin - authentication failed: AUTHENTICATE failure, user name or password rejected
2007-08-07 09:57:26,766 INFO [Authenticate.init:176] AUTH - session: Ox2a737b3a34363b342d332f273235312d302b3409, user: ptuite - authenticating user against mail service.
2007-08-07 09:57:26,887 INFO [Authenticate.init:190] AUTH - session: Ox2a737b3a34363b342d332f273235312d302b3409, user: ptuite - authentication failed: AUTHENTICATE failure, user name or password rejected
Thanks
Patrick
Scalix Logon failing after synching with OpenLDAP
Moderator: ScalixSupport
-
chewynet
- Posts: 30
- Joined: Mon Jul 16, 2007 7:33 am
- Location: Ireland
-
chewynet
- Posts: 30
- Joined: Mon Jul 16, 2007 7:33 am
- Location: Ireland
Scalix Logon failing after synching with OpenLDAP (Webmail)
If I may follow up on this. I now realise I am able to log onto the SAC with the same user accounts that are failing logging onto the Webmail. I can track the OpenLDAP logs which inform that the login process is successful (there's lot's of them but I can vouch the infos all there), I'm not sure what Scalix logs are reflective of SAC activity but the log scalix-res.log reported activity at the same time and I was able to see this in it:
2007-08-09 10:15:57,359 DEBUG [RESDispatcherServlet.dumpRequest:294] <?xml version="1.0" encoding="UTF-8"?>
<ReqRequest>
<Command instance="management" name="omchkaci">
<Parameters enc="false">
<param flag="-n" value="CN=Patrick Tuite/G=Patrick/S=Tuite/OU1=management"/>
<param flag="-c" value="modify read"/>
<param flag="-l" value="all"/>
<param flag="-j"/>
</Parameters>
</Command>
</ReqRequest>
2007-08-09 10:15:57,360 DEBUG [CmdExecution.executeCmd:141] ENVIRONMENT: LANG=en_US.UTF-8 OM_CHAR=UTF-8 OMCURRENT=management HOME=/tmp PWD=/tmp
2007-08-09 10:15:57,360 DEBUG [CmdExecution.executeCmd:143] COMMAND: /opt/scalix/bin/omchkaci -n CN=Patrick Tuite/G=Patrick/S=Tuite/OU1=management -c modify read -l all -j
2007-08-09 10:15:57,532 DEBUG [RESDispatcherServlet.dumpResponse:302] ---> RES Sending Response XML Document <-----
2007-08-09 10:15:57,533 DEBUG [RESDispatcherServlet.dumpResponse:309] <?xml version="1.0" encoding="UTF-8"?>
<ResResponse>
<Command name="omchkaci">
<Status>OK:0</Status>
<Output/>
</Command>
</ResResponse>
Which is the user account I used to log into the SAC.
Any idea why I can log into the SAC but cannot do the same for the Webmail?
I'm pretty sure this is the final hurdle to being able to present a production system!
Much appreciation for all the help so far.
Patrick
2007-08-09 10:15:57,359 DEBUG [RESDispatcherServlet.dumpRequest:294] <?xml version="1.0" encoding="UTF-8"?>
<ReqRequest>
<Command instance="management" name="omchkaci">
<Parameters enc="false">
<param flag="-n" value="CN=Patrick Tuite/G=Patrick/S=Tuite/OU1=management"/>
<param flag="-c" value="modify read"/>
<param flag="-l" value="all"/>
<param flag="-j"/>
</Parameters>
</Command>
</ReqRequest>
2007-08-09 10:15:57,360 DEBUG [CmdExecution.executeCmd:141] ENVIRONMENT: LANG=en_US.UTF-8 OM_CHAR=UTF-8 OMCURRENT=management HOME=/tmp PWD=/tmp
2007-08-09 10:15:57,360 DEBUG [CmdExecution.executeCmd:143] COMMAND: /opt/scalix/bin/omchkaci -n CN=Patrick Tuite/G=Patrick/S=Tuite/OU1=management -c modify read -l all -j
2007-08-09 10:15:57,532 DEBUG [RESDispatcherServlet.dumpResponse:302] ---> RES Sending Response XML Document <-----
2007-08-09 10:15:57,533 DEBUG [RESDispatcherServlet.dumpResponse:309] <?xml version="1.0" encoding="UTF-8"?>
<ResResponse>
<Command name="omchkaci">
<Status>OK:0</Status>
<Output/>
</Command>
</ResResponse>
Which is the user account I used to log into the SAC.
Any idea why I can log into the SAC but cannot do the same for the Webmail?
I'm pretty sure this is the final hurdle to being able to present a production system!
Much appreciation for all the help so far.
Patrick
-
chewynet
- Posts: 30
- Joined: Mon Jul 16, 2007 7:33 am
- Location: Ireland
Hi all
I managed to get past this problem and can now log onto the SWA interface.
The Solution:
I had followed the settings for the "Using_OpenLDAP_for_password_management" Howto.
http://www.scalix.com/wiki/index.php?ti ... management
Specifically the settings for the files:
After much searching on the forum archives I came across this thread.
viewtopic.php?p=32393
And changed these files to match the configurations posted by "potatoinmiri" half way down the page. Restared the services and voila, no more
errors in the OpenLDAP logs and I could log into the SWA
Thanks potatoinmiri!
Regards
Patrick
I managed to get past this problem and can now log onto the SWA interface.
The Solution:
I had followed the settings for the "Using_OpenLDAP_for_password_management" Howto.
http://www.scalix.com/wiki/index.php?ti ... management
Specifically the settings for the files:
Code: Select all
ual.remote
pamcheck
smtpd.auth
pop3
omslapdengAfter much searching on the forum archives I came across this thread.
viewtopic.php?p=32393
And changed these files to match the configurations posted by "potatoinmiri" half way down the page. Restared the services and voila, no more
Code: Select all
(uid=tuite\1Dpatrick\1D\1D\1Dmanagement\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\1D\17patrick tuite) errors in the OpenLDAP logs and I could log into the SWA
Thanks potatoinmiri!
Regards
Patrick
Return to “Third Party Integration”
Who is online
Users browsing this forum: No registered users and 1 guest