No, didn’t try switch it on, because Postfix and Dovecot configured and
authentication tests completed successfully. In windows server logs as I can
see, authentication is successful too.
I can try to switch it on, if it necessary. Could you send me in right
direction?
Sent from Mail for Windows
From: Christian Naumer
Sent: 4 september 2024 г. 12:32
To: users@sogo.nu
Subject: [SPAM] Re: [SOGo] SoGo (iRedMail) + LDAP (Active Directory)
Usually AD requires TLS or SSL for LDAP. Have you tried switching this on?
Am 04.09.24 um 11:13 schrieb Илназ Шарафиев (il...@konstanta.pro):
> Hello!
>
> Sorry for disturbing with stupid questions. Please help me with SoGo
> configuration. I installed iRedMail 1.7.1. on Debian 12. Successfully
> configured Postfix and Dovecot, including LDAP (Active directory)
> authentication. But I stucked with SoGo + Active Directory configuration.
>
> Here is my configuration for LDAP
>
> SOGoUserSources = (
>
> {
>
> // Used for user authentication
>
> id = directory;
>
> displayName = "Active Directory";
>
> canAuthenticate = YES;
>
> type = ldap;
>
> CNFieldName = cn;
>
> IDFieldName = uid;
>
> UIDFieldName = sAMAccountName;
>
> baseDN = " ou=Users, dc=test,dc=com";
>
> bindDN = "cn=vmail,oou=Users, dc=test,dc=com";
>
> bindFields = (sAMAccountName);
>
> bindPassword = password;
>
> hostname = "ldap://test.com:389";;
>
> isAddressBook = YES;
>
> },
>
> And logs:
>
> Sep 04 11:10:24 sogod [155008]: |SOGo| starting method 'POST' on uri '/
> SOGo/so/passwordRecoveryEnabled'
>
> Sep 04 11:10:24 sogod [155008]: <0x0x558409596160[SOGoCache]> Cache
> cleanup interval set every 300.000000 seconds
>
> Sep 04 11:10:24 sogod [155008]: <0x0x558409596160[SOGoCache]> Using
> host(s) '127.0.0.1' as server(s)
>
> Sep 04 11:10:24 sogod [155008]: [WARN]
> <0x0x7f57060d3b00[WOxElemBuilder]> could not locate builders:
> WOxExtElemBuilder,WOxExtElemBuilder
>
> Sep 04 11:10:24 sogod [155008]: |SOGo| request took 0.046520 seconds to
> execute
>
> Sep 04 11:10:24 sogod [155008]: 192.xxx.xxx.xxx "POST /SOGo/so/
> passwordRecoveryEnabled HTTP/1.0" 403 0/47 0.056 - - 3M - 10
>
> Sep 04 11:10:25 sogod [155008]: |SOGo| starting method 'POST' on uri '/
> SOGo/so/passwordRecoveryEnabled'
>
> Sep 04 11:10:25 sogod [155008]: |SOGo| request took 0.001057 seconds to
> execute
>
> Sep 04 11:10:25 sogod [155008]: 192.xxx.xxx.xxx "POST /SOGo/so/
> passwordRecoveryEnabled HTTP/1.0" 403 0/47 0.004 - - 0 - 10
>
> Sep 04 11:10:32 sogod [155008]: |SOGo| starting method 'POST' on uri '/
> SOGo/connect'
>
> Sep 04 11:10:32 sogod [155008]: <0x0x558409a68610[NGLdapConnection]>
> Using ldap_initialize for LDAP URL: ldap://test.com:389
>
> Sep 04 11:10:32 sogod [155008]: <0x0x558409a65de0[NGLdapConnection]>
> Using ldap_initialize for LDAP URL: ldap://test.com:389
>
> 2024-09-04 11:10:32.698 sogod[155008:155008] -[NGLdapConnection
> _searchAtBaseDN:qualifier:attributes:scope:]: search at base '' filter
> '(objectClass=*)' for attrs 'subschemaSubentry'
>
> 2024-09-04 11:10:32.698 sogod[155008:155008] -[NGLdapConnection
> _searchAtBaseDN:qualifier:attributes:scope:]: search at base
> 'CN=Aggregate,CN=Schema,CN=Configuration,DC=test,DC=com' filter
> '(objectClass=*)' for attrs 'objectclasses'
>
> 2024-09-04 11:10:32.839 sogod[155008:155008] -[NGLdapConnection
> _searchAtBaseDN:qualifier:attributes:scope:]: search at base
> 'ou=users,dc=test,dc=com' filter '(sAMAccountName=t...@konstanta.pro)'
> for attrs 'dn'
>
> Sep 04 11:10:32 sogod [155008]: SOGoRootPage Login from
> '192.xxx.xxx.xxx' for user 't...@test.com' might not have worked -
> password policy: 65535 grace: -1 expire: -1 bound: 0
>
> Sep 04 11:10:32 sogod [155008]: |SOGo| request took 0.170584 seconds to
> execute
>
> Sep 04 11:10:32 sogod [155008]: 192.xxx.xxx.xxx "POST /SOGo/connect
> HTTP/1.0" 403 33/87 0.173 - - 7M - 11
>
> Sep 04 11:10:34 sogod [155008]: |SOGo| starting method 'GET' on uri '/
> SOGo/so/'
>
> Sep 04 11:10:34 sogod [155008]: |SOGo| request took 0.084647 seconds to
> execute
>
> Sep 04 11:10:34 sogod [155008]: 192.xxx.xxx.xxx "GET /SOGo/so/ HTTP/1.0"
> 200 13418/0 0.089 50514 73% 0 - 11
>
> In the windows server logs I can see that authentication was successful.
>
> Thanks
>
