1

Topic: after an installation , login problem

I have just installed iredmail0.6 with ldap on freebsd7. it installed without any problem. I rebooted the server.

After that I can't login postfixadmin, roundcube,

I get some errors;

Jun 18 00:03:32 mail roundcube: [17-Jun-2010 21:03:32 +0000]: Successful login for www@filtrelisu.com (ID: 1) from 192.168.150.220
Jun 18 00:03:34 mail roundcube: [17-Jun-2010 21:03:34 +0000]: IMAP Error: Authentication for www@filtrelisu.com failed (LOGIN): "a001 NO [UNAVAILABLE] Temporary authentication failure." in /usr/local/www/roundcube/program/include/rcube_imap.php on line 141 (GET /roundcube/?_task=mail&_action=getunread&_remote=1&_=1276808614361&_unlock=0)
Jun 18 00:03:38 mail roundcube: [17-Jun-2010 21:03:38 +0000]: IMAP Error: Authentication for www@filtrelisu.com failed (LOGIN): "a001 NO [UNAVAILABLE] Temporary authentication failure." in /usr/local/www/roundcube/program/include/rcube_imap.php on line 141 (GET /roundcube/?_task=mail&_action=list&_mbox=INBOX&_refresh=1&_remote=1&_=1276808614358&_unlock=1)

Also , the installation program give an encrypted password as random for vmail ( bind_pw )
How can I see that password as plaintext?
Thanks

2

Re: after an installation , login problem

Seems some settings in roundcube are incorrect.

Can you help post output of this command:

# grep -Ev '^(//|/\*| *\*|#)' /usr/local/www/roundcube/config/main.inc.php | grep -v '^$'

3

Re: after an installation , login problem

ZhangHuangbin wrote:

grep -Ev '^(//|/\*| *\*|#)' /usr/local/www/roundcube/config/main.inc.php | grep -v '^$'

# grep -Ev '^(//|/\*| *\*|#)' /usr/local/www/roundcube/config/main.inc.php | grep -v '^$'
<?php
+-----------------------------------------------------------------------+
| Main configuration file                                               |
|                                                                       |
| This file is part of the RoundCube Webmail client                     |
| Copyright (C) 2005-2009, RoundCube Dev. - Switzerland                 |
| Licensed under the GNU GPL                                            |
|                                                                       |
+-----------------------------------------------------------------------+
$rcmail_config = array();
$rcmail_config['debug_level'] = 1;
$rcmail_config['log_driver'] = "syslog";
$rcmail_config['log_date_format'] = 'd-M-Y H:i:s O';
$rcmail_config['syslog_id'] = "roundcube";
$rcmail_config['syslog_facility'] = LOG_MAIL;
$rcmail_config['smtp_log'] = true;
$rcmail_config['log_logins'] = TRUE;
$rcmail_config['sql_debug'] = false;
$rcmail_config['imap_debug'] = false;
$rcmail_config['ldap_debug'] = false;
$rcmail_config['smtp_debug'] = false;
$rcmail_config['default_host'] = "127.0.0.1";
$rcmail_config['default_port'] = 143;
$rcmail_config['imap_auth_type'] = null;
$rcmail_config['imap_root'] = null;
$rcmail_config['imap_delimiter'] = null;
$rcmail_config['imap_force_caps'] = false;
$rcmail_config['smtp_server'] = "127.0.0.1";
$rcmail_config['smtp_port'] = 25;
$rcmail_config['smtp_user'] = "%u";
$rcmail_config['smtp_pass'] = "%p";
$rcmail_config['smtp_auth_type'] = '';
$rcmail_config['smtp_helo_host'] = '';
$rcmail_config['enable_installer'] = FALSE;
$rcmail_config['log_dir'] = 'logs/';
$rcmail_config['temp_dir'] = 'temp/';
$rcmail_config['enable_caching'] = false;
$rcmail_config['message_cache_lifetime'] = '10d';
$rcmail_config['force_https'] = false;
$rcmail_config['auto_create_user'] = TRUE;
$rcmail_config['skin_include_php'] = false;
$rcmail_config['session_lifetime'] = 10;
$rcmail_config['ip_check'] = false;
$rcmail_config['double_auth'] = false;
$rcmail_config['des_key'] = 'rcmail-!24ByteDESkey*Str';
$rcmail_config['username_domain'] = "filtrelisu.com";
$rcmail_config['mail_domain'] = '';
$rcmail_config['password_charset'] = 'ISO-8859-1';
$rcmail_config['sendmail_delay'] = 0;
$rcmail_config['max_recipients'] = 0;
$rcmail_config['max_group_members'] = 0;
$rcmail_config['useragent'] = "RoundCube WebMail";
$rcmail_config['product_name'] = 'RoundCube Webmail';
$rcmail_config['include_host_config'] = false;
$rcmail_config['generic_message_footer'] = '';
$rcmail_config['http_received_header'] = false;
$rcmail_config['http_received_header_encrypt'] = false;
$rcmail_config['mail_header_delimiter'] = NULL;
$rcmail_config['session_domain'] = '';
$rcmail_config['dont_override'] = array();
$rcmail_config['identities_level'] = 3;
$rcmail_config['mime_magic'] = '/usr/share/misc/magic';
$rcmail_config['email_dns_check'] = false;
$rcmail_config['plugins'] = array("password","managesieve",);
$rcmail_config['message_sort_col'] = '';
$rcmail_config['message_sort_order'] = 'DESC';
$rcmail_config['list_cols'] = array('subject', 'from', 'date', 'size', 'flag', 'attachment');
$rcmail_config['language'] = "en_US";
$rcmail_config['date_short'] = 'D H:i';
$rcmail_config['date_long'] = 'd.m.Y H:i';
$rcmail_config['date_today'] = 'H:i';
$rcmail_config['drafts_mbox'] = 'Drafts';
$rcmail_config['junk_mbox'] = 'Junk';
$rcmail_config['sent_mbox'] = 'Sent';
$rcmail_config['trash_mbox'] = 'Trash';
$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Junk', 'Trash');
$rcmail_config['create_default_folders'] = TRUE;
$rcmail_config['protect_default_folders'] = TRUE;
$rcmail_config['quota_zero_as_unlimited'] = TRUE;
$rcmail_config['mdn_requests'] = 0;
$rcmail_config['enable_spellcheck'] = FALSE;
$rcmail_config['spellcheck_engine'] = 'googie';
$rcmail_config['spellcheck_uri'] = '';
$rcmail_config['spellcheck_languages'] = "en_US";
$rcmail_config['max_pagesize'] = 200;
$rcmail_config['min_keep_alive'] = 60;
$rcmail_config['address_book_type'] = 'sql';
$rcmail_config['ldap_public'] = array();
$rcmail_config['ldap_public']['Verisign'] = array(
  'name'          => 'Verisign.com',
  'hosts'         => array('directory.verisign.com'),
  'port'          => 389,
  'use_tls'         => false,
  'user_specific' => false,   // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
  // %fu - The full username provided, assumes the username is an email
  //       address, uses the username_domain value if not an email address.
  // %u  - The username prior to the '@'.
  // %d  - The domain name after the '@'.
  'base_dn'       => '',
  'bind_dn'       => '',
  'bind_pass'     => '',
  'writable'      => false,   // Indicates if we can write to the LDAP directory or not.
  // If writable is true then these fields need to be populated:
  // LDAP_Object_Classes, required_fields, LDAP_rdn
  'LDAP_Object_Classes' => array("top", "inetOrgPerson"), // To create a new contact these are the object classes to specify (or any other classes you wish to use).
  'required_fields'     => array("cn", "sn", "mail"),     // The required fields needed to build a new contact as required by the object classes (can include additional fields not required by the object classes).
  'LDAP_rdn'      => 'mail', // The RDN field that is used for new entries, this field needs to be one of the search_fields, the base of base_dn is appended to the RDN to insert into the LDAP directory.
  'ldap_version'  => 3,       // using LDAPv3
  'search_fields' => array('mail', 'cn'),  // fields to search in
  'name_field'    => 'cn',    // this field represents the contact's name
  'email_field'   => 'mail',  // this field represents the contact's e-mail
  'surname_field' => 'sn',    // this field represents the contact's last name
  'firstname_field' => 'gn',  // this field represents the contact's first name
  'sort'          => 'cn',    // The field to sort the listing by.
  'scope'         => 'sub',   // search mode: sub|base|list
  'filter'        => '',      // used for basic listing (if not empty) and will be &'d with search queries. example: status=act
  'fuzzy_search'  => true     // server allows wildcard search
  'sizelimit'     => '0',     // Enables you to limit the count of entries fetched. Setting this to 0 means no limit.
  'timelimit'     => '0',     // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit.
);
$rcmail_config['autocomplete_addressbooks'] = array("sql", "filtrelisu.com");
$rcmail_config['default_charset'] = "UTF-8";
$rcmail_config['skin'] = 'default';
$rcmail_config['pagesize'] = 40;
$rcmail_config['timezone'] = 'auto';
$rcmail_config['dst_active'] = (bool)date('I');
$rcmail_config['prefer_html'] = true;
$rcmail_config['show_images'] = 1;
$rcmail_config['htmleditor'] = false;
$rcmail_config['prettydate'] = true;
$rcmail_config['draft_autosave'] = 300;
$rcmail_config['preview_pane'] = TRUE;
$rcmail_config['preview_pane_mark_read'] = TRUE;
$rcmail_config['focus_on_new_message'] = true;
$rcmail_config['logout_purge'] = false;
$rcmail_config['logout_expunge'] = false;
$rcmail_config['inline_images'] = true;
$rcmail_config['mime_param_folding'] = 1;
$rcmail_config['skip_deleted'] = false;
$rcmail_config['read_when_deleted'] = true;
$rcmail_config['flag_for_deletion'] = false;
$rcmail_config['keep_alive'] = 60;
$rcmail_config['check_all_folders'] = TRUE;
$rcmail_config['display_next'] = false;
$rcmail_config['autoexpand_threads'] = 0;
$rcmail_config['top_posting'] = false;
$rcmail_config['strip_existing_sig'] = true;
$rcmail_config['show_sig'] = 1;
$rcmail_config['sig_above'] = false;
$rcmail_config['force_7bit'] = false;
$rcmail_config['search_mods'] = null;  // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1));
$rcmail_config['delete_always'] = TRUE;
$rcmail_config['ldap_public']["filtrelisu.com"] = array(
    'name'          => 'Global Address Book',
    'hosts'         => array("127.0.0.1"),
    'port'          => 389,
    'use_tls'       => false,
    // ---- Used to search accounts only in the same domain. ----
    'user_specific' => true, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
    'base_dn'       => "domainName=%d,o=domains,dc=filtrelisu,dc=com",
    'bind_dn'       => "mail=%u@%d,ou=Users,domainName=%d,o=domains,dc=filtrelisu,dc=com",
    // ---- Uncomment below lines to search whole LDAP tree ----
    //'base_dn'       => "o=domains,dc=filtrelisu,dc=com",
    //'bind_dn'       => "cn=vmail,dc=filtrelisu,dc=com",
    'writable'      => false, // Indicates if we can write to the LDAP directory or not.
    // If writable is true then these fields need to be populated:
    // LDAP_Object_Classes, required_fields, LDAP_rdn
    //'LDAP_Object_Classes' => array("top", "inetOrgPerson", "mailUser"), // To create a new contact these are the object classes to specify (or any other classes you wish to use).
    //'required_fields'     => array("cn", "sn", "mail"),     // The required fields needed to build a new contact as required by the object classes (can include additional fields not required by the object classes).
    //'LDAP_rdn'      => "mail", // The RDN field that is used for new entries, this field needs to be one of the search_fields, the base of base_dn is appended to the RDN to insert into the LDAP directory.
    'ldap_version'  => "3",       // using LDAPv3
    'search_fields' => array('mail', 'cn', 'givenName', 'sn'),  // fields to search in
    'name_field'    => 'cn',    // this field represents the contact's name
    'email_field'   => 'mail',  // this field represents the contact's e-mail
    'surname_field' => 'sn',    // this field represents the contact's last name
    'firstname_field' => 'givenName',  // this field represents the contact's first name
    'sort'          => 'cn',    // The field to sort the listing by.
    'scope'         => 'sub',   // search mode: sub|base|list
    'filter'        => "(&(enabledService=mail)(enabledService=deliver)(enabledService=displayedInGlobalAddressBook)(|(&(objectClass=mailList)(hasMember=yes))(objectClass=mailAlias)(objectClass=mailUser)))", // Search mail users, lists, aliases.
    'fuzzy_search'  => true);   // server allows wildcard search
?>


Meanwhile all needed services seem to work.
# netstat -na |grep LISTE
tcp4       0      0 127.0.0.1.10025        *.*                    LISTEN
tcp4       0      0 *.465                  *.*                    LISTEN
tcp4       0      0 *.587                  *.*                    LISTEN
tcp4       0      0 *.25                   *.*                    LISTEN
tcp4       0      0 127.0.0.1.2000         *.*                    LISTEN
tcp4       0      0 *.995                  *.*                    LISTEN
tcp4       0      0 *.110                  *.*                    LISTEN
tcp4       0      0 *.993                  *.*                    LISTEN
tcp4       0      0 *.143                  *.*                    LISTEN
tcp4       0      0 *.22                   *.*                    LISTEN
tcp6       0      0 *.22                   *.*                    LISTEN
tcp46      0      0 *.443                  *.*                    LISTEN
tcp46      0      0 *.80                   *.*                    LISTEN
tcp4       0      0 127.0.0.1.7777         *.*                    LISTEN
tcp4       0      0 127.0.0.1.10031        *.*                    LISTEN
tcp4       0      0 127.0.0.1.10024        *.*                    LISTEN
tcp4       0      0 *.3306                 *.*                    LISTEN

4

Re: after an installation , login problem

Try to set:

$rcmail_config['imap_auth_type'] = 'check';

5

Re: after an installation , login problem

ZhangHuangbin wrote:

imap_auth_type

I have just changed that value. But the problem going on
I rebooted the server
My maillog ;

Jun 18 13:20:27 mail postfix/qmgr[795]: D4A23D4C5D: from=<root@mail.filtrelisu.com>, size=2138, nrcpt=1 (queue active)
Jun 18 13:20:28 mail postfix/proxymap[798]: warning: dict_ldap_connect: Unable to bind to server ldap://127.0.0.1:389 as cn=vmail,dc=filtrelisu,dc=com: -1 (Can't contact LDAP server)
Jun 18 13:20:28 mail postfix/proxymap[803]: warning: dict_ldap_connect: Unable to bind to server ldap://127.0.0.1:389 as cn=vmail,dc=filtrelisu,dc=com: -1 (Can't contact LDAP server)
Jun 18 13:20:28 mail postfix/cleanup[797]: warning: 05FA5D4C5F: virtual_alias_maps map lookup problem for www@filtrelisu.com
Jun 18 13:20:28 mail postfix/cleanup[804]: warning: 0AC95D4C60: virtual_alias_maps map lookup problem for www@filtrelisu.com
Jun 18 13:20:41 mail roundcube: [18-Jun-2010 10:20:41 +0000]: IMAP Error: Authentication for www@filtrelisu.com failed (LOGIN): "a001 NO [UNAVAILABLE] Temporary authentication failure." in /usr/local/www/roundcube/program/include/rcube_imap.php on line 141 (POST /roundcube/?_task=&_action=login)
Jun 18 13:22:10 mail postfix/proxymap[949]: warning: dict_ldap_connect: Unable to bind to server ldap://127.0.0.1:389 as cn=vmail,dc=filtrelisu,dc=com: -1 (Can't contact LDAP server)
Jun 18 13:22:10 mail postfix/proxymap[949]: warning: dict_ldap_connect: Unable to bind to server ldap://127.0.0.1:389 as cn=vmail,dc=filtrelisu,dc=com: -1 (Can't contact LDAP server)
Jun 18 13:22:10 mail postfix/proxymap[949]: warning: dict_ldap_connect: Unable to bind to server ldap://127.0.0.1:389 as cn=vmail,dc=filtrelisu,dc=com: -1 (Can't contact LDAP server)
Jun 18 13:22:10 mail postfix/trivial-rewrite[952]: fatal: proxy:ldap:/usr/local/etc/postfix/ldap_virtual_alias_maps.cf(0,lock|fold_fix): table lookup problem
Jun 18 13:22:11 mail postfix/master[790]: warning: process /usr/local/libexec/postfix/trivial-rewrite pid 952 exit status 1
Jun 18 13:22:12 mail postfix/proxymap[949]: warning: dict_ldap_connect: Unable to bind to server ldap://127.0.0.1:389 as cn=vmail,dc=filtrelisu,dc=com: -1 (Can't contact LDAP server)
Jun 18 13:22:12 mail postfix/proxymap[949]: warning: dict_ldap_connect: Unable to bind to server ldap://127.0.0.1:389 as cn=vmail,dc=filtrelisu,dc=com: -1 (Can't contact LDAP server)
Jun 18 13:22:12 mail postfix/proxymap[949]: warning: dict_ldap_connect: Unable to bind to server ldap://127.0.0.1:389 as cn=vmail,dc=filtrelisu,dc=com: -1 (Can't contact LDAP server)
Jun 18 13:22:12 mail postfix/trivial-rewrite[955]: fatal: proxy:ldap:/usr/local/etc/postfix/ldap_virtual_alias_maps.cf(0,lock|fold_fix): table lookup problem
Jun 18 13:22:13 mail postfix/smtpd[948]: warning: problem talking to service rewrite: Unknown error: 0
Jun 18 13:22:13 mail postfix/master[790]: warning: process /usr/local/libexec/postfix/trivial-rewrite pid 955 exit status 1
Jun 18 13:22:13 mail postfix/master[790]: warning: /usr/local/libexec/postfix/trivial-rewrite: bad command startup -- throttling

6

Re: after an installation , login problem

(Can't contact LDAP server)

Your openldap server is not running. Fix it first.

7

Re: after an installation , login problem

ZhangHuangbin wrote:

(Can't contact LDAP server)

Your openldap server is not running. Fix it first.

My openldap server is running now
I did the installation according to your site ( http://code.google.com/p/iredmail/wiki/ … on_FreeBSD );
bash get_all.sh
bash iRedMail.sh

reboot

Meanwhile, I see rootpw as encrytped
at least I can see https://serverip/ldap.  it asks login DN and password.
1 -) How can I see password as plainttext?

Also I am sorry I can't PostfixAdmin but I already installed with ldap . But I think that it should be updated installation page.
I can see iredadmin page. and I can login roundcube page.
2-) How can I get the latest installation guide ?
   
3-) How can I see ldaplog ?

Thanks

8

Re: after an installation , login problem

postfixadmin not support ldap, so you need use iRedAdmin manage the user.

you can try use cn=manager,dc=abc,dc=com login phpldapadmin, check ldap whether working.

# Read file 'iRedMail-x.y.z/iRedMail.tips' first, it contains:

    * User password and related sensitive information.
    * Location of mail serve related software configuration files and other important information. 

9

Re: after an installation , login problem

shake wrote:

iRedMail-x.y.z/iRedMail.tips

Thank you. I can read my password at iredmail.tips

I checked ldap. it works well.

But I see that it is a weird thing in my /etc/rc.conf related to openldap.conf

# Start openldap server.
slapd_enable="YES"
slapd_flags='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"'
slapd_sockets="/var/run/openldap/ldapi"

What should "slapd_flags" be ?

Thanks

10

Re: after an installation , login problem

can you login https://ip address/iredadmin?

try it, you need use cn=manager,dc=domain,dc=com

the password check the iRedMail.tips

11

Re: after an installation , login problem

bulend wrote:

What should "slapd_flags" be ?

Passed to 'slapd' program, used to start OpenLDAP daemon. :-)

12

Re: after an installation , login problem

shake wrote:

can you login https://ip address/iredadmin?

try it, you need use cn=manager,dc=domain,dc=com

the password check the iRedMail.tips

Yes I can login to https://ip address/iredadmin and I can manage it. But I haven't bought iredadmin yet, So I have no all features.

13

Re: after an installation , login problem

if you can login the iRedadmin, means the ldap is working.

try to login the RoundCube and check the log.