1 Topic by acomav

  • acomav
  • Member
  • Offline
  • Registered: 2015-06-22
  • Posts: 9

Topic: Domain Alias not working - missing shadowAddress

======== Required information ====
- iRedMail version (check /etc/iredmail-release):  0.9.6
- Linux/BSD distribution name and version:   Centos 6
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):   LDAP
- Web server (Apache or Nginx):  Apache
- Manage mail accounts with iRedAdmin-Pro?  Yes.  2.8
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hello,

I had a long post for Domain aliases not working but discovered via this page (http://www.iredmail.org/docs/ldap.add.alias.domain.html) that I needed a shadowAddress added to my mailbox for the aliased domain.

My question:  If using iRedAdmin-Pro 2.8, should adding a domain alias automatically update the LDAP records of all the mailboxes for the parent (non-aliases) domains?     I was assuming this was the case until I discovered this was not the case on my system at least. It seems like a very important feature of Domain Aliases so I'm a bit concerned my system needs a fix somewhere.

Thanks,
             David

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Domain Alias not working - missing shadowAddress

iRedAdmin-Pro will handle this (will add shadowAddress=<user>@<alias_domain>) automatically.

3 Reply by acomav

  • acomav
  • Member
  • Offline
  • Registered: 2015-06-22
  • Posts: 9

Re: Domain Alias not working - missing shadowAddress

Thanks.  I had suspected as much.   
Now, where do I start the troubleshooting process because shadowAddress is not being added as it should be?

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Domain Alias not working - missing shadowAddress

acomav wrote:

Now, where do I start the troubleshooting process because shadowAddress is not being added as it should be?

Wait a sec. So iRedAdmin-Pro didn't add it for you? This might be a bug of iRedAdmin-Pro.
Could you please show me step-by-step instruction to reproduce it?

5 Reply by acomav

  • acomav
  • Member
  • Offline
  • Registered: 2015-06-22
  • Posts: 9

Re: Domain Alias not working - missing shadowAddress

ZhangHuangbin wrote:
acomav wrote:

Now, where do I start the troubleshooting process because shadowAddress is not being added as it should be?

Wait a sec. So iRedAdmin-Pro didn't add it for you? This might be a bug of iRedAdmin-Pro.
Could you please show me step-by-step instruction to reproduce it?


Hi,
     Sorry for the delay.  I had a long weekend.


Yes, that is exactly what I am saying.    Here is some information with LDIF dumps.

1.  I create a new domain:    domain1.com


LDIF

dn: domainName=domain1.com,o=domains,dc=iredmail,dc=xxxx,dc=com,dc=au
accountSetting: defaultLanguage:en_US
accountSetting: defaultQuota:1024
accountStatus: active
domainCurrentAliasNumber: 0
domainCurrentListNumber: 0
domainCurrentUserNumber: 0
domainName: domain1.com
enabledService: mail
mtaTransport: dovecot
objectClass: mailDomain


I then add a user to this domain: mailbox1

LDIF:

dn: mail=mailbox1@domain1.com,ou=Users,domainName=domain1.com,o=domains,dc=iredmail,dc=xxxxx,dc=com,dc=au
accountStatus: active
amavisLocal: TRUE
cn: Mailbox test
enabledService: internal
enabledService: doveadm
enabledService: lib-storage
enabledService: indexer-worker
enabledService: mail
enabledService: dsync
enabledService: smtp
enabledService: smtpsecured
enabledService: pop3
enabledService: pop3secured
enabledService: imap
enabledService: imapsecured
enabledService: deliver
enabledService: lda
enabledService: lmtp
enabledService: recipientbcc
enabledService: senderbcc
enabledService: managesieve
enabledService: managesievesecured
enabledService: sieve
enabledService: sievesecured
enabledService: forward
enabledService: shadowaddress
enabledService: displayedInGlobalAddressBook
enabledService: sogo
homeDirectory: /var/vmail/vmail1/domain1.com/m/a/i/mailbox1-2017.07.25.08.20.57/
mail: mailbox1@domain1.com
mailMessageStore: vmail1/domain1.com/m/a/i/mailbox1-2017.07.25.08.20.57/
mailQuota: 1073741824
objectClass: inetOrgPerson
objectClass: mailUser
objectClass: shadowAccount
objectClass: amavisAccount
preferredLanguage: en_US
shadowLastChange: 0
sn: mailbox1
storageBaseDirectory: /var/vmail
uid: mailbox1
userPassword: {SSHA}x3G4NLa4fIY2r1Hxxxxxxxxx4EEKphF7PFfHA==


I then enable and add  a new domain alias:    domainalias.com
I add this the standard way in the GUI.  Screenshot attached.

Here is the LDIF dump of domain1.com afterwards.

dn: domainName=domain1.com,o=domains,dc=iredmail,dc=onthenet,dc=com,dc=au
accountSetting: defaultLanguage:en_US
accountSetting: defaultQuota:1024
accountStatus: active
domainAliasName: domainalias.com
domainCurrentAliasNumber: 0
domainCurrentListNumber: 0
domainCurrentUserNumber: 0
domainName: domain1.com
enabledService: mail
enabledService: domainalias
mtaTransport: dovecot
objectClass: mailDomain

That all looks good.

Now, here is the LDIF dump for the user: mailbox1.

dn: mail=mailbox1@domain1.com,ou=Users,domainName=domain1.com,o=domains,dc=iredmail,dc=xxxx,dc=com,dc=au
accountStatus: active
amavisLocal: TRUE
cn: Mailbox test
enabledService: internal
enabledService: doveadm
enabledService: lib-storage
enabledService: indexer-worker
enabledService: mail
enabledService: dsync
enabledService: smtp
enabledService: smtpsecured
enabledService: pop3
enabledService: pop3secured
enabledService: imap
enabledService: imapsecured
enabledService: deliver
enabledService: lda
enabledService: lmtp
enabledService: recipientbcc
enabledService: senderbcc
enabledService: managesieve
enabledService: managesievesecured
enabledService: sieve
enabledService: sievesecured
enabledService: forward
enabledService: shadowaddress
enabledService: displayedInGlobalAddressBook
enabledService: sogo
homeDirectory: /var/vmail/vmail1/domain1.com/m/a/i/mailbox1-2017.07.25.08.20.57/
mail: mailbox1@domain1.com
mailMessageStore: vmail1/domain1.com/m/a/i/mailbox1-2017.07.25.08.20.57/
mailQuota: 1073741824
objectClass: inetOrgPerson
objectClass: mailUser
objectClass: shadowAccount
objectClass: amavisAccount
preferredLanguage: en_US
shadowLastChange: 0
sn: mailbox1
storageBaseDirectory: /var/vmail
uid: mailbox1
userPassword: {SSHA}x3G4NLa4fIY2r1H3xxxxxxEKphF7PFfHA==

Notice there is no "shadowAddress" attribute?

Please let me know what other information I may provide to help troubleshoot.

Kind Regards.

Post's attachments

Screen Shot 2017-07-25 at 8.22.23 am.png
Screen Shot 2017-07-25 at 8.22.23 am.png 56.03 kb, file has never been downloaded. 

You don't have the permssions to download the attachments of this post.

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Domain Alias not working - missing shadowAddress

Fixed. here's patch for iRedAdmin-Pro-LDAP-2.9.0:

diff -r c9991a416ef9 libs/ldaplib/domain.py
--- a/libs/ldaplib/domain.py    Fri Jul 21 23:27:19 2017 +0800
+++ b/libs/ldaplib/domain.py    Tue Jul 25 13:43:43 2017 +0800
@@ -1324,7 +1324,7 @@
                 mod_attrs += [(ldap.MOD_REPLACE, 'domainPendingAliasName', list(set(all_pending_alias_domains)))]
 
         for d in new_alias_domains:
-            if settings.REQUIRE_DOMAIN_OWNERSHIP_VERIFICATION:
+            if not session.get('is_global_admin') and settings.REQUIRE_DOMAIN_OWNERSHIP_VERIFICATION:
                 continue
 
             qr = update_accounts_for_new_alias_domain(primary_domain=domain,

We will release a new version soon.

7 Reply by acomav

  • acomav
  • Member
  • Offline
  • Registered: 2015-06-22
  • Posts: 9

Re: Domain Alias not working - missing shadowAddress

Hi,
     I tested that patch against 2.80 as the code block was the same as 2.90. (Tell me if that is a big mistake).
Anyway, this patch works in so far that any new mailbox will inherit the domain alias, however:

1. New/added aliased domains do not get added to existing mailboxes LDIF record as a new shadowAddress.
2. Removing an aliased domain does not removed the shadowAddress from the mailbox record.

Could you please have another test at your end to concur?

8 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Domain Alias not working - missing shadowAddress

You have to use iRedAdmin-Pro-LDAP-2.9.0.

After read your last post, i tried to reproduce this issue with iRedAdmin-Pro-LDAP-2.9.0, and found another bug of alias domain, fixed immediately. Please upgrade your iRedMail to the latest iRedMail-0.9.7, then contact us to get download link of patched iRedAdmin-Pro.

9 Reply by acomav

  • acomav
  • Member
  • Offline
  • Registered: 2015-06-22
  • Posts: 9

Re: Domain Alias not working - missing shadowAddress

Hi,
      Will do. Thanks.

10 Reply by acomav

  • acomav
  • Member
  • Offline
  • Registered: 2015-06-22
  • Posts: 9

Re: Domain Alias not working - missing shadowAddress

Hi.
     I have updated to iRedAdmin-Pro 2.9 on a development server. May I please have the latest patched version now please?

11 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Domain Alias not working - missing shadowAddress

Sent. smile

12 Reply by acomav

  • acomav
  • Member
  • Offline
  • Registered: 2015-06-22
  • Posts: 9

Re: Domain Alias not working - missing shadowAddress

Hi,
     Thanks for the update.  I have tested and can confirm it is working now. Adding/removing domains adds/removes the shadowAddress from existing and new mailboxes. 

Cheers