Thanks Zhang,

So the steps are:
1. Upgrade iRedMail and iRedAdminPro to latest versions
2. install SOGo
3. Build new server with SOGo as part of install and then migrate vmail database and mail files from existing to new server ?

With thanks..

Hi,

Completed step 1 without issue all good.
Built new server with SOGO included then dumped vmail database into new server build. Checked normal mail ops all working as well as iRedAdmin-Pro.. All working as intended, however users cannot log into SOGo webmail, simply says "Wrong username or password". Am I missing something here ?

With thanks..

[edit] I get this message in the sogo.log :
sogod [3151]: SOGoRootPage Login from 'localhost' for user 'email address here' might not have worked - password policy: 65535  grace: -1  expire: -1  bound: 0

I see no other error messages in any other logs.. It's like SOGo cannot auth against the vmail database for some reason.

Try to reset password for this user, then try again.

Hi guys,

Yes it is affecting ALL users. I just deleted the sogo database and database user from mysql and built it back up using the instructions found here:
http://www.iredmail.org/docs/sogo-centos-6-mysql.html

Now if I manually reset the password in iRedAdmin-Pro it works fine, however that option is not viable for me as I have hundreds of users and the passwords for them are hashed in the database, so I cant see them anyway even if I did want to reset them manually.

I have also manually looked at the hashed passwords in both the old vmail database and the new and they are both the same (as they should be) I also looked at the password hash as stored in the view for sogo and it also matches the one in the vmail database.

I'm at a bit of a loss here as to why I cannot get sogo to auth against the vmail database without needing to reset the users password. Even though I rebuilt the sogo database from scratch as shown in the link above.

I'm thinking it may be easier to just run with Roundcube for the time being.

With thanks..

Is it possible to let me login to your server for further debug? This issue was reported by another user before, and resetting password works for him/her too. I'm curious what the root cause is.

Yep, I can do that. If you send me an email (details are in my profile and should be available to you) I will reply with the details.

Please be aware that I have blocked some IP addresses from China due to continued attempts to bypass my security. Let me know when you have sent an email.

With thanks..

Do the non-functional hashes 'look' different? Different prefix or whatever?

SOGo conforms to that properly so yeah, it reads which hash it should use from that {SSHA512} part, it looks like your hashes were created in a system which didn't do this. Want me to write you a MySQL Snippet which will convert all Passwords Hashes to the Prefixed format?
By the way, the View mirrors the vmail.mailboxes table so just change it in vmail.mailboxes and the view will be updated also.

Ok here's an update. Simply adding {SSHA512} to the front of the password hash created in iRedMail version0.8.7 will not work. It seems version 0.8.7 used the {CRYPT} hash type so you need to add {CRYPT} instead of {SSHA512}

iRedAdmin-Pro uses by default {SSHA} when you change a password and SOGo will accept both.. I created a mysql function which simply concats the {CRYPT} and the existing hash. Then I just use that function in a simple update query to change all passwords, or supply a where statement on the username to change just one password.

If people want I can post the function here?

Thanks, but the real credit must go to Zhang, he did the actual debug and found the incompatibility between SOGo and non prefixed MD5 hashes.

If anyone is interested here is the function for changing the existing passwords from a 0.8.7 vmail database.

DELIMITER //
CREATE FUNCTION pchange (pword varchar(255)) RETURNS varchar(255)
BEGIN
    RETURN CONCAT ('{CRYPT}', pword);
END; //
DELIMITER ;

You must have root access to your database. Once you are at the mysql prompt change to the vmail database. Then copy the function above and paste at the mysql prompt. You will be left with the cursor flashing after the DELIMITER ; line. Simply press enter here and you will be back at the mysql prompt.

To use the function to change all passwords use an update query like so:
update mailbox set password=pchange(password);

To change a single password use:
update mailbox set password=pchange(password) where username='user@domain';