Navigation

    Kopano
    • Register
    • Login
    • Search
    • Categories
    • Get Official Kopano Support
    • Recent
    Statement regarding the closure of the Kopano community forum and the end of the community edition

    LDAP error after fresh install

    Kopano Groupware Core
    2
    3
    441
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • birduser
      birduser last edited by

      On a fresh install on Debian 10 I want to use LDAP. When I try to sync the users I get:

      root@mail:~# kopano-cli --sync
MAPI error 8004010F (MAPI_E_NOT_FOUND)

      In “var/log/mail.log” it says:
      Config error: Unable to open config file “/usr/share/kopano/ldap.openldap.cfg”:

      Feb 17 16:45:23 mail kopano-server[832]: Config error: Option 'ldap_group_type_attribute_value' cannot be empty!
Feb 17 16:45:23 mail kopano-server[832]: Config error: Option 'ldap_user_type_attribute_value' cannot be empty!
Feb 17 16:45:23 mail kopano-server[832]: Cannot instantiate user plugin: Not a valid configuration file.
Feb 17 16:45:23 mail kopano-server[832]: Unable to instantiate user plugin
Feb 17 16:45:23 mail kopano-monitor[450]: Unable to get userlist for company "Default": not found (8004010f)
Feb 17 16:45:28 mail kopano-server[832]: Failed to open plugin configuration file, using defaults.
Feb 17 16:45:28 mail kopano-server[832]: Config error: Unable to open config file "/usr/share/kopano/ldap.openldap.cfg"
Feb 17 16:45:28 mail kopano-server[832]: Config error: Option 'ldap_group_type_attribute_value' cannot be empty!
Feb 17 16:45:28 mail kopano-server[832]: Config error: Option 'ldap_user_type_attribute_value' cannot be empty!
Feb 17 16:45:28 mail kopano-server[832]: Cannot instantiate user plugin: Not a valid configuration file.
Feb 17 16:45:28 mail kopano-server[832]: Unable to instantiate user plugin
Feb 17 16:45:28 mail kopano-server[832]: Error synchronizing company list: not found (80000002)

      But the file “/usr/share/kopano/ldap.openldap.cfg” definetly exists:

      root@mail:~# ls -la /usr/share/kopano/ldap.openldap.cfg
-rw-r--r-- 1 root root 15793 Apr 25  2019 /usr/share/kopano/ldap.openldap.cfg

      I got it working by copying all LDAP files from /usr/share/kopano to /etc/kopano:

      cp /usr/share/kopano/ldap.* /etc/kopano/

      And changing the path in “ldap.openldap.cfg”:

      !propmap /etc/kopano/ldap.propmap.cfg

      Aswell as in “/etc/kopano/ldap.cfg”:

      !include /etc/kopano/ldap.openldap.cfg

      But that can’t be the solution, right? it seems there is a right problem.

      To reproduce, these are the steps I took for installing kopano:

      apt-get update & apt-get dist-upgrade -V
apt-get install kopano-core kopano-webapp-nginx
rm -f /etc/nginx/sites-enabled/default
systemctl restart nginx
apt-get install postfix postfix-mysql

      Edit main.cf

      nano /etc/postfix/main.cf

      and insert:

      # Kopano Custom
virtual_alias_map = hash:/etc/postfix/virtual # Aliase/Weiterleitungen für Postfächer
virtual_mailbox_maps = mysql:/etc/postfix/mysql-users.cf # Auslesen vorhandener Postfächer
virtual_transport = lmtp:127.0.0.1:2003 # Weiterleiten der Mail an Dagent für die Zustellung an das Postfach
virtual_mailbox_domains = sxps.it # Berechtigte Empfangs-Domains

smtpd_recipient_restrictions = permit_mynetworks, reject_non_fqdn_recipient, reject_non_fqdn_hostname, reject_invalid_hostname, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unauth_pipelining, reject_unverified_recipient

      Create MySQL user

      mysql -u root
GRANT ALL PRIVILEGES ON kopanoserver.* TO 'kopano'@'localhost' IDENTIFIED BY '12345' WITH GRANT OPTION;
flush privileges;
exit

      nano /etc/postfix/mysql-users.cf

      Insert:

      user = kopano
password = 12345
hosts = 127.0.0.1
dbname = kopanoserver
query = SELECT value FROM objectproperty where propname = 'emailaddress' and value = '%s'

      Keep going:

      touch /etc/postfix/virtual
chmod 600 /etc/postfix/mysql-users.cf
postmap /etc/postfix/mysql-users.cf
postmap /etc/postfix/virtual
 
apt-get install kopano-webapp-contactfax kopano-webapp-gmaps kopano-webapp-pimfolder kopano-webapp-quickitems kopano-webapp-titlecounter kopano-webapp-webappmanual kopano-webapp-zdeveloper kopano-webapp-files

      Edit ldap.cfg

      nano /etc/kopano/ldap.cfg

      My content:

      ##############################################################
#  LDAP DIRECTORY USER PLUGIN SETTINGS
#

# Select implementation.
# If you have any reason to override settings from /usr/share/kopano/*.cfg,
# do so at the end of this (/etc-resident) config file.
#
!include /usr/share/kopano/ldap.openldap.cfg
#!include /usr/share/kopano/ldap.active-directory.cfg

# LDAP host name/IP address
# ldap_host = 10.0.220.2

# LDAP port
# Optional, default = 389
# Use 636 for ldaps
# ldap_port = 389

# LDAP protocol
# Optional, default = ldap
# use 'ldaps' for Implicit SSL encryption. Make sure /etc/ldap/ldap.conf is
# configured correctly with TLS_CACERT
# ldap_protocol = ldap
ldap_uri = ldap://10.0.220.2:389/

# LDAP URI
# Optional, override ldap_host, ldap_port and ldap_protocol if set
# e.g. ldaps://servername:port. You may also specify multiple space-separated
# URIs
#ldap_uri =

# The charset that strings are stored in on the LDAP server. Normally this
# is utf-8, but this can differ according to your setup. The charset specified
# here must be supported by your iconv(1) setup. See iconv -l for all charset
#ldap_server_charset = utf-8

# The DN of the user to bind as for normal operations (not used for
# authentication if ldap_authentication_method is set to "bind".
# When empty, uses anonymous binding.
# The userPassword attribute must be readable for this user if the
# ldap_authentication_method option is set to password.
ldap_bind_user = cn=admin,dc=sxps,dc=it

# LDAP bind password
ldap_bind_passwd = admin
ldap_authentication_method = bind

# The timeout for network operations in seconds
#ldap_network_timeout = 30

# ldap_page_size limits the number of results from a query that will be downloaded at a time.
# Default ADS MaxPageSize is 1000.
ldap_page_size = 1000

##########
# Object settings
ldap_object_type_attribute = objectClass
ldap_user_type_attribute_value = User
ldap_group_type_attribute_value = Group
ldap_contact_type_attribute_value = Contact
ldap_company_type_attribute_value = ou
ldap_addresslist_type_attribute_value = kopano-addresslist
ldap_dynamicgroup_type_attribute_value = kopano-dynamicgroup
ldap_user_search_filter = (kopanoAccount=1)
ldap_user_unique_attribute = objectGUID
ldap_user_unique_attribute_type = binary
ldap_fullname_attribute = cn
ldap_loginname_attribute = sAMAccountName
ldap_emailaddress_attribute = mail
ldap_emailaliases_attribute = otherMailbox
ldap_password_attribute =
ldap_isadmin_attribute = kopanoAdmin
ldap_nonactive_attribute = kopanoSharedStoreOnly
# Top level search base, every object should be available under this tree
ldap_search_base = dc=sxps,dc=it

# Use custom defined LDAP property mappings
# This is not a requirement for most environments but allows custom mappings of
# special LDAP properties to custom MAPI attributes
#!propmap /etc/kopano/ldap.propmap.cfg

      Finally activating LDAP in server.cfg:

      nano /etc/kopano/server.cfg

      and set:

      user_plugin = ldap
user_plugin_config = /etc/kopano/ldap.cfg
createuser_script = /usr/lib/kopano/userscripts/createuser
deleteuser_script = /usr/lib/kopano/userscripts/deleteuser
creategroup_script = /usr/lib/kopano/userscripts/creategroup
deletegroup_script = /usr/lib/kopano/userscripts/deletegroup
createcompany_script = /usr/lib/kopano/userscripts/createcompany
deletecompany_script = /usr/lib/kopano/userscripts/deletecompany
user_safe_mode = no
      1 Reply Last reply Reply Quote 0
      • birduser
        birduser last edited by

        I’m gonna reply to my own post, I hope that is okay.
        As I learned, Kopano (the company) are not maintaining the Debian packages, and I installed it from there. After installing it directly from the Kopano web page the error is gone. Thanks!

        1 Reply Last reply Reply Quote 0
        • fbartels
          fbartels Kopano last edited by

          Same error and reported as https://forum.kopano.io/topic/3018/ldap-user-does-not-get-a-store-mapi_e_not_found/

          closing

          Regards Felix

          Resources:
          https://kopano.com/blog/how-to-get-kopano/
          https://documentation.kopano.io/
          https://kb.kopano.io/

          Support overview:
          https://kopano.com/support/

          1 Reply Last reply Reply Quote 0
          • First post
            Last post