Navigation

    Kopano
    • Register
    • Login
    • Search
    • Categories
    • Get Official Kopano Support
    • Recent
    Statement regarding the closure of the Kopano community forum and the end of the community edition

    Authentification between Dagent & Sendmail and remote Kopano Core server fails

    Kopano Groupware Core
    dagent auth active director sendmail
    3
    14
    1561
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • thctlo
      thctlo last edited by thctlo

      What happens if you set the following in systemd start up.

      cat /etc/systemd/system/kopano-dagent.service.d/override.conf

      After=kopano-server.service
Wants=kopano-server.service

[Service]
LimitNOFILE=8192:16384

      You can use : systemctl edit kopano-dagent
      or
      if you want a copy of the complete file in systemd.: systemctl edit --full kopano-dagent

      I did see the same messages and these where gone after the above settings.
      You see this if you use run_as(user/group)

      fixundfertig123 1 Reply Last reply Reply Quote 0
      • fbartels
        fbartels Kopano @fixundfertig123 last edited by

        @fixundfertig123 said in Authentification between Dagent & Sendmail and remote Kopano Core server fails:

        That looks to me either like a permission problem

        Yes, would have said the same. For easier testing I would suggest to use kopano-admin/kopano-cli instead of the dagent. The ssl options are named the same for all services, so you can easily specify the dagent.cfg for admin. once you get your users listed all should be good for dagent as well.

        Regards Felix

        Resources:
        https://kopano.com/blog/how-to-get-kopano/
        https://documentation.kopano.io/
        https://kb.kopano.io/

        Support overview:
        https://kopano.com/support/

        fixundfertig123 1 Reply Last reply Reply Quote 0
        • fixundfertig123
          fixundfertig123 @thctlo last edited by

          @thctlo Thank you. I believe this does not work, since DAgent is hosted on a different server? Am I right that you are assuming it is on the same server?

          thctlo 1 Reply Last reply Reply Quote 0
          • fixundfertig123
            fixundfertig123 @fbartels last edited by fixundfertig123

            @fbartels said in Authentification between Dagent & Sendmail and remote Kopano Core server fails:

            kopano-cli

            Hello, I admit that you suggestion is not yet 100% clear to me (sorry for that and potential errors!). I verified that the ssl connecton from the DAgent -> Core Server works by entering:

            openssl s_client -connect kopano.intranet.XXXXXX.de:237

            Resulting in:

            ...
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: E245D3A9278C82E8124DAF8331EAA2C670CDAFC8D453513D1B7295D1778D1413
    Session-ID-ctx:
    Master-Key: A0D6A3263B4ED7117481F9DB52FF63805E90CF9F1698B14A1F92C969FF540814EDE8DCB854BE4185FFDC3B26ACE92C97
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1525084370
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: yes
---
read:errno=0

            When testing “kopano-admin -vvvv -h kopano.intranet.XXXXX.de:237 -c /etc/kopano/dagent.cfg -l” on the DAgent server (targeting Core server) I recieve:

            [error  ] gsoap connect: ()
[error  ] virtual HRESULT M4LMsgServiceAdmin::ConfigureMsgService(const MAPIUID*, ULONG_PTR, ULONG, ULONG, const SPropValue*): MSGServiceEntry failed: network error (80040115)
[crit   ] CreateProfileTemp(): ConfigureMsgService failed 80040115: network error
[warning] CreateProfileTemp failed: 80040115: network error
Unable to open Admin session: network error (0x80040115)
The server is not running, or not accessible through "kopano.intranet.XXXXX.de:237".
Using the -v option (possibly multiple times) may give more hints.

            and the “recieving” kopano core server log states:

            Mon Apr 30 12:32:50 2018: [debug  ] Accepted incoming SSL connection from 172.16.1.18
Mon Apr 30 12:38:07 2018: [warning] SSL_accept() failed in soap_ssl_accept()
Mon Apr 30 12:38:07 2018: [debug  ] SOAP_SSL_ERROR: SSL_ERROR_SSL
error:1408F10B:SSL routines:ssl3_get_record:wrong version number

            Am I doing something wrong? Cheers

            1 Reply Last reply Reply Quote 0
            • fixundfertig123
              fixundfertig123 last edited by

              Looks quite similar to: https://forums.zarafa.com/showthread.php?7734-Remote-Access-to-Zarafa-Server-with-dagent-via-https-does-not-work

              Unfortunately some parts of the the forum seems to be “hidden”…

              1 Reply Last reply Reply Quote 0
              • fixundfertig123
                fixundfertig123 last edited by

                And another link: https://www.cubewerk.de/2015/01/09/zarafa-port-237-ssl-ssl_accept-failed-in-soap_ssl_accept/

                But still do not find my error (besides required/insisting to use my own self-signed CA files :-/)

                1 Reply Last reply Reply Quote 0
                • fbartels
                  fbartels Kopano last edited by fbartels

                  Hi @fixundfertig123 ,

                  I’d recommend to open a support case. Our support staff can have a look at your exact certificate files and through this better identify what needs to be changed.

                  Ps: what do you mean with “hidden” in regards to the old forum? That thread seems complete to me.

                  Regards Felix

                  Resources:
                  https://kopano.com/blog/how-to-get-kopano/
                  https://documentation.kopano.io/
                  https://kb.kopano.io/

                  Support overview:
                  https://kopano.com/support/

                  fixundfertig123 1 Reply Last reply Reply Quote 0
                  • fixundfertig123
                    fixundfertig123 @fbartels last edited by

                    Hi @fbartels , thanks I will!

                    to me the zarafa forum looks like the code insertion are somehow missing?!? I attached a screenshot:

                    0_1525173495200_1.JPG

                    What do you think?

                    fbartels 1 Reply Last reply Reply Quote 0
                    • thctlo
                      thctlo @fixundfertig123 last edited by

                      @fixundfertig123 Yes, correct i run Dagent on the same server.

                      1 Reply Last reply Reply Quote 0
                      • fbartels
                        fbartels Kopano @fixundfertig123 last edited by

                        @fixundfertig123 ah. did not notice this. The forum was modified a few weeks ago to be completely read-only maybe inline quotes were removed in that process.

                        Regards Felix

                        Resources:
                        https://kopano.com/blog/how-to-get-kopano/
                        https://documentation.kopano.io/
                        https://kb.kopano.io/

                        Support overview:
                        https://kopano.com/support/

                        1 Reply Last reply Reply Quote 0
                        • fixundfertig123
                          fixundfertig123 last edited by

                          @fbartels Okay, thats quite sad, it was a good source of knowledge… Maybe it can be readded? Thanks for your help anyway!

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post