Navigation

    Kopano
    • Register
    • Login
    • Search
    • Categories
    • Get Official Kopano Support
    • Recent
    Statement regarding the closure of the Kopano community forum and the end of the community edition

    LDAP error after fresh install

    Kopano Groupware Core
    2
    3
    478
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • birduser
      birduser last edited by

      On a fresh install on Debian 10 I want to use LDAP. When I try to sync the users I get:

      root@mail:~# kopano-cli --sync
      MAPI error 8004010F (MAPI_E_NOT_FOUND)
      

      In “var/log/mail.log” it says:
      Config error: Unable to open config file “/usr/share/kopano/ldap.openldap.cfg”:

      Feb 17 16:45:23 mail kopano-server[832]: Config error: Option 'ldap_group_type_attribute_value' cannot be empty!
      Feb 17 16:45:23 mail kopano-server[832]: Config error: Option 'ldap_user_type_attribute_value' cannot be empty!
      Feb 17 16:45:23 mail kopano-server[832]: Cannot instantiate user plugin: Not a valid configuration file.
      Feb 17 16:45:23 mail kopano-server[832]: Unable to instantiate user plugin
      Feb 17 16:45:23 mail kopano-monitor[450]: Unable to get userlist for company "Default": not found (8004010f)
      Feb 17 16:45:28 mail kopano-server[832]: Failed to open plugin configuration file, using defaults.
      Feb 17 16:45:28 mail kopano-server[832]: Config error: Unable to open config file "/usr/share/kopano/ldap.openldap.cfg"
      Feb 17 16:45:28 mail kopano-server[832]: Config error: Option 'ldap_group_type_attribute_value' cannot be empty!
      Feb 17 16:45:28 mail kopano-server[832]: Config error: Option 'ldap_user_type_attribute_value' cannot be empty!
      Feb 17 16:45:28 mail kopano-server[832]: Cannot instantiate user plugin: Not a valid configuration file.
      Feb 17 16:45:28 mail kopano-server[832]: Unable to instantiate user plugin
      Feb 17 16:45:28 mail kopano-server[832]: Error synchronizing company list: not found (80000002)
      

      But the file “/usr/share/kopano/ldap.openldap.cfg” definetly exists:

      root@mail:~# ls -la /usr/share/kopano/ldap.openldap.cfg
      -rw-r--r-- 1 root root 15793 Apr 25  2019 /usr/share/kopano/ldap.openldap.cfg
      

      I got it working by copying all LDAP files from /usr/share/kopano to /etc/kopano:

      cp /usr/share/kopano/ldap.* /etc/kopano/
      

      And changing the path in “ldap.openldap.cfg”:

      !propmap /etc/kopano/ldap.propmap.cfg
      

      Aswell as in “/etc/kopano/ldap.cfg”:

      !include /etc/kopano/ldap.openldap.cfg
      

      But that can’t be the solution, right? it seems there is a right problem.

      To reproduce, these are the steps I took for installing kopano:

      apt-get update & apt-get dist-upgrade -V
      apt-get install kopano-core kopano-webapp-nginx
      rm -f /etc/nginx/sites-enabled/default
      systemctl restart nginx
      apt-get install postfix postfix-mysql 
      

      Edit main.cf

      nano /etc/postfix/main.cf
      

      and insert:

      # Kopano Custom
      virtual_alias_map = hash:/etc/postfix/virtual # Aliase/Weiterleitungen für Postfächer
      virtual_mailbox_maps = mysql:/etc/postfix/mysql-users.cf # Auslesen vorhandener Postfächer
      virtual_transport = lmtp:127.0.0.1:2003 # Weiterleiten der Mail an Dagent für die Zustellung an das Postfach
      virtual_mailbox_domains = sxps.it # Berechtigte Empfangs-Domains
      
      smtpd_recipient_restrictions = permit_mynetworks, reject_non_fqdn_recipient, reject_non_fqdn_hostname, reject_invalid_hostname, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unauth_pipelining, reject_unverified_recipient
      

      Create MySQL user

      mysql -u root
      GRANT ALL PRIVILEGES ON kopanoserver.* TO 'kopano'@'localhost' IDENTIFIED BY '12345' WITH GRANT OPTION;
      flush privileges;
      exit
      
      nano /etc/postfix/mysql-users.cf
      

      Insert:

      user = kopano
      password = 12345
      hosts = 127.0.0.1
      dbname = kopanoserver
      query = SELECT value FROM objectproperty where propname = 'emailaddress' and value = '%s'
      

      Keep going:

      touch /etc/postfix/virtual
      chmod 600 /etc/postfix/mysql-users.cf
      postmap /etc/postfix/mysql-users.cf
      postmap /etc/postfix/virtual
       
      apt-get install kopano-webapp-contactfax kopano-webapp-gmaps kopano-webapp-pimfolder kopano-webapp-quickitems kopano-webapp-titlecounter kopano-webapp-webappmanual kopano-webapp-zdeveloper kopano-webapp-files
      

      Edit ldap.cfg

      nano /etc/kopano/ldap.cfg
      

      My content:

      ##############################################################
      #  LDAP DIRECTORY USER PLUGIN SETTINGS
      #
      
      # Select implementation.
      # If you have any reason to override settings from /usr/share/kopano/*.cfg,
      # do so at the end of this (/etc-resident) config file.
      #
      !include /usr/share/kopano/ldap.openldap.cfg
      #!include /usr/share/kopano/ldap.active-directory.cfg
      
      # LDAP host name/IP address
      # ldap_host = 10.0.220.2
      
      # LDAP port
      # Optional, default = 389
      # Use 636 for ldaps
      # ldap_port = 389
      
      # LDAP protocol
      # Optional, default = ldap
      # use 'ldaps' for Implicit SSL encryption. Make sure /etc/ldap/ldap.conf is
      # configured correctly with TLS_CACERT
      # ldap_protocol = ldap
      ldap_uri = ldap://10.0.220.2:389/
      
      # LDAP URI
      # Optional, override ldap_host, ldap_port and ldap_protocol if set
      # e.g. ldaps://servername:port. You may also specify multiple space-separated
      # URIs
      #ldap_uri =
      
      # The charset that strings are stored in on the LDAP server. Normally this
      # is utf-8, but this can differ according to your setup. The charset specified
      # here must be supported by your iconv(1) setup. See iconv -l for all charset
      #ldap_server_charset = utf-8
      
      # The DN of the user to bind as for normal operations (not used for
      # authentication if ldap_authentication_method is set to "bind".
      # When empty, uses anonymous binding.
      # The userPassword attribute must be readable for this user if the
      # ldap_authentication_method option is set to password.
      ldap_bind_user = cn=admin,dc=sxps,dc=it
      
      # LDAP bind password
      ldap_bind_passwd = admin
      ldap_authentication_method = bind
      
      # The timeout for network operations in seconds
      #ldap_network_timeout = 30
      
      # ldap_page_size limits the number of results from a query that will be downloaded at a time.
      # Default ADS MaxPageSize is 1000.
      ldap_page_size = 1000
      
      ##########
      # Object settings
      ldap_object_type_attribute = objectClass
      ldap_user_type_attribute_value = User
      ldap_group_type_attribute_value = Group
      ldap_contact_type_attribute_value = Contact
      ldap_company_type_attribute_value = ou
      ldap_addresslist_type_attribute_value = kopano-addresslist
      ldap_dynamicgroup_type_attribute_value = kopano-dynamicgroup
      ldap_user_search_filter = (kopanoAccount=1)
      ldap_user_unique_attribute = objectGUID
      ldap_user_unique_attribute_type = binary
      ldap_fullname_attribute = cn
      ldap_loginname_attribute = sAMAccountName
      ldap_emailaddress_attribute = mail
      ldap_emailaliases_attribute = otherMailbox
      ldap_password_attribute =
      ldap_isadmin_attribute = kopanoAdmin
      ldap_nonactive_attribute = kopanoSharedStoreOnly
      # Top level search base, every object should be available under this tree
      ldap_search_base = dc=sxps,dc=it
      
      # Use custom defined LDAP property mappings
      # This is not a requirement for most environments but allows custom mappings of
      # special LDAP properties to custom MAPI attributes
      #!propmap /etc/kopano/ldap.propmap.cfg
      

      Finally activating LDAP in server.cfg:

      nano /etc/kopano/server.cfg
      

      and set:

      user_plugin = ldap
      user_plugin_config = /etc/kopano/ldap.cfg
      createuser_script = /usr/lib/kopano/userscripts/createuser
      deleteuser_script = /usr/lib/kopano/userscripts/deleteuser
      creategroup_script = /usr/lib/kopano/userscripts/creategroup
      deletegroup_script = /usr/lib/kopano/userscripts/deletegroup
      createcompany_script = /usr/lib/kopano/userscripts/createcompany
      deletecompany_script = /usr/lib/kopano/userscripts/deletecompany
      user_safe_mode = no
      
      1 Reply Last reply Reply Quote 0
      • birduser
        birduser last edited by

        I’m gonna reply to my own post, I hope that is okay.
        As I learned, Kopano (the company) are not maintaining the Debian packages, and I installed it from there. After installing it directly from the Kopano web page the error is gone. Thanks!

        1 Reply Last reply Reply Quote 0
        • fbartels
          fbartels Kopano last edited by

          Same error and reported as https://forum.kopano.io/topic/3018/ldap-user-does-not-get-a-store-mapi_e_not_found/

          closing

          Regards Felix

          Resources:
          https://kopano.com/blog/how-to-get-kopano/
          https://documentation.kopano.io/
          https://kb.kopano.io/

          Support overview:
          https://kopano.com/support/

          1 Reply Last reply Reply Quote 0
          • First post
            Last post