LDAP error after fresh install

birduser

On a fresh install on Debian 10 I want to use LDAP. When I try to sync the users I get:

root@mail:~# kopano-cli --sync
MAPI error 8004010F (MAPI_E_NOT_FOUND)

In “var/log/mail.log” it says:
Config error: Unable to open config file “/usr/share/kopano/ldap.openldap.cfg”:

Feb 17 16:45:23 mail kopano-server[832]: Config error: Option 'ldap_group_type_attribute_value' cannot be empty!
Feb 17 16:45:23 mail kopano-server[832]: Config error: Option 'ldap_user_type_attribute_value' cannot be empty!
Feb 17 16:45:23 mail kopano-server[832]: Cannot instantiate user plugin: Not a valid configuration file.
Feb 17 16:45:23 mail kopano-server[832]: Unable to instantiate user plugin
Feb 17 16:45:23 mail kopano-monitor[450]: Unable to get userlist for company "Default": not found (8004010f)
Feb 17 16:45:28 mail kopano-server[832]: Failed to open plugin configuration file, using defaults.
Feb 17 16:45:28 mail kopano-server[832]: Config error: Unable to open config file "/usr/share/kopano/ldap.openldap.cfg"
Feb 17 16:45:28 mail kopano-server[832]: Config error: Option 'ldap_group_type_attribute_value' cannot be empty!
Feb 17 16:45:28 mail kopano-server[832]: Config error: Option 'ldap_user_type_attribute_value' cannot be empty!
Feb 17 16:45:28 mail kopano-server[832]: Cannot instantiate user plugin: Not a valid configuration file.
Feb 17 16:45:28 mail kopano-server[832]: Unable to instantiate user plugin
Feb 17 16:45:28 mail kopano-server[832]: Error synchronizing company list: not found (80000002)

But the file “/usr/share/kopano/ldap.openldap.cfg” definetly exists:

root@mail:~# ls -la /usr/share/kopano/ldap.openldap.cfg
-rw-r--r-- 1 root root 15793 Apr 25  2019 /usr/share/kopano/ldap.openldap.cfg

I got it working by copying all LDAP files from /usr/share/kopano to /etc/kopano:

cp /usr/share/kopano/ldap.* /etc/kopano/

And changing the path in “ldap.openldap.cfg”:

!propmap /etc/kopano/ldap.propmap.cfg

Aswell as in “/etc/kopano/ldap.cfg”:

!include /etc/kopano/ldap.openldap.cfg

But that can’t be the solution, right? it seems there is a right problem.

To reproduce, these are the steps I took for installing kopano:

apt-get update & apt-get dist-upgrade -V
apt-get install kopano-core kopano-webapp-nginx
rm -f /etc/nginx/sites-enabled/default
systemctl restart nginx
apt-get install postfix postfix-mysql 

Edit main.cf

nano /etc/postfix/main.cf

and insert:

# Kopano Custom
virtual_alias_map = hash:/etc/postfix/virtual # Aliase/Weiterleitungen für Postfächer
virtual_mailbox_maps = mysql:/etc/postfix/mysql-users.cf # Auslesen vorhandener Postfächer
virtual_transport = lmtp:127.0.0.1:2003 # Weiterleiten der Mail an Dagent für die Zustellung an das Postfach
virtual_mailbox_domains = sxps.it # Berechtigte Empfangs-Domains

smtpd_recipient_restrictions = permit_mynetworks, reject_non_fqdn_recipient, reject_non_fqdn_hostname, reject_invalid_hostname, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unauth_pipelining, reject_unverified_recipient

Create MySQL user

mysql -u root
GRANT ALL PRIVILEGES ON kopanoserver.* TO 'kopano'@'localhost' IDENTIFIED BY '12345' WITH GRANT OPTION;
flush privileges;
exit

nano /etc/postfix/mysql-users.cf

Insert:

user = kopano
password = 12345
hosts = 127.0.0.1
dbname = kopanoserver
query = SELECT value FROM objectproperty where propname = 'emailaddress' and value = '%s'

Keep going:

touch /etc/postfix/virtual
chmod 600 /etc/postfix/mysql-users.cf
postmap /etc/postfix/mysql-users.cf
postmap /etc/postfix/virtual
 
apt-get install kopano-webapp-contactfax kopano-webapp-gmaps kopano-webapp-pimfolder kopano-webapp-quickitems kopano-webapp-titlecounter kopano-webapp-webappmanual kopano-webapp-zdeveloper kopano-webapp-files

Edit ldap.cfg

nano /etc/kopano/ldap.cfg

My content:

##############################################################
#  LDAP DIRECTORY USER PLUGIN SETTINGS
#

# Select implementation.
# If you have any reason to override settings from /usr/share/kopano/*.cfg,
# do so at the end of this (/etc-resident) config file.
#
!include /usr/share/kopano/ldap.openldap.cfg
#!include /usr/share/kopano/ldap.active-directory.cfg

# LDAP host name/IP address
# ldap_host = 10.0.220.2

# LDAP port
# Optional, default = 389
# Use 636 for ldaps
# ldap_port = 389

# LDAP protocol
# Optional, default = ldap
# use 'ldaps' for Implicit SSL encryption. Make sure /etc/ldap/ldap.conf is
# configured correctly with TLS_CACERT
# ldap_protocol = ldap
ldap_uri = ldap://10.0.220.2:389/

# LDAP URI
# Optional, override ldap_host, ldap_port and ldap_protocol if set
# e.g. ldaps://servername:port. You may also specify multiple space-separated
# URIs
#ldap_uri =

# The charset that strings are stored in on the LDAP server. Normally this
# is utf-8, but this can differ according to your setup. The charset specified
# here must be supported by your iconv(1) setup. See iconv -l for all charset
#ldap_server_charset = utf-8

# The DN of the user to bind as for normal operations (not used for
# authentication if ldap_authentication_method is set to "bind".
# When empty, uses anonymous binding.
# The userPassword attribute must be readable for this user if the
# ldap_authentication_method option is set to password.
ldap_bind_user = cn=admin,dc=sxps,dc=it

# LDAP bind password
ldap_bind_passwd = admin
ldap_authentication_method = bind

# The timeout for network operations in seconds
#ldap_network_timeout = 30

# ldap_page_size limits the number of results from a query that will be downloaded at a time.
# Default ADS MaxPageSize is 1000.
ldap_page_size = 1000

##########
# Object settings
ldap_object_type_attribute = objectClass
ldap_user_type_attribute_value = User
ldap_group_type_attribute_value = Group
ldap_contact_type_attribute_value = Contact
ldap_company_type_attribute_value = ou
ldap_addresslist_type_attribute_value = kopano-addresslist
ldap_dynamicgroup_type_attribute_value = kopano-dynamicgroup
ldap_user_search_filter = (kopanoAccount=1)
ldap_user_unique_attribute = objectGUID
ldap_user_unique_attribute_type = binary
ldap_fullname_attribute = cn
ldap_loginname_attribute = sAMAccountName
ldap_emailaddress_attribute = mail
ldap_emailaliases_attribute = otherMailbox
ldap_password_attribute =
ldap_isadmin_attribute = kopanoAdmin
ldap_nonactive_attribute = kopanoSharedStoreOnly
# Top level search base, every object should be available under this tree
ldap_search_base = dc=sxps,dc=it

# Use custom defined LDAP property mappings
# This is not a requirement for most environments but allows custom mappings of
# special LDAP properties to custom MAPI attributes
#!propmap /etc/kopano/ldap.propmap.cfg

Finally activating LDAP in server.cfg:

nano /etc/kopano/server.cfg

and set:

user_plugin = ldap
user_plugin_config = /etc/kopano/ldap.cfg
createuser_script = /usr/lib/kopano/userscripts/createuser
deleteuser_script = /usr/lib/kopano/userscripts/deleteuser
creategroup_script = /usr/lib/kopano/userscripts/creategroup
deletegroup_script = /usr/lib/kopano/userscripts/deletegroup
createcompany_script = /usr/lib/kopano/userscripts/createcompany
deletecompany_script = /usr/lib/kopano/userscripts/deletecompany
user_safe_mode = no

birduser

I’m gonna reply to my own post, I hope that is okay.
As I learned, Kopano (the company) are not maintaining the Debian packages, and I installed it from there. After installing it directly from the Kopano web page the error is gone. Thanks!

fbartels

Same error and reported as https://forum.kopano.io/topic/3018/ldap-user-does-not-get-a-store-mapi_e_not_found/

closing