webmail problems

Check your configutil output, to make sure that your various settings for local.*ldap include current user and passwords to your ldap server.

Check your ldap Access Log for failed logins. It's hard for Messaging to be more verbose than, "I can't connect to ldap" when that's the problem......

jay_plesset at 2007-7-7 3:38:49 >

There are no failed login attempts, in fact, don't see anything in the configuration directory access logs when a webmail session is run.It seems like webmail sessions are not even hitting the configuration directory. Slapd is running and I see logs when command line ldapsearch requests are run.None of the file systems are above 25% capacity.The local.ldaphost from configutil output is the fully qualified name of the message server, the fqn resolves to the message servers private ip with DNS, and the fqn has the message server private ip in /etc/hosts, so name resolution for local.ldaphost should keep it on the message server.Don't know why the webmail logins/sessions are not showing any entries in the access logs of the configuration directory.

jmck407 at 2007-7-7 3:38:49 >

thanks Jay. Note message server was installed with a script using values set by upper levels of our organization, so I may not be able to answer exactly why some variables have their settings, but will try to answer any questions you have after looking over the output.

bash-2.05# ./configutil |grep "local.*"

local.defdomain = bbbb.ccc

local.enduseradmincred = XXXXXXXXX

local.enduseradmindn = "uid=msg-admin-m-mail.aaaa.bbbb.ccc-20060926193402Z, ou=People, o=bbbb.ccc,o=bbbb.ccc"

local.ens.enable = 1

local.hostname = m-mail.aaaa.bbbb.ccc

local.imta.enable = 1

local.imta.imta_tailor = /opt/messaging/config/imta_tailor

local.imta.ssrenabled = yes

local.installeddir = /opt/messaging

local.instancedir = /opt/messaging

local.lastconfigfetch = 1163179999

local.ldapbasedn = o=NetscapeRoot

local.ldapcachefile = /opt/messaging/config/local.conf

local.ldaphost = m-mail.aaaa.bbbb.ccc

local.ldapport = 389

local.ldapsiecred = XXXXXXXX

local.ldapsiedn = "cn=msg-config, cn=Sun ONE Messaging Suite, cn=Server Group,

cn=m-mail.aaaa.bbbb.ccc, ou=aaaa.bbbb.ccc, o=NetscapeRoot"

local.ldapusessl = False

local.mmp.enable = 0

local.sched.enable = 1

local.schedule.expire = "0 23 * * * /opt/messaging/sbin/imexpire"

local.schedule.msprobe = "5,15,25,35,45,55 * * * * /opt/messaging/lib/msprobe"

local.schedule.purge = "0 0,4,8,12,16,20 * * * /opt/messaging/lib/purge -num=5"

local.schedule.return_job = "30 0 * * * /opt/messaging/lib/return_job"

local.servergid = sunone

local.servername = m-mail.aaaa.bbbb.ccc

local.serverroot = /opt/messaging

local.servertype = msg

local.serveruid = sunone

local.service.pab.attributelist = pabattrs

local.service.pab.enabled = 1

local.service.pab.ldapbasedn = o=pab

local.service.pab.ldapbinddn = "uid=msg-admin-m-mail.aaaa.bbbb.ccc 20060926193402Z, ou=People, o=bbbb.ccc,o=bbbb.ccc"

local.service.pab.ldaphost = m-mail.aaaa.bbbb.ccc

local.service.pab.ldappasswd = XXXXXXXX

local.service.pab.ldapport = 389

local.service.pab.maxnumberofentries = 500

local.store.enable = 1

local.store.snapshotdirs = 3

local.store.snapshotinterval = 1440

local.store.snapshotpath = dbdata/snapshots

local.supportedlanguages = "[en,de,fr,es,af,ca,da,nl,fi,gl,ga,is,it,no,pt,sv,ja,ko,zh-CN,zh-TW]"

local.tmpdir = /opt/messaging/data/tmp

local.ugldapbasedn = o=bbbb.ccc

local.ugldapbindcred = XXXXXXXX

local.ugldapbinddn = "uid=m-mail.aaaa.bbbb.ccc,ou=Mail Servers,o=bbbb.ccc"

local.ugldapdeforgdn = o=bbbb.ccc

local.ugldaphost = "ldap.aaaa.bbbb.ccc ldap-e.ddd.bbbb.ccc"

local.ugldapport = 636

local.ugldapuselocal = yes

local.ugldapusessl = yes

local.watcher.enable = yes

local.webmail.da.host = m-mail.aaaa.bbbb.ccc

local.webmail.da.port = 8080

local.webmail.sso.enable = 0

local.webmail.sso.singlesignoff = 1

jmck407 at 2007-7-7 3:38:49 >

yes our user/group ldap server is different . If there is a userid/cred problem, then should we not see some bad logins/errors in the access logs of the configuration ldap when webmail sessions try to authenticate PAB with the bad userid/cred? Seems odd no access logs at all are generated when a webmail session is run (even error entries), unless of course the uid/cred logins for access to the config ldap are getting logged somewhere else, or not at all.Is there somewhere where a valid uid and credential for the pab (configuration) ldap is stored, so I can check/modify the values to test and see if that helps? If the only way to get the uid/cred information for the config ldap is from the what was given during install, then will have to wait until I get back to work and check the notes.

jmck407 at 2007-7-7 3:38:49 >

Jay,

The only things sanitized in the configutil output are the hostnames, domains, and passwords, edited with a find/replace.Note the 3 credential lines are all different and should have been sanitized as XXXXXX, YYYYYY, ZZZZZZ (the edit button is not allowing me to edit the post).Curious as to what is showing the PAB ldap is using the same creds as the u/g ldap? The uids look slightly different to me, and the ou's are different. Was it the XXXXXX for all the creds, or the o=bbb.ccc?

local.service.pab.attributelist = pabattrs

local.service.pab.enabled = 1

local.service.pab.ldapbasedn = o=pab

local.service.pab.ldapbinddn = "uid=msg-admin-m-mail.aaaa.bbbb.ccc 20060926193402Z, ou=People, o=bbbb.ccc,o=bbbb.ccc"

local.service.pab.ldaphost = m-mail.aaaa.bbbb.ccc

local.service.pab.ldappasswd =YYYYYYYY

local.service.pab.ldapport = 389

local.ugldapbasedn = o=bbbb.ccc

local.ugldapbindcred = ZZZZZZZZ

local.ugldapbinddn = "uid=m-mail.aaaa.bbbb.ccc,ou=Mail Servers,o=bbbb.ccc"

local.ugldapdeforgdn = o=bbbb.ccc

local.ugldaphost = "ldap.aaaa.bbbb.ccc ldap-e.ddd.bbbb.ccc"

local.ugldapport = 636

local.ugldapuselocal = yes

local.ugldapusessl = yes

jmck407 at 2007-7-7 3:38:49 >