ClearOS Bug Tracker


View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0001718ClearOSapp-openldap-directory - Directory Serverpublic2014-05-26 13:512020-05-14 08:51
ReporterNickH 
Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusclosedResolutionsuspended 
PlatformOSOS Version
Product Version 
Target VersionFixed in Version 
Summary0001718: Email can no longer authenticate after Directory Server domain change
DescriptionI changed my the domain in my Directory Server and from then on Thunderbird and Roundcubemail could no longer authenticate and I got a load of error messages in /var/log/maillog:
imaps[21672]: imapd:Loading hard-coded DH parameters
May 26 16:53:32 server imaps[21672]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
May 26 16:53:32 server imaps[21672]: badlogin: Black.howitts.co.uk [172.17.2.100] plain [SASL(-13): authentication failure: Password verification failed]
May 26 16:53:35 server imaps[21672]: badlogin: Black.howitts.co.uk [172.17.2.100] plaintext mail-ebay SASL(-13): authentication failure: checkpass failed
May 26 16:56:30 server imaps[21908]: imapd:Loading hard-coded DH parameters
May 26 16:56:30 server imaps[21908]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
May 26 16:56:30 server imaps[21908]: badlogin: Black.howitts.co.uk [172.17.2.100] plain [SASL(-13): authentication failure: Password verification failed]
May 26 16:56:33 server imaps[21908]: badlogin: Black.howitts.co.uk [172.17.2.100] plaintext mail-howitts SASL(-13): authentication failure: checkpass failed
May 26 16:57:11 server imaps[21909]: imapd:Loading hard-coded DH parameters
May 26 16:57:11 server imaps[21909]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
May 26 16:57:12 server imaps[21908]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
May 26 16:57:12 server imaps[21908]: badlogin: Black.howitts.co.uk [172.17.2.100] plain [SASL(-13): authentication failure: Password verification failed]
May 26 16:57:14 server imaps[21909]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
May 26 16:57:14 server imaps[21928]: imapd:Loading hard-coded DH parameters
May 26 16:57:14 server imaps[22145]: imapd:Loading hard-coded DH parameters
May 26 16:57:14 server imaps[21928]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
May 26 16:57:14 server imaps[22145]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
May 26 16:57:15 server imaps[21908]: badlogin: Black.howitts.co.uk [172.17.2.100] plaintext nick SASL(-13): authentication failure: checkpass failed
May 26 16:57:29 server imaps[22150]: imapd:Loading hard-coded DH parameters
May 26 16:57:29 server imaps[22150]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
May 26 16:57:33 server imaps[22151]: imapd:Loading hard-coded DH parameters
May 26 16:57:33 server imaps[22151]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
May 26 16:57:58 server imaps[21909]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
May 26 16:57:58 server imaps[22151]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
May 26 16:57:58 server imaps[21928]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
May 26 16:57:58 server imaps[21908]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
May 26 16:57:58 server imaps[21909]: badlogin: Black.howitts.co.uk [172.17.2.100] plain [SASL(-13): authentication failure: Password verification failed]
May 26 16:57:58 server imaps[22151]: badlogin: Black.howitts.co.uk [172.17.2.100] plain [SASL(-13): authentication failure: Password verification failed]
May 26 16:57:58 server imaps[21908]: badlogin: Black.howitts.co.uk [172.17.2.100] plain [SASL(-13): authentication failure: Password verification failed]
May 26 16:58:01 server imaps[21909]: badlogin: Black.howitts.co.uk [172.17.2.100] plaintext nick SASL(-13): authentication failure: checkpass failed
May 26 16:58:01 server imaps[22151]: badlogin: Black.howitts.co.uk [172.17.2.100] plaintext mail-nick-gmail SASL(-13): authentication failure: checkpass failed
May 26 16:58:01 server imaps[21908]: badlogin: Black.howitts.co.uk [172.17.2.100] plaintext mail-ebay SASL(-13): authentication failure: checkpass failed

I tried both IMAP and IMAPS with the same problem.

Rebooting the server fixed it.
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
(0001182)
NickH (developer)
2014-05-26 13:57

Adding: /var/log/secure also gave lots of:

May 26 17:07:52 server saslauthd[3781]: pam_unix(imap:auth): check pass; user unknown
May 26 17:07:52 server saslauthd[3781]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
May 26 17:07:52 server saslauthd[3781]: pam_succeed_if(imap:auth): error retrieving information about user mail-howitts

and

May 26 17:08:48 server saslauthd[3782]: pam_listfile(imap:account): Refused user nick for service imap
May 26 17:08:48 server saslauthd[3782]: pam_unix(imap:account): could not identify user (from getpwnam(nick))
May 26 17:08:48 server saslauthd[3782]: pam_succeed_if(imap:account): error retrieving information about user nick
(0001189)
user2
2014-05-29 10:56

A whole bunch of "configlets" need to be changed and services restarted when the base domain changes. I'll have my head in OpenLDAP over the next week and will dive into this topic and 0001719
(0014311)
NickH (developer)
2020-05-14 08:51

Migrated to https://gitlab.com/clearos/clearfoundation/app-openldap-directory/-/issues/6 [^]

- Issue History
Date Modified Username Field Change
2014-05-26 13:51 NickH New Issue
2014-05-26 13:57 NickH Note Added: 0001182
2014-05-26 13:59 bchambers Assigned To => bchambers
2014-05-26 13:59 bchambers Status new => assigned
2014-05-29 10:56 user2 Note Added: 0001189
2020-05-14 08:51 NickH Note Added: 0014311
2020-05-14 08:51 NickH Status assigned => closed
2020-05-14 08:51 NickH Assigned To bchambers =>
2020-05-14 08:51 NickH Resolution open => suspended