Skip navigation

RoundCube Webmail Authenticating against Open Directory on Mountain Lion 10.8.x

8035 Views 7 Replies Latest reply: Apr 9, 2013 8:07 PM by RonBraithwaite RSS
android334 Calculating status...
Currently Being Moderated
Oct 12, 2012 9:15 AM

Hello all,

 

I've been battling this issue for over a month with no success. Here is what we got:

 

Mac Mini Server running Mountain Lion Server 10.8.2 running Calendar, Contacts, Mail and Web services.

 

With there being no webmail present I've gone thru the process of installing RoundCube.

 

I'm using Postgres as the database.

 

When I test the ability to login I get the following error messages in the console.app

 

10/12/12 10:13:27.071 AM log[182]: auth: Error: od(andrew,::1): Authentication server failed to complete the requested operation.

10/12/12 10:13:27.071 AM log[182]: auth: Error: od(andrew,::1): authentication failed for user=andrew, method=DIGEST-MD5

 

The first line I find the most interesting but have had no success determinign exactly what it means.

 

I'm using open directory to authenticate and it is working perfectly with every other service so I'm led to believe it's an issue between RoundCube and Open Directory.

 

ANY help would be appreciated emmensely!

  • Mark23 Level 3 Level 3 (975 points)

    Can you post the content of your main.inc.php file?

  • Mark23 Level 3 Level 3 (975 points)

    Also just install MySQL, I find that a lot easier than working with PostgreSQL.

  • haykong Level 1 Level 1 (115 points)

    Now you just need to make the follwing edits to your main.inc.php

     

     

    Find:

    -------------------

    // ----------------------------------

    // IMAP

    // ----------------------------------

     

     

     

     

    // the mail host chosen to perform the log-in

    // leave blank to show a textbox at login, give a list of hosts

    // to display a pulldown menu or set one host as string.

    // To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://

    // Supported replacement variables:

    // %n - http hostname ($_SERVER['SERVER_NAME'])

    // %d - domain (http hostname without the first part)

    // %s - domain name after the '@' from e-mail address provided at login screen

    // For example %n = mail.domain.tld, %d = domain.tld

    $rcmail_config['default_host'] = 'localhost';

     

     

     

     

    // TCP port used for IMAP connections

    $rcmail_config['default_port'] = 143;

     

     

    // IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use

    // best server supported one)

    $rcmail_config['imap_auth_type'] = null;

     

     

    --------

     

    change:

    $rcmail_config['default_host'] = 'localhost';

    to:

    $rcmail_config['default_host'] = 'ssl://%n';

     

     

    change:

    $rcmail_config['default_port'] = 143;

    to:

    $rcmail_config['default_port'] = 993;

     

     

    change:

    $rcmail_config['imap_auth_type'] = null;

    to:

    $rcmail_config['imap_auth_type'] = 'CRAM-MD5';

     

     

     

     

    -------------------

    Next Section to find:

     

     

     

     

    // ----------------------------------

    // SMTP

    // ----------------------------------

     

     

    // SMTP server host (for sending mails).

    // To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://

    // If left blank, the PHP mail() function is used

    // Supported replacement variables:

    // %h - user's IMAP hostname

    // %n - http hostname ($_SERVER['SERVER_NAME'])

    // %d - domain (http hostname without the first part)

    // %z - IMAP domain (IMAP hostname without the first part)

    // For example %n = mail.domain.tld, %d = domain.tld

    $rcmail_config['smtp_server'] = 'localhost';

     

     

    // SMTP port (default is 25; use 587 for STARTTLS or 465 for the

    // deprecated SSL over SMTP (aka SMTPS))

    $rcmail_config['smtp_port'] = 25;

     

     

    // SMTP username (if required) if you use %u as the username Roundcube

    // will use the current username for login

    $rcmail_config['smtp_user'] = '';

     

     

    // SMTP password (if required) if you use %p as the password Roundcube

    // will use the current user's password for login

    $rcmail_config['smtp_pass'] = '';

     

     

    // SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use

    // best server supported one)

    $rcmail_config['smtp_auth_type'] = '';

     

     

    -------------

     

    change:

    $rcmail_config['smtp_server'] = 'localhost';

    to:

    $rcmail_config['smtp_server'] = 'tls://%n';

     

     

    change:

    $rcmail_config['smtp_port'] = 25;

    to"

    $rcmail_config['smtp_port'] = 587;

     

     

     

     

    change:

    $rcmail_config['smtp_user'] = '';

    to:

    $rcmail_config['smtp_user'] = '%u';

     

     

    change:

    $rcmail_config['smtp_pass'] = '';

    to:

    $rcmail_config['smtp_pass'] = '%p';

     

    change:

    $rcmail_config['smtp_auth_type'] = '';

    to:

    $rcmail_config['smtp_auth_type'] = 'CRAM-MD5';

     

     

    =====================

     

    the reason why I changed  both

    imap_auth_type and smtp_auth_type to CRAM-MD5  is that roundcube doesn't select the best one and that doesn't seem to work well when it tries to autoselect.

     

     

    It's better to SSL encrypt both your IMAP and SMTP sessions in general with any email client. And also wise to use the authentication type: CRAM-MD5 encryption.

     

     

     

    After making these modifications to your file it should work.  Just double check your mail server is not allowing cleartext authentication.

  • niocosys Calculating status...

    android334 wrote:

     

    I made the changes with success. Thank you for your help.

    Now I can move on to setting up contacts and vacation messages.

    Is there a step-by-step guide out there for installing roundcube?  A guide of everything you did there after would help too, with a bit more detail.  Possible?

  • RonBraithwaite Calculating status...

    There was a request for a step-by-step guide, so I've created one. Let's see if I can keep the formatting somewhat intact.

     

    OSX Server 10.8 does not include webmail as part of Server.app, so this document describes how to install and configure RoundCubeMail.

     

    1. Make sure the server is fully backed up.
    2. Load any available OSX updates.
    3. If necessary, set up a digital certificate for mail.domain
    4. Start the Mail service and verify that email is being received.
    5. Create a mail.domain website using Server.app and enable PHP for the domain, select SSL cert, and store site files in /Library/Server/Web/Data/Sites/mail.gttgrp.com
    6. Create the https://mail.domain website and enable PHP for address:443, select the mail.domain SSL cert, and store the site files in /Library/Server/Web/Data/Sites/mail.domain
    7. Create the http://mail.domain website for address:80, store site files in /Library/Server/Web/Data/Sites/mail.gttgrp.com, and redirect to https://mail.domain
    8. Restart the server and test access to https://mail.domain and make sure http://mail.domain redirects to https://mail.domain
    9. Download RoundCube Webmail from http://roundcube.net/download
    10. Perform the following commands (as revised from https://svn.roundcube.net/trunk/roundcubemail/INSTALL)
      cd /Library/Server/Web/Data/Sites/mail.domain
      sudo tar xfz ~/Downloads/roundcubemail-version.tar
      sudo ln –s roundcubemail-version roundcubemail
      cd roundcubemail-version
      sudo chown –R www:www temp
      sudo chown –R www:www logs
    11. Download MySQL from http://dev.mysql.com/downloads/mysql/ (the 64-bit DMG version) and run the installers by right-clicking and selecting Open With -> Installer or Open With -> System Preferences:
      mysql-version-osx10.version-x86_64.pkg
      MySQLStartupItem.pkg
      MySQL.prefPane
    12. Start MySQL by clicking Start MySQL Server from within the System Preferences -> MySQL preference pane and check Automatically Start on startup.
    13. Set up the MySQL socket:
      sudo mkdir /var/mysql
      sudo ln –s /tmp/mysql.sock /var/mysql/mysql.sock
    14. Make sure that /usr/local is in the path in ~/.bash_profile. The path should look something like:
      export PATH=”/usr/local/mysql/bin:$PATH”
    15. Open a new Terminal window and set the MySQL root password:
      mysql –u root
      GRANT ALL ON *.* TO ‘root’@’localhost’ IDENTIFIED BY‘<password>’ WITH GRANT OPTION;
      quit
    16. Create the RoundCube database with:
      mysql –u root
      CREATE DATABASE roundcubemail;
      GRANT ALL PRIVILEGES ON roundcubemail.* TO ‘roundcube’@’localhost’ IDENTIFIED BY ‘password’;
      FLUSH PRIVILEGES;
      quit
    17. Initialize the roundcubemail database:
      mysql –u root roundcubemail < /Library/Server/Web/Data/Sites/mail.gttgrp.com/roundcubemail-version/SQL/mysql.initial.sql
    18. From the adapted instructions found in https://svn.roundcube.net/trunk/roundcubemail/INSTALL, run the RoundCube installer by going to http://mail.domain/roundcubemail/installer/index.php in a browser.
    19. Ignore warnings if Mcyrpt and Intl are not available and click NEXT, if there are no other warnings.
    20. Fill in the General Configuration options:
      product_name:           Company Webmail
      support_url:                mailto:it@domain
      Database Type:          MySQL
      Database Server:       mail.domain
      Database Name:        roundcubemail
      Database User:          roundcube
      Database Password: <password>
      default_host:               mail.domain
      smtp_server:              mail.domain
      Use the current IMAP username and password for SMTP authentication: True
      htmleditor:                   on reply to HTML message only
    21. Click CREATE CONFIG and save the contents of the textboxes to roundcubemail-version/config/main.inc.php and roundcubemail-version/config/db.inc.php as directed, then click Continue.
    22. Edit roundcubemail-version/config/main.inc.php as follows:
      Change:          $rcmail_config['default_host'] = 'localhost';
      To:                   $rcmail_config['default_host'] = 'ssl://%n';
      Change:          $rcmail_config['default_port'] = 143;
      To:                   $rcmail_config['default_port'] = 993;
      Change:          $rcmail_config['imap_auth_type'] = null;
      To:                   $rcmail_config['imap_auth_type'] = 'CRAM-MD5';
      Change:          $rcmail_config['smtp_server'] = 'localhost';
      To:                   $rcmail_config['smtp_server'] = 'tls://%n';
      Change:          $rcmail_config['smtp_port'] = 25;
      To:                   $rcmail_config['smtp_port'] = 587;
      Change:          $rcmail_config['smtp_user'] = '';
      To:                   $rcmail_config['smtp_user'] = '%u';
      Change:          $rcmail_config['smtp_pass'] = '';
      To:                   $rcmail_config['smtp_pass'] = '%p';
      Change:          $rcmail_config['smtp_auth_type'] = '';
      To:                   $rcmail_config['smtp_auth_type'] = 'CRAM-MD5';
    23. Send test mail and check login.
    24. Open a new browser window, go to https://mail.domain/roundcubemail/ and test each account separately.
    25. Delete the /Library/Server/Web/Data/Sites/mail.gttgrp.com/roundcubemail/installer folder.
    26. Create /Library/Server/Web/Data/Sites/mail.gttgrp.com/index.html with this content:
      <html>
      <head>
      <meta HTTP-EQUIV="REFRESH" content="0;https://mail.gttgrp.com/roundcubemail/">
      </head>
      </html>
    27. Verify that any access to mail.gttgrp.com goes to https://mail.gttgrp.com/roundcubemail

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.