search for: hprs

...t; More info ... > > This is the only user having this permission problem. All other Thunderbird/dovecot users are > getting mail file. They all have the same permissions set on their Maildir folder. > > --Mark > > -----Original Message----- > From: Mark Foley <mfoley at ohprs.org> > Date: Mon, 16 Jan 2017 13:21:31 -0500 > Organization: Ohio Highway Patrol Retirement System > To: dovecot at dovecot.org > Subject: Apparent Maildir permission issue > > I've just upgraded from Slackware 14.1 to 14.2. I've not done anything with dovecot -- it'...

I've just upgraded from Slackware 14.1 to 14.2. I've not done anything with dovecot -- it's the same version that was running before the upgrade. However, now I'm getting a permission error: /var/log/maillog: Jan 16 13:09:44 mail dovecot: imap(mark): Error: opendir(/home/HPRS/mark/Maildir) failed: Permission denied (euid=3000026(HPRS\mark) egid=100(users) missing +r perm: /home/HPRS/mark/Maildir, conflicting dir uid=10001(HPRS\mark)) Jan 16 13:09:44 mail last message repeated 4 times Jan 16 13:09:44 mail dovecot: imap(mark): Error: stat(/home/HPRS/mark/Maildir/.Trash) f...

Jan 16 13:09:44 mail dovecot: imap(mark): Error: opendir(/home/HPRS/mark/Maildir) failed: Permission denied (euid=3000026(HPRS\mark) egid=100(users) missing +r perm: /home/HPRS/mark/Maildir, conflicting dir uid=10001(HPRS\mark)) Just wanted to point out that you have at different UID for the folder than your EUID (gotten from userdb/passdb). Aki On 16.01.2017 2...

...this when it was actually a selinux denial. If you're running > selinux, check those logs too. > OK, this is getting serious -- mail not getting delivered. No, I am not running selinux. Here is the error I get in the maillog: Jan 24 16:42:49 mail dovecot: imap(mark): Error: stat(/home/HPRS/mark/Maildir/tmp) failed: Permission denied (euid=3000026(HPRS\mark) egid=100(users) missing +x perm: /home/HPRS/mark/Maildir, conflicting dir uid=10001(HPRS\mark)) Permission are: $ ls -l /home/HPRS/mark/Maildir/ total 200 drwx------ 2 HPRS\mark domusers 45056 Dec 19 08:13 cur/ -rw------- 1 HPRS...

...svol didn't make any different. > > > > You wrote: "It looks to me that you have more GPO's in AD than you have on > > disk, ...". So, where are the "AD" versus "on disk" GPOs located? Is one of > > these locations /var/lib/samba/sysvol/hprs.local/policies/? I've rsync'ed the > > sysvol again. They are identical between the machines. > > > > Is this error possibly ignorable? I've checked and the rsync did copy the ACL > > attributes to the sysvol files and folders, so maybe this "ntacl sysvolre...

...symlinking: ln -sf /usr/local/samba/private/krb5.conf /etc/krb5.conf but I prefer making a copy in case I need to modify things). I've set The /etc/krb5.conf file to world readable. It's default contents are (and these do not need to be changed): [libdefaults] default_realm = HPRS.LOCAL dns_lookup_realm = false dns_lookup_kdc = true where HPRS.LOCAL is my realm, of course use your own. Now, we need a samba user in order to create the necessary SPNs (Server Principal Names): $ samba-tool user create dovecot New Password: Retype Password: User 'dovecot...

On Sat, 20 Jan 2024 15:44:18 -0500 Mark Foley via samba <samba at lists.samba.org> wrote: > After provisioning and testing my new DC offline, I now want to move > it into production. This means changing IPs. > > DC FQDN: mail.hprs.local > > IPs for setup/testing: > > DC: 192.168.1.60 > Gateway: 192.168.1.1 (Netgear router) > DNS: 192.168.1.60 (/etc/resolv.conf) > /etc/hosts: 192.168.1.60 mail.hprs.local mail > smb.conf, dns forwarder: 192.168.1.1 > > Production IPs: > > DC: 192...

On Thu Jan 18 14:11:45 2024 Sonic <sonicsmith at gmail.com> wrote: > > hosts file? stale dns records? I listed my hosts file in my first message: 127.0.0.1 localhost 192.168.1.60 mail.hprs.local mail Since I had provisioned initially with the SAMBA_INTERNAL DNS backend, and therefore Samba manages DNS, I thought perhaps there was a "stale dns", so I went ahead and entered the old PW for administrator and got: Password for [administrator at HPRS.LOCL]: Failed to bind to uu...

...org> wrote: > > On Sat, 20 Jan 2024 15:44:18 -0500 > Mark Foley via samba <samba at lists.samba.org> wrote: > > > After provisioning and testing my new DC offline, I now want to move > > it into production. This means changing IPs. > > > > DC FQDN: mail.hprs.local > > > > IPs for setup/testing: > > > > DC: 192.168.1.60 > > Gateway: 192.168.1.1 (Netgear router) > > DNS: 192.168.1.60 (/etc/resolv.conf) > > /etc/hosts: 192.168.1.60 mail.hprs.local mail > > smb.conf, dns forwarder: 192.168.1.1 >...

On Tue, 17 Jan 2017 12:25:27 +0200 Aki Tuomi <aki.tuomi at dovecot.fi> wrote: > > Jan 16 13:09:44 mail dovecot: imap(mark): Error: opendir(/home/HPRS/mark/Maildir) failed: Permission denied (euid=3000026(HPRS\mark) egid=100(users) missing +r perm: /home/HPRS/mark/Maildir, conflicting dir uid=10001(HPRS\mark)) > > > Just wanted to point out that you have at different UID for the folder > than your EUID (gotten from userdb/passdb). &gt...

Aki - made your suggested changes, but no joy :( My /etc/krb5.conf: ------SNIP-------- [libdefaults] default_realm = HPRS.LOCAL dns_lookup_realm = false dns_lookup_kdc = true [libdefaults] default_realm = HPRS.LOCAL dns_lookup_kdc = true kdc_timesync = 1 ccache_type = 4 forwardable = true proxiable = true fcc-mit-ticketflags = true [realms] HPRS.LOCAL = { default_domain = hprs.local auth_...

...9;ve needed a few tweaks from Roland, but basically it has run flawless during that time. 10 days ago, I upgrade to Slackware 14.2 from 14.1. Samba was likewise upgraded from version 4.2.14 to 4.4.8. I'm having a serious problem ... before the upgrade getent gave me: $ getent passwd mark HPRS\mark:*:10001:10000:Mark Foley:/home/HPRS/mark:/bin/false which is correct. After the upgrade I get: $ getent passwd mark HPRS\mark:*:3000026:100:Mark Foley:/home/HPRS/mark:/bin/bash In RSAT > Active Directory Users and Computers > [user] properties > UNIX Attributes, this user's UID...

...ot who try to read/write to Maildir files having the correct UID:GID. With 4.4.8 I now have sam.ldb in /etc/samba/private (same with 4.2.14) and also in /var/lib/samba/private. Details in preceding message. Not sure which is the one being used. With 4.2.14 on AD/DC (CORRECT): $ getent passwd mark HPRS\mark:*:10001:10000:Mark Foley:/home/HPRS/mark:/bin/false With 4.4.8 on AD/DC: $ getent passwd mark HPRS\mark:*:3000026:100:Mark Foley:/home/HPRS/mark:/bin/bash With 4.4.5 on domain member labrat (CORRECT): $ getent passwd mark mark:*:10001:10000::/home/HPRS/mark:/bin/bash Meanwhile, pending feed...

...gt; > > but I prefer making a copy in case I need to modify things). > > > > I've set The /etc/krb5.conf file to world readable. It's default contents are (and these do > > not need to be changed): > > > > [libdefaults] > > default_realm = HPRS.LOCAL > > dns_lookup_realm = false > > dns_lookup_kdc = true > > > > where HPRS.LOCAL is my realm, of course use your own. > > > > Now, we need a samba user in order to create the necessary SPNs (Server Principal Names): > > > > $ sa...

I'm trying to figure out the user.group of my domain administrator account. getent gives me: # getent passwd Administrator HPRS\administrator:*:0:100::/home/HPRS/administrator:/bin/false If I chown a file: chown HPRS\\administrator.100 thisfile I get: # ls -l thisfile -rwxrwx---+ 1 root users 68973 2022-08-08 09:12 thisfile If I do the same for normal domain users: # chown HPRS\\mark.100 anotherfile # ls - aonth...

...2. Add the spn >> samba-tool spn add smtp/server.domain.local at DOMAIN.LOCAL dovecot >> samba-tool spn add imap/server.domain.local at DOMAIN.LOCAL dovecot > Did that too. No issue there. Well you must substitute server.domain.local with your mailserver fqdn and DOMAIN.LOCAL with HPRS.LOCAL. > >> 3. Create the keytab file >> ktutil >> addent -password -p smtp/server.domain.local at DOMAIN.LOCAL -k 1 -e >> arcfour-hmac >> addent -password -p imap/server.domain.local at DOMAIN.LOCAL -k 1 -e >> arcfour-hmac >> wkt /etc/dovecot/dovecot.ke...

More info ... This is the only user having this permission problem. All other Thunderbird/dovecot users are getting mail file. They all have the same permissions set on their Maildir folder. --Mark -----Original Message----- From: Mark Foley <mfoley at ohprs.org> Date: Mon, 16 Jan 2017 13:21:31 -0500 Organization: Ohio Highway Patrol Retirement System To: dovecot at dovecot.org Subject: Apparent Maildir permission issue I've just upgraded from Slackware 14.1 to 14.2. I've not done anything with dovecot -- it's the same version that was...

...sername configured in thunderbird. On my debian system an package named libsasl2-modules-gssapi-mit must be installed. To test kerberos against dovecot from the command line install "mutt". I assume your windows account name is "mark" ~#kinit mark ~#MAIL=imap://mark at mail.hprs.local/ mutt An successfull login with mutt looks like this in the mail logfile: Debug: auth client connected (pid=22585) logon-zor dovecot: auth: Debug: client in: AUTH#0111#011GSSAPI#011service=imap#011secured#011session=p/ahQ4c2/wB/AAAB#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=4...

...m_auth using the administrator credentials. I cannot 'su -' to the administrator account on the NAS, nor can I do so on the AD/DC. On the latter I get "Authentication Failure". On the NAS, a getent for a normal user gives: # getent passwd mark mark:*:10001:10000:Mark Foley:/home/HPRS/mark:/bin/bash I cannot getent for the administrator on the NAS (comes back blank), but I can do so on the AD/DC: getent passwd Administrator HPRS\administrator:*:0:10000:Administrator:/home/HPRS/administrator:/bin/bash Is there some setting in the NAS smb.conf that will fix this? Here is my sm...

After provisioning and testing my new DC offline, I now want to move it into production. This means changing IPs. DC FQDN: mail.hprs.local IPs for setup/testing: DC: 192.168.1.60 Gateway: 192.168.1.1 (Netgear router) DNS: 192.168.1.60 (/etc/resolv.conf) /etc/hosts: 192.168.1.60 mail.hprs.local mail smb.conf, dns forwarder: 192.168.1.1 Production IPs: DC: 192.168.0.2 Gateway: 192.168.0.1 (SonicWall firewall/router)...