search for: kudyba

> On May 9, 2017, at 11:48 AM, Rowland Penny via samba <samba at lists.samba.org> wrote: > > On Tue, 9 May 2017 11:34:27 -0400 > Robert Kudyba <rkudyba at fordham.edu> wrote: > > >>> You also only need this in /etc/krb5/conf for Samba: >>> >>> [libdefaults] >>> default_realm = DSDEV.LOCAL >>> dns_lookup_realm = false >>> dns_lookup_kdc = true >> >> OK I had...

> > > On 12 April 2019 21:45 Robert Kudyba via dovecot <dovecot at dovecot.org> > wrote: > > > > > > > You are running some kind of proxy in front of it. > > > > No proxy. Just sendmail with users using emacs/Rmail or > Webmail/Squirrelmail. > > > > > If you want it to show real cl...

> On May 9, 2017, at 11:15 AM, Rowland Penny via samba <samba at lists.samba.org> wrote: > > On Tue, 9 May 2017 11:00:09 -0400 > Robert Kudyba via samba <samba at lists.samba.org> wrote: > >> Running Feora 25 workstation we're able to register the computer in >> AD but I can't get SSH to authenticate properly. wbinfo -u brings >> back all the users. Just getting "Permission denied, please try >...

This is still happening after a reboot, Fedora 28. Restarting dovecot fixes the problem. Does anyone know if it could be related to this bug report? *https://bugzilla.redhat.com/show_bug.cgi?id=103401#c130 <https://bugzilla.redhat.com/show_bug.cgi?id=103401#c130> * and suggested work around to add ports to /proc/sys/net/ipv4/ip_local_reserved_ports? Nov 8 12:21:41 ourdomain dovecot[1386]:

> > You are running some kind of proxy in front of it. No proxy. Just sendmail with users using emacs/Rmail or Webmail/Squirrelmail. > If you want it to show real client IP, you need to enable forwarding of > said data. With dovecot it's done by setting > > login_trusted_networks = your-upstream-host-or-net > > in backend config file. > OK I changed it and

> Set > > ssl_client_ca_file=/path/to/cacert.pem to validate the certificate Can this be the Lets Encrypt cert that we already have? In other words we have: ssl_cert = </etc/pki/dovecot/certs/dovecot.pem ssl_key = </etc/pki/dovecot/private/dovecot.pem Can those be used? > Are you using haproxy or something in front of dovecot? No. Just Squirrelmail webmail with sendmail.

...t to a pseudorandom value that is shared by your server(s). Weakforced does not need it for anything. > > auth_policy_server_api_header should be set to Authorization: Basic <echo -n wforce:our_password | base64> > > without the < >. > Aki > On 6.3.2019 20.42, Robert Kudyba via dovecot wrote: >> I took suggestions from https://forge.puppet.com/fraenki/wforce <https://urldefense.proofpoint.com/v2/url?u=https-3A__forge.puppet.com_fraenki_wforce&d=DwMDaQ&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m...

...he base64 blob as ~$ echo -n wforce:THIS-IS-THE-PASSWORD-FOR-WFORCE | base64 d2ZvcmNlOlRISVMtSVMtVEhFLVBBU1NXT1JELUZPUi1XRk9SQ0U= And in dovecot you put auth_policy_server_api_header = Authorization Basic d2ZvcmNlOlRISVMtSVMtVEhFLVBBU1NXT1JELUZPUi1XRk9SQ0U Aki > On 7 March 2019 16:41 Robert Kudyba via dovecot <dovecot at dovecot.org> wrote: > > > So for auth_policy_server_api_header. is the value of our_password come from the hashed response or the plain-text password? What else am I doing wrong? > > Mar 7 09:20:53 olddsm wforce[17763]: WforceWebserver: HTTP Request &...

dovecot-2.3.3-1.fc29.x86_64 Mar 28 10:04:47 auth: Panic: file http-client-request.c: line 283 (http_client_request_unref): assertion failed: (req->refcount > 0) Mar 28 10:04:47 auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0xe34fb) [0x7fe76e0834fb] -> /usr/lib64/dovecot/libdovecot.so.0(+0xe3597) [0x7fe76e083597] -> /usr/lib64/dovecot/libdovecot.so.0(+0x51207)

> On Mar 28, 2019, at 10:29 AM, Aki Tuomi via dovecot <dovecot at dovecot.org> wrote: > >> On 28 March 2019 16:08 Robert Kudyba via dovecot <dovecot at dovecot.org> wrote: >> >> >> dovecot-2.3.3-1.fc29.x86_64 >> >> Mar 28 10:04:47 auth: Panic: file http-client-request.c: line 283 (http_client_request_unref): assertion failed: (req->refcount > 0) >> Mar 28 10:04:47 auth: Err...

...13:32:16 auth: Debug: http-client[1]: conn 127.0.0.1:8084 [0]: Got 401 response for request [Req2: POST http://localhost:8084/?command=allow] (took 0 ms + 0 ms in queue) On Wed, Mar 6, 2019 at 11:54 AM Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > > On 6 March 2019 18:25 Robert Kudyba via dovecot <dovecot at dovecot.org> > wrote: > > > We have dovecot-1:2.3.3-1.fc29.x86_64 running on Fedora 29. I'd like to > test wforce, from https://github.com/PowerDNS/weakforced > <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_PowerDNS_weakforce...

We have dovecot-1:2.3.3-1.fc29.x86_64 running on Fedora 29. I'd like to test wforce, from https://github.com/PowerDNS/weakforced. I see instructions at the Authentication policy support page, https://wiki2.dovecot.org/Authentication/Policy I see the Required Minimum Configuration: auth_policy_server_url = http://example.com:4001/ auth_policy_hash_nonce = localized_random_string But when I

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 28 March 2019 21:31 Robert Kudyba <rkudyba@fordham.edu> wrote: </div> <div> <br> </div> <div> <br> </div> <div> <blockquote type="cite"> <div class=""> On Mar 28, 2019, at 10:29 AM, Aki Tuomi via dovecot &l...

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 6 March 2019 18:25 Robert Kudyba via dovecot <dovecot@dovecot.org> wrote: </div> <div> <br> </div> <div> <br> </div> <div dir="ltr"> <div dir="ltr"> <div dir="ltr"> <div dir="ltr"&gt...

...licy_hash_nonce should be set to a pseudorandom value that is shared by your server(s). Weakforced does not need it for anything. auth_policy_server_api_header should be set to Authorization: Basic <echo -n wforce:our_password | base64> without the < >. Aki On 6.3.2019 20.42, Robert Kudyba via dovecot wrote: > I took suggestions from?https://forge.puppet.com/fraenki/wforce to set > these in /etc/dovecot/conf.d/95-auth.conf > > auth_policy_server_url = http://localhost:8084/ > auth_policy_hash_nonce = our_password > auth_policy_server_api_header = "Authorization...

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 28 March 2019 21:52 Robert Kudyba <rkudyba@fordham.edu> wrote: </div> <div> <br> </div> <div> <br> </div> <div> <blockquote type="cite"> <div class=""> <div class=""> Set </d...

> On 12 April 2019 18:11 Robert Kudyba via dovecot <dovecot at dovecot.org> wrote: > > > > Probably there's an existing solution for both problems (subsequent > > attempts and dnsbl): > > > > > https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_PowerDNS_weakforced&d=DwID...

> On 12 April 2019 21:45 Robert Kudyba via dovecot <dovecot at dovecot.org> wrote: > > > > You are running some kind of proxy in front of it. > > No proxy. Just sendmail with users using emacs/Rmail or Webmail/Squirrelmail. > > > If you want it to show real client IP, you need to enable forwarding of...

On Tue, 9 May 2017 11:34:27 -0400 Robert Kudyba <rkudyba at fordham.edu> wrote: > > You also only need this in /etc/krb5/conf for Samba: > > > > [libdefaults] > > default_realm = DSDEV.LOCAL > > dns_lookup_realm = false > > dns_lookup_kdc = true > > OK I had dns_lookup_kdc = true just changed d...

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 28 March 2019 16:08 Robert Kudyba via dovecot <dovecot@dovecot.org> wrote: </div> <div> <br> </div> <div> <br> </div> <div class=""> <div class="" style="margin: 0px; font-stretch: normal; font-size: 11px; line-height: no...