[Kroupware] Running kolab server
Tassilo Erlewein
kroupware@mail.kde.org
Mon, 3 Feb 2003 18:32:59 +0100
Am Montag, 3. Februar 2003 14:21 schrieb Carlos A. Rega:
> When I try to access the web interface I have two problems, first, I can
> only talk to it from the local machine, not from other machines, and
> second, I can't log into it, even from the local machine (I noted down the
> user/password pair from the kolab instalation).
Do talk about the monit web interface ?
That you shouldn't use. Use https://localhost/admin.
Monit provides a nice webinterface at port 2812 which we don't use.
We have therefor limited it to the localhost interface for security
reasons (note that monit needs it or it won't work; limiting it to
localhost was the only option).
However, if you're curious to see the monit webinterface (it looks nice) then
refer to /etc/kolab/monit/monit.conf for the login credentials which
are totally different from the kolab credentials.
> In syslog I get the following output, approximately every 3 minutes:
>
> syslog snip
> ...
> Feb 3 13:11:06 noonoo kolab[19993]: kolab initialization starts
> Feb 3 13:11:06 noonoo kolab[19993]: generating new config
> Feb 3 13:11:10 noonoo kolab[19993]: added group admin:*:60000:
> Feb 3 13:11:10 noonoo kolab[19993]: added group maintainer:*:60001:
> Feb 3 13:11:11 noonoo perl: No worthy mechs found
That last line I also have. It's only a warning. Most likely you can simply
ignore it. The cyrus perl modules sure have some peculiarities...
> Feb 3 13:11:11 noonoo saslauthd[11543]: AUTHFAIL: user=manager
> service=imap realm=
> Feb 3 13:11:11 noonoo imapd[20011]: badlogin: noonoo[127.0.0.1] plaintext
> manager SASL(-13): authentication failure: checkpass failed
> Feb 3 13:11:49 noonoo ctl_cyrusdb[20012]: checkpointing cyrus databases
> Feb 3 13:11:50 noonoo ctl_cyrusdb[20012]: done checkpointing cyrus
> databases Feb 3 13:14:22 noonoo kolab[20399]: kolab initialization starts
> Feb 3 13:14:22 noonoo kolab[20399]: generating new config
> Feb 3 13:14:26 noonoo kolab[20399]: added group admin:*:60000:
> Feb 3 13:14:26 noonoo kolab[20399]: added group maintainer:*:60001:
> Feb 3 13:14:27 noonoo perl: No worthy mechs found
> Feb 3 13:14:27 noonoo saslauthd[11544]: AUTHFAIL: user=manager
> service=imap realm=
> Feb 3 13:14:27 noonoo imapd[20417]: badlogin: noonoo[127.0.0.1] plaintext
> manager SASL(-13): authentication failure: checkpass failed
> ...
> end syslog snip
you may want to test from the command line:
"testsaslauthd -u manager -a manager"
(give the password)
to verify the ldap-sasl2 connection
> the output from netstat -npltuoa is:
>
> Active Internet connections (servers and established)
> Proto Recv-Q Send-Q Local Address Foreign Address State
> PID/Program name Timer
> tcp 0 0 192.168.1.2:8000 0.0.0.0:* LISTEN
> 779/privoxy off (0.00/0/0)
> tcp 0 0 0.0.0.0:1024 0.0.0.0:* LISTEN
> 589/rpc.statd off (0.00/0/0)
> tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN
> 11861/master off (0.00/0/0)
> tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN
> 11861/master off (0.00/0/0)
> tcp 0 0 0.0.0.0:515 0.0.0.0:* LISTEN
> 24073/lpd Waiting off (0.00/0/0)
> tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN
> 3417/slapd off (0.00/0/0)
> tcp 0 0 0.0.0.0:901 0.0.0.0:* LISTEN
> 7226/xinetd off (0.00/0/0)
> tcp 0 0 192.168.1.2:139 0.0.0.0:* LISTEN
> 5388/smbd off (0.00/0/0)
> tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN
> 11861/master off (0.00/0/0)
> tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN
> 11861/master off (0.00/0/0)
> tcp 0 0 127.0.0.1:9999 0.0.0.0:* LISTEN
> 3940/perl off (0.00/0/0)
> tcp 0 0 0.0.0.0:4559 0.0.0.0:* LISTEN
> 857/hfaxd off (0.00/0/0)
> tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
> 564/portmap off (0.00/0/0)
> tcp 0 0 0.0.0.0:2000 0.0.0.0:* LISTEN
> 11861/master off (0.00/0/0)
> tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
> 987/httpd off (0.00/0/0)
> tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
> 7226/xinetd off (0.00/0/0)
collision: you shouldn't let xinetd take the ftp port.
That needs to be free for kolab (if you want to use legacy ftp support).
> tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
> 710/sshd off (0.00/0/0)
> tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
> 759/sendmail: accep off (0.00/0/0)
bummer. second conflict. Sendmail is using port 25.
That needs to be freed for kolab, which brings postfix.
> tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN
> 31866/sshd off (0.00/0/0)
> tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN
> 6476/sshd off (0.00/0/0)
> tcp 0 0 127.0.0.1:2812 0.0.0.0:* LISTEN
> 11383/monit off (0.00/0/0)
> tcp 0 0 127.0.0.1:389 127.0.0.1:4658
> ESTABLISHED 3417/slapd keepalive (36060.88/0/0)
> tcp 0 0 127.0.0.1:389 127.0.0.1:4642
> ESTABLISHED 3417/slapd keepalive (31990.20/0/0)
> tcp 0 0 127.0.0.1:4658 127.0.0.1:389
> ESTABLISHED 11544/saslauthd off (0.00/0/0)
> tcp 0 0 127.0.0.1:389 127.0.0.1:4646
> ESTABLISHED 3417/slapd keepalive (32995.87/0/0)
> tcp 0 0 127.0.0.1:4646 127.0.0.1:389
> ESTABLISHED 11541/saslauthd off (0.00/0/0)
> tcp 0 0 127.0.0.1:4642 127.0.0.1:389
> ESTABLISHED 11545/saslauthd off (0.00/0/0)
> tcp 0 0 127.0.0.1:4654 127.0.0.1:389
> ESTABLISHED 11543/saslauthd off (0.00/0/0)
> tcp 0 0 127.0.0.1:4650 127.0.0.1:389
> ESTABLISHED 11542/saslauthd off (0.00/0/0)
> tcp 0 0 127.0.0.1:9999 127.0.0.1:4093
> CLOSE_WAIT 3940/perl off (0.00/0/0)
> tcp 0 0 127.0.0.1:389 127.0.0.1:4650
> ESTABLISHED 3417/slapd keepalive (34050.02/0/0)
> tcp 0 0 127.0.0.1:389 127.0.0.1:4654
> ESTABLISHED 3417/slapd keepalive (35057.33/0/0)
> udp 0 0 0.0.0.0:1024 0.0.0.0:*
> 589/rpc.statd off (0.00/0/0)
> udp 0 0 192.168.1.2:137 0.0.0.0:*
> 5399/nmbd off (0.00/0/0)
> udp 0 0 0.0.0.0:137 0.0.0.0:*
> 5399/nmbd off (0.00/0/0)
> udp 0 0 192.168.1.2:138 0.0.0.0:*
> 5399/nmbd off (0.00/0/0)
> udp 0 0 0.0.0.0:138 0.0.0.0:*
> 5399/nmbd off (0.00/0/0)
> udp 0 0 127.0.0.1:2320 0.0.0.0:*
> 5422/smbd off (0.00/0/0)
> udp 0 0 127.0.0.1:2321 0.0.0.0:*
> 5483/smbd off (0.00/0/0)
> udp 0 0 127.0.0.1:2324 0.0.0.0:*
> 5935/smbd off (0.00/0/0)
> udp 0 0 127.0.0.1:2326 0.0.0.0:*
> 5978/smbd off (0.00/0/0)
> udp 0 0 0.0.0.0:111 0.0.0.0:*
> 564/portmap off (0.00/0/0)
apache is not running.
Investigate further at /kolab/var/apache/log/*
> I try to login to the admin page with
> http://localhost:2812 and get asked the login and password, I tried the
> combination manager/password provided by kolab install
> but to no avail
see above
> if I try https I get no reply
apache is not running. not sure why.
Are you sure you have freed all the ports needed by kolab ?
that would be:
21 (ftp)
25 (smtp, postfix)
80,443 (apache)
110,143,993,995,2000 (cyrus imap, pop, sieve)
389 (openldap)
9999 (kolab config backend)