1. Janos SUTO Avatar Janos SUTO
  2. Piler
  3. piler
  4. Issues

permissions & mail restore while using LDAP auth

Issue #138 resolved
Viswanathan created an issue

Our setup - #

  1. Ubuntu 12.04 server - 64bit
  2. Zimbra mail server (8.0.3_GA_5664.FOSS) - configured always_bcc
  3. piler 0.1.24-master-branch, build 832

Problem Overview - Please find below the observation with various settings.

# 1. Without LDAP auth. - # ##

 a. We are able to receive all the mails in the specified domain.
 b. Using the auditor@local account, we could view them, but unable to restore successfully.

2. With LDAP auth. - ##

 a. The above point 1 holds good.
 b. Users could login with their zimbra username & password.
 c. When we click search, there are no hits. But using advance search, when using filters, it shows the respective mails.
 d. When we click on any message, "no permissions" error is shown on the preview pane. But when we select the check box & download, it is working. Still the restore option do not work.
e. In the logged in user's settings page I don't see the email address either.

3. With IMAP auth. - ##

a. The above point 1 holds good.
b. Users could login with their zimbra username & password.
c. When we click search, the messages gets displayed, the preview pane works, download & restore option works delightfully.
d. But when we try to login as auditor@local & try to restore messages, it don't work.

Clarification required from your end -

  1. Although users could get authenticated using LDAP, why there are permissions error & mail restore issue.
  2. What are the pros & cons of using IMAP auth as a workaround.
  3. Why auditor@local could not restore mails.

Thanks in advance for your guidance --> SBA-Viswa

Comments (7)

  2. Janos SUTO repo owner

    Firstly, please upgrade asap. Builds between 832-834 have a parser issue. If this is an evaluation, then I recommend to drop all piler related data and start over.

    I'll setup a similar environment, and see it for myself, stay tuned. Until then the answers:

    1. I believe it's a php issue, but I'll see it for myself to see it.

    2. IMAP auth is indeed a workaround, a last resort if LDAP auth not possible. Pros: simple, cons: no envelope info, so there's no way of knowing if an email to and external list belongs to a certain user, so it's difficult to solve this.

    3. Auditor can restore an email to the company's recipients. The gui checks an internal domain table (or list, see administration -> domains) to determine whether it's in mydomain or nor.

    Please check if there's a popup with email addresses when you click on the restore link as an auditor user.

  4. Janos SUTO repo owner

    Now after overwriting the file mentioned above, please try to login with a user. Then go to the Settings menu (on the right), and verify that all his email addresses, aliases, mailing list membership data is there.

  5. Viswanathan reporter

    sorry for replying late.

    However, thanks for your set of replies. I tried 2 things --- 1. In the existing piler server, I updated the auth.php with the one you had posted to the build 832 & the problem was resolved. 2. Installed the latest master branch with build 836 in a new piler server which also worked.

    In the above case should I retain the build 832 with the auth.php update or as you advised earlier, I shall install a fresh one with build 836.

    One more thing I observed in another piler installation with build 832 was that, the piler build was automatically changed from 832 to 836 as shown in mail.log during piler stop & start below......

    Aug 28 10:40:31 mailarchive piler[7109]:piler 0.1.24-master-branch, build 832 starting Aug 28 10:45:39 mailarchive piler[7264]:piler 0.1.24-master-branch, build 832 starting Aug 28 14:31:53 mailarchive piler[10087]:piler 0.1.24-master-branch, build 836 starting Aug 30 10:46:13 mailarchive piler[2751]:piler 0.1.24-master-branch, build 836 starting

    My query here is --> Is the piler s/w capable of auto-upgrade when ever a new build comes.

    After clarifying the last point, I think you can close this ticket. And if there is any other queries, I shall revert back to you.

    Thanks -- SBA-Viswa

  6. Janos SUTO repo owner

    I recommend you to get rid of build 832, and upgrade to 836. Around 832 there was a parser issue.

    Auto upgrade is not possible, I think you upgraded manually. Piler can't do it on its own, although it might be a nice feature.

  8. Log in to comment
Assignee
Type
bug
Priority
major
Status
resolved
Votes
0
Watchers
2
Jira: the preferred issue tracker for Bitbucket. Join the team!