Homepage | Products | OX Knowledge Base | Support | Try Now | Contact | Company
OX Logo
Results 1 to 6 of 6
  1. #1
    seany_mor Guest

    Default imap authentication

    Hi,
    I'm having a little trouble setting up imap authentication.

    I'm planning to replace a horde based system with ox and need a simple way of registering all my existing users with ox.

    I thought that using the imap-auth plugin in place of db-auth would do this for me, but it is not behaving as I would expect.

    If I create a user in ox that matches an existing valid imap account and use a dummy password, the user can login but has no access to email I (icon greyed out). If I create an ox account in the same way but use the genuine imap password, email is functional.

    I clearly don't understand how this is supposed to work. Since I do not know user passwords it is not possible for me create the ox accounts en masse. It does seem a little strange that if the ox server is authenticating via imap that it tehn fails to access the imap mailboxes (possibly because it is using the dummy password?).

    To be honest, I hoped that it may be possible for users accounts to be automatically created if authentication is sucessful - other webmail systems do this.

    Anyone else sing imap auth successfully?
    Did you do it by importing exiting users details?
    Is there a config change that i need to make apart from specifying my imap server in /opt/open-xchange/etc/groupware/imapauth.properties ?
    Are there a special flags I need for
    /opt/open-xchange/sbin/createuser ?

    There is some talk about it at
    http://www.open-xchange.com/forum/showthread.php?t=3015 - but my German is 0 and Babel translation is vague.

    I really like the look of OX and would like to use it in place of the alternatives. If user management is going to be a pain, I'm not sure this is the way for me to go, so any help would be very much appreciated.

    Cheers.

  2. #2
    Join Date
    Feb 2007
    Location
    Germany
    Posts
    3,695

    Default

    Hi,

    the discussion at the mentioned thread is about the fact that you need to enter an passwort at the command line tools even if auth is done against IMAP, the cause for this is simple: if you change the authentication back from imap to database, users won't have any or have all the same passwords which is a serious security issue. Setting a password at the database, even if imap-auth is used solves this potential problem.

    To solve the problem, please take a look at etc/groupware/imapauth.properties to match your environment.

  3. #3
    seany_mor Guest

    Default

    Hi,
    Thanks for explaining this. I see that an account needs to exist in Ox but my understanding of which password is used to do what is still not clear.

    The imap password is definitely being used to allow access to OX, but another password (or the same password in a different format) seems to be submitted to establish access to imap mailboxes after initial login.

    My imapauth.properties is pretty simple. My settings are

    IMAP_SERVER=a.server.of.mine
    IMAP_PORT=993
    IMAP_USE_SECURE=True
    (secure and non-secure modes behave the same port 143 and secure mode false is no different)
    IMAP_TIMEOUT=5000
    IMAP_CONNECTIONTIMEOUT=5000
    USE_FULL_LOGIN_INFO=false
    (so only username is submitted!?)
    USE_MULTIPLE=false

    Is there something else I need to modify so that the initial OX login password (imap-auth plugin) is also used by the email application?

    Or, if there are any (English) docs out the on imap-auth plugin that explains how it works....

    Thanks again.

    John

  4. #4
    n-kerpen Guest

    Default password problems with imap authentification

    Hey I'm new here on the board and I have a problem with the imap authentification, too.

    The authentification on its own is working fine and there are no problems. It works! But from the user password are only the first eight letters requested or analysed for the authentification. After this eight letters you can write what you wand and you get access. Is that a general bug in the current software-setup or a mistake by my side?

    I use:
    GUI Version: 6.8.1-6811
    Server Version: 6.8.1-6811

    Thanks for your help.
    n-kerpen

  5. #5
    Carsten Hoeger is offline Open-Xchange Professional Services
    Join Date
    Mar 2007
    Posts
    703

    Default

    Quote Originally Posted by n-kerpen View Post
    Hey I'm new here on the board and I have a problem with the imap authentification, too.

    The authentification on its own is working fine and there are no problems. It works! But from the user password are only the first eight letters requested or analysed for the authentification. After this eight letters you can write what you wand and you get access. Is that a general bug in the current software-setup or a mistake by my side?

    I use:
    GUI Version: 6.8.1-6811
    Server Version: 6.8.1-6811

    Thanks for your help.
    n-kerpen
    I guess your underlying imap server uses crypt as authentication mechanism. This mechanism is limited to a 8 byte block cipher.
    OXpedia.org - the answer to almost all questions.

  6. #6
    Carsten Hoeger is offline Open-Xchange Professional Services
    Join Date
    Mar 2007
    Posts
    703

    Default

    Quote Originally Posted by seany_mor View Post
    Hi,
    Thanks for explaining this. I see that an account needs to exist in Ox but my understanding of which password is used to do what is still not clear.

    The imap password is definitely being used to allow access to OX, but another password (or the same password in a different format) seems to be submitted to establish access to imap mailboxes after initial login.

    My imapauth.properties is pretty simple. My settings are

    IMAP_SERVER=a.server.of.mine
    IMAP_PORT=993
    IMAP_USE_SECURE=True
    (secure and non-secure modes behave the same port 143 and secure mode false is no different)
    IMAP_TIMEOUT=5000
    IMAP_CONNECTIONTIMEOUT=5000
    USE_FULL_LOGIN_INFO=false
    (so only username is submitted!?)
    USE_MULTIPLE=false

    Is there something else I need to modify so that the initial OX login password (imap-auth plugin) is also used by the email application?

    Or, if there are any (English) docs out the on imap-auth plugin that explains how it works....

    Thanks again.

    John
    You need to do two things:

    1. configure the imapauth plugin
    2. configure ox


    the latter needs a single change as documented here:

    http://www.open-xchange.com/wiki/ind...e_Open-Xchange

    [...]

    in /opt/open-xchange/etc/groupware/mail.properties set
    com.openexchange.mail.loginSource=name

    [...]
    OXpedia.org - the answer to almost all questions.

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •