Hello, I've followed the 'perfect setup' for Debian etch (new installation no upgrading) and afterwards installed ISPconfig from the scratch. But by now I have problems loggin in to mail accounts. 'Normal' accounts (like my admin) work fine, but via ISPconfig created user-accounts results in a 'login failure'. I've set the authdaemon-DEBUG to 2 - and here's the result from the syslog: May 10 08:39:43 server2 courierpop3login: Connection, ip=[::ffff:192.168.10.10] May 10 08:39:49 server2 authdaemond: received auth request, service=pop3, authtype=login May 10 08:39:49 server2 authdaemond: authpam: trying this module May 10 08:39:49 server2 authdaemond: authpam: sysusername=u2info, sysuserid=<null>, sysgroupid=10002, homedir=/var/www/web2/user/u2info, address=u2info, fullname=Christopher Kaschig - 2, maildir=<null>, quota=<null>, options=<null> May 10 08:39:49 server2 authdaemond: authpam: clearpasswd=<null>, passwd=x May 10 08:39:49 server2 authdaemond: pam_service=pop3, pam_username=u2info May 10 08:39:50 server2 authdaemond: pam_authenticate failed, result 7 May 10 08:39:50 server2 authdaemond: authpam: REJECT - try next module May 10 08:39:50 server2 authdaemond: FAIL, all modules rejected A working "real" user-login looks like that: May 10 09:27:01 server2 courierpop3login: Connection, ip=[::ffff:192.168.10.10] May 10 09:27:01 server2 authdaemond: received auth request, service=pop3, authtype=login May 10 09:27:01 server2 authdaemond: authpam: trying this module May 10 09:27:01 server2 authdaemond: authpam: sysusername=ck, sysuserid=<null>, sysgroupid=1000, homedir=/home/ck, address=ck, fullname=Christopher Kaschig,,,, maildir=<null>, quota=<null>, options=<null> May 10 09:27:01 server2 authdaemond: authpam: clearpasswd=<null>, passwd=x May 10 09:27:01 server2 authdaemond: pam_service=pop3, pam_username=ck May 10 09:27:01 server2 authdaemond: dopam successful May 10 09:27:01 server2 authdaemond: Authenticated: sysusername=ck, sysuserid=<null>, sysgroupid=1000, homedir=/home/ck, address=ck, fullname=Christopher Kaschig,,,, maildir=<null>, quota=<null>, options=<null> May 10 09:27:01 server2 authdaemond: Authenticated: clearpasswd=..., passwd=... May 10 09:27:01 server2 courierpop3login: LOGIN, user=ck, ip=[::ffff:192.168.10.10] May 10 09:27:01 server2 courierpop3login: LOGOUT, user=ck, ip=[::ffff:192.168.10.10], top=0, retr=0, rcvd=12, sent=39, time=0 Do You have any suggestions where or what I have to look for? Thanks in advance, Chris
futher data By now I've seen, that some "virtual" users can login either. It seems as if the "administrator"-users of each web-account could log in his mail-account (pop3/imap) but the other "normal" user (where 'administrator' is NOT selected on the first user-config-page) cannot do so. Some suggestions? Help May 10 14:11:47 server2 courierpop3login: Connection, ip=[::ffff:62.96.95.218] May 10 14:11:48 server2 authdaemond: received auth request, service=pop3, authtype=login May 10 14:11:48 server2 authdaemond: authpam: trying this module May 10 14:11:48 server2 authdaemond: authpam: sysusername=u16_admin, sysuserid=<null>, sysgroupid=10016, homedir=/var/www/web16, address=u16_admin, fullname=Administrator, maildir=<null>, quota=<null>, options=<null> May 10 14:11:48 server2 authdaemond: authpam: clearpasswd=<null>, passwd=x May 10 14:11:48 server2 authdaemond: pam_service=pop3, pam_username=u16_admin May 10 14:11:48 server2 authdaemond: dopam successful May 10 14:11:48 server2 authdaemond: Authenticated: sysusername=u16_admin, sysuserid=<null>, sysgroupid=10016, homedir=/var/www/web16, address=u16_admin, fullname=Administrator, maildir=<null>, quota=<null>, options=<null> May 10 14:11:48 server2 authdaemond: Authenticated: clearpasswd=..., passwd=... May 10 14:11:48 server2 courierpop3login: LOGIN, user=u16_admin, ip=[::ffff:62.96.95.218] May 10 14:11:48 server2 courierpop3login: LOGOUT, user=u16_admin, ip=[::ffff:62.96.95.218], top=0, retr=0, rcvd=12, sent=39, time=0
passwd helps Okay it's me, once again. Setting the passwords via passwd helps. I hope this wont be neccassary on all new accounts?! Are there some reasons known on this behaviour? Perhaps a stopped script? Greetings, Chris
Can you check /etc/passwd and /etc/shadow if the users that don't work are listed there? What's the value of $go_info["server"]["password_hash"] in /home/admispconfig/ispconfig/lib/config.inc.php?
In /etc/passwd the users appear In /etc/shadow I've forgotten to look - by now the misworking users where corrected - and so they're shown in shadow, but I cannot say whether they had an entry in there before. Sorry. $go_info["server"]["password_hash"] is 'crypt'. Greetings, Chris
You could create a new, non-admin user and see if it has the same problem, and then check both files.
only sometimes?! Hi Falko, sorry but this behaviour only appears sometimes. But by now I had another case: an admin-user which worked before cannot log in today. I now had a look in /etc/shadow - there was an entry on this user. I've save the new (old) password again with passwd - and mail log in was okay again. BUT: the crypted password in shadow lookes some kind different - it's a lot longer by now. Are there some problems according UTF-8 in etch? Is it possible to set different crypting methods on both ways (ISPconfig vs. passwd)? Greetings, Chris
Please set $go_info["server"]["password_hash"] to md5 in /home/admispconfig/ispconfig/lib/config.inc.php and try again.
differing password Hi Falko, sorry but I got once more a different crypted password. So, here we go: /etc/pam.d: password required pam_unix.so nullok obscure min=4 max=8 md5 using passwd on the command line creates the hash/crypted password "$1$W90vsEPz$GuzTA2rmEmdLx6lLSab7w." in /etc/shadow using $go_info["server"]["password_hash"]='crypt' results in "~il.r2W6qKcEk" using $go_info["server"]["password_hash"]='md5' results in "b4ssqdY3RgYE" Both ISPconfig-saved-passwords result in a login error (POP3/IMAP-login and ISPconfig-Admin- and Mailuser-Login). If neccassary I can give You the clear-text-password for verification purposes - I can change it without problems (and it's a one-time-used password) BTW: which script do I have to run to get a faster user-update? I've tried several from the hourly crontab, but the correct one seems to be not included in my tryout. To produce a faster refresh I've selected the dustbin and selected the 'empty it' link - this results in a skript-run which updates the user-password in /etc/shadow - but which script is this? Greetings, Chris
The command to rewrite the configuration is Code: /root/ispconfig/php/php /root/ispconfig/scripts/writeconf.php and it is controlled by the /root/ispconfig/sv/ispconfig_wconf script which checks every 10 seconds if changes have been made and if it has to start the writeconf.php process.
