Authentication

 
 
Picture of Markus Översti
Re: IMAP/POP auth not working
 

IMAP/POP works fine with webclient (Horde/Roundcube) and other clients (Thunderbird, mobile phones) but when new user tries to log on to Moodle, he/she get access denied.

IMAP logs shows authentication was successfull but Moodle won't let user to log in.

User can read email with other clients fine so IMAP/POP isn't the problem I think.

 
Average of ratings: -
Picture of Ken Task
Re: IMAP/POP auth not working
Group Particularly helpful Moodlers

Moodle version?  Server operating system?

Is the moodle server on the very same machine as the imap server?

nmap -P0 -p 143 localhost

or

nmap -P0 -p 993 localhost

There are 4 options to the type of IMAP in a 2.3 version of Moodle:

imap, imapssl, imapcert, imaptls.

Which will your server 'talk'?

Do the imap accounts already exist?

In IMAP config in Moodle:

You can lock user data fields. This is useful for sites where the user data is maintained by the administrators manually by editing user records or uploading using the 'Upload users' facility. If you are locking fields that are required by Moodle, make sure that you provide that data when creating user accounts or the accounts will be unusable.

Consider setting the lock mode to 'Unlocked if empty' to avoid this problem.

'spirit of sharing', Ken

 

 
Average of ratings: -
Picture of Markus Översti
Re: IMAP/POP auth not working
 

Moodle is 2.4.1. Server is Ubuntu 10.04.4 LTS with Dovecot 1.2.9. I'm trying to use plain IMAP on localhost because I know it to work (with other software even with telnet).

Imap accounts exists. /var/log says

Feb 10 20:30:11 eduwww2 dovecot-auth: pam_winbind(dovecot:auth): getting password (0x00000000)
Feb 10 20:30:11 eduwww2 dovecot-auth: pam_winbind(dovecot:auth): user 'username' granted access
Feb 10 20:30:11 eduwww2 dovecot-auth: pam_winbind(dovecot:account): user 'username' granted access

But Moodle won't let user in. All user filds are unlocked.

 
Average of ratings: -
Picture of Ken Task
Re: IMAP/POP auth not working
Group Particularly helpful Moodlers

Thanks for information.  Helps clarify the problem.

To be honest, have never attempted IMAP authentication for Moodle so most of my questions are more 'food for thought' than anything else.

However, that being said, have you turned on debugging in Moodle to see if it says anything?

Think the issue is related to pam_winbind ... ie, PAM.  IMAP uses PAM but might not be able to communicate with the Moodle server.  Maybe the authentication method should be PAM.

http://docs.moodle.org/22/en/PAM_%28Pluggable_Authentication_Modules%29

http://bit.ly/Xn6A2H

'spirit of sharing', Ken

 

 
Average of ratings: -
Picture of Markus Översti
Re: IMAP/POP auth not working
 

pam-auth is not the answer. I tried to get it working, but I can't find php4-pam which it needs because I use php5. Link in Moodle configuration leads to 404 error page on server which hosted php4-pam.

And Moodle's pam-auth doesn't have any configuration...

In that log file pam-winbind is a module which dovecot uses for authentication.

 
Average of ratings: -
Picture of Ken Task
Re: IMAP/POP auth not working
Group Particularly helpful Moodlers

What does php -m show on your system?

Does php5-auth-pam show in the list?

http://packages.ubuntu.com/search?keywords=php5-auth-pam

'spirit of sharing', Ken

 
Average of ratings: -
Picture of Markus Översti
Re: IMAP/POP auth not working
 

Both command line's and apache2's php has loaded imap- and pam-auth -modules.

 
Average of ratings: -
Picture of Markus Översti
Re: IMAP/POP auth not working
 

I finally turned Debugging on and it says that

Notice: Unknown: Certificate failure for localhost: certificate has expired: /C=XX/ST=There is no such thing outside US/L=Everywhere/O=OCOSA/OU=Office for Complication of Otherwise Simple Affairs/CN=eduwww.edu.local/emailAddress=root@eduwww.edu.local (errflg=2) in Unknown on line 0

Even with plain IMAP with no ssl nor tls! Which sertificate is expired?

 
Average of ratings: -
Picture of Markus Översti
Re: IMAP/POP auth not working
 

And when I renewed self-signed certificates Moodle complains: "Notice: Unknown: Certificate failure for localhost: self signed certificate: /..." EVEN when not using sll nor tls connection.

I think this is a bug.

 
Average of ratings: -
Picture of Markus Översti
Re: IMAP/POP auth not working
 

Now I succeed to make auth to work. Setting IMAP type "imapcert" uses "novalidate-cert" option in imap-authentication.

Confusing. Annoying.

Now I should try to get pam authentication to work.

 
Average of ratings: -