GNOME Bugzilla – Bug 585638
Cannot connect with RPC over HTTP
Last modified: 2013-11-28 17:27:22 UTC
Forwarding this from a Fedora bug: http://bugzilla.redhat.com/show_bug.cgi?id=505124 Description of problem: When setting up a mailbox that connects to exchange, it never logs in. Version-Release number of selected component (if applicable): evolution-mapi-0.26.1-1.fc11.x86_64 evolution-data-server-2.26.2-1.fc11.x86_64 evolution-data-server-doc-2.26.2-1.fc11.noarch evolution-2.26.2-1.fc11.x86_64 evolution-help-2.26.2-1.fc11.noarch evolution-data-server-devel-2.26.2-1.fc11.x86_64 evolution-perl-2.26.2-1.fc11.x86_64 Mailbox server Microsoft Exchange Version: 8.1.240.0 How reproducible: Every time Steps to Reproduce: 1. Edit -> Preferences 2. Select "Exchange MAPI" 3. Put in the server from the "Mailbox server name" from OWA's Options/About 4. Fill in username and domain 5. Press authenticate and enter password Actual results: Get dialog with "Authentication failed. MapiLogonProvider:MAPI_E_LOGIN_FAILED" Expected results: Forward button enables and mailbox configuration continues. Additional info: Here's the console output from running evolution. ** (evolution:8884): DEBUG: Loading Exchange MAPI Plugin ** (evolution:8884): DEBUG: MAPI listener is constructed with 0 listed MAPI accounts ** (evolution:8884): DEBUG: mailto URL command: evolution --component=mail %s ** (evolution:8884): DEBUG: mailto URL program: evolution e-data-server-ui-Message: Unable to find password(s) in keyring (Keyring reports: No matching results) e-data-server-ui-Message: Key file does not have group 'Passwords-ExchangeMAPI' Create profile with bdwheele ADS iu-mssg-mbx04.ads.iu.edu libexchangemapi-Message: exchange-mapi-connection.c:2874: exchange_mapi_create_profile: lock(connect_lock) Logging into the server... Failed to bind to uuid 1544f5e0-613c-11d1-93df-00c04fd7bd09 - NT_STATUS_NET_WRITE_FAULT Failed to bind to uuid f5cc5a18-4264-101a-8c59-08002b2f8426 - NT_STATUS_NET_WRITE_FAULT MapiLogonProvider : MAPI_E_LOGON_FAILED (0x80040111) (evolution:8884): libexchangemapi-DEBUG: Deleting profile bdwheele@ADS libexchangemapi-Message: exchange-mapi-connection.c:2966: exchange_mapi_create_profile: unlock(connect_lock) (evolution:8884): e-data-server-ui-WARNING **: Unable to find password(s) in keyring (Keyring reports: No matching results) (evolution:8884): Gdk-CRITICAL **: gdk_x11_atom_to_xatom_for_display: assertion `atom != GDK_NONE' failed e-data-server-ui-Message: Unable to find password(s) in keyring (Keyring reports: No matching results) e-data-server-ui-Message: Key file does not have group 'Passwords-ExchangeMAPI' Create profile with bdwheele ADS iu-mssg-mbx04.ads.iu.edu libexchangemapi-Message: exchange-mapi-connection.c:2874: exchange_mapi_create_profile: lock(connect_lock) Logging into the server... Failed to bind to uuid 1544f5e0-613c-11d1-93df-00c04fd7bd09 - NT_STATUS_NET_WRITE_FAULT Failed to bind to uuid f5cc5a18-4264-101a-8c59-08002b2f8426 - NT_STATUS_NET_WRITE_FAULT MapiLogonProvider : MAPI_E_LOGON_FAILED (0x80040111) (evolution:8884): libexchangemapi-DEBUG: Deleting profile bdwheele@ADS libexchangemapi-Message: exchange-mapi-connection.c:2966: exchange_mapi_create_profile: unlock(connect_lock) (evolution:8884): e-data-server-ui-WARNING **: Unable to find password(s) in keyring (Keyring reports: No matching results) (evolution:8884): Gdk-CRITICAL **: gdk_x11_atom_to_xatom_for_display: assertion `atom != GDK_NONE' failed
I'm the reporter of the Fedora bug referenced above. I tried connecting via the mapiprofile tool to try to connect and I get the same error. I tried posting an issue upstream, but openchange's trac said I didn't have permission. Here's the output of the tool: mapiprofile --profile=bdwheele --username=bdwheele --address=iu-mssg-mbx04.ads.iu.edu --domain=ADS --realm=ADS.IU.EDU --create --password=xxx --debuglevel=100 Using binding ncacn_ip_tcp:iu-mssg-mbx04.ads.iu.edu Mapped to DCERPC endpoint 135 added interface ip=129.79.35.118 nmask=255.255.255.0 added interface ip=192.168.122.1 nmask=255.255.255.0 added interface ip=129.79.35.118 nmask=255.255.255.0 added interface ip=192.168.122.1 nmask=255.255.255.0 rpc request data: [0000] 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0010] 00 00 00 00 02 00 00 00 4B 00 00 00 4B 00 00 00 ........ K...K... [0020] 05 00 13 00 0D E0 F5 44 15 3C 61 D1 11 93 DF 00 .......D .<a..... [0030] C0 4F D7 BD 09 01 00 02 00 00 00 13 00 0D 04 5D .O...... .......] [0040] 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 02 00 ........ ..+.H`.. [0050] 02 00 00 00 01 00 0B 02 00 00 00 01 00 07 02 00 ........ ........ [0060] 00 00 01 00 09 04 00 00 00 00 00 00 00 00 00 00 ........ ........ [0070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0080] 01 00 00 00 .... rpc reply data: [0000] 00 00 00 00 24 EC 29 82 31 89 C5 4A B8 4A CB B7 ....$.). 1..J.J.. [0010] E9 2D E0 E0 01 00 00 00 01 00 00 00 00 00 00 00 .-...... ........ [0020] 01 00 00 00 03 00 00 00 4B 00 00 00 4B 00 00 00 ........ K...K... [0030] 05 00 13 00 0D E0 F5 44 15 3C 61 D1 11 93 DF 00 .......D .<a..... [0040] C0 4F D7 BD 09 01 00 02 00 00 00 13 00 0D 04 5D .O...... .......] [0050] 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 02 00 ........ ..+.H`.. [0060] 02 00 00 00 01 00 0B 02 00 00 00 01 00 07 02 00 ........ ........ [0070] 04 A5 01 00 09 04 00 0A 4F 01 5F 00 00 00 00 00 ........ O._..... Mapped to DCERPC endpoint 1189 added interface ip=129.79.35.118 nmask=255.255.255.0 added interface ip=192.168.122.1 nmask=255.255.255.0 added interface ip=129.79.35.118 nmask=255.255.255.0 added interface ip=192.168.122.1 nmask=255.255.255.0 Starting GENSEC mechanism spnego Starting GENSEC submechanism gssapi_krb5 gensec_krb5_start: krb5_init_context failed (Cannot allocate memory) Failed to start GENSEC client mech gssapi_krb5: NT_STATUS_INTERNAL_ERROR Starting GENSEC submechanism ntlmssp Got challenge flags: Got NTLMSSP neg_flags=0x62898205 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_CHAL_TARGET_INFO NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH NTLMSSP challenge set by NTLM2 challenge is: [0000] CC 0A 28 40 41 6C A2 B4 ..(@Al.. NTLMSSP: Set final flags: Got NTLMSSP neg_flags=0x60088205 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH Failed to bind to uuid 1544f5e0-613c-11d1-93df-00c04fd7bd09 - NT_STATUS_NET_WRITE_FAULT Failed to connect to remote server: ncacn_ip_tcp:iu-mssg-mbx04.ads.iu.edu[] NT_STATUS_NET_WRITE_FAULT Using binding ncacn_ip_tcp:iu-mssg-mbx04.ads.iu.edu Mapped to DCERPC endpoint 135 added interface ip=129.79.35.118 nmask=255.255.255.0 added interface ip=192.168.122.1 nmask=255.255.255.0 added interface ip=129.79.35.118 nmask=255.255.255.0 added interface ip=192.168.122.1 nmask=255.255.255.0 rpc request data: [0000] 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0010] 00 00 00 00 02 00 00 00 4B 00 00 00 4B 00 00 00 ........ K...K... [0020] 05 00 13 00 0D 18 5A CC F5 64 42 1A 10 8C 59 08 ......Z. .dB...Y. [0030] 00 2B 2F 84 26 38 00 02 00 00 00 13 00 0D 04 5D .+/.&8.. .......] [0040] 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 02 00 ........ ..+.H`.. [0050] 02 00 00 00 01 00 0B 02 00 00 00 01 00 07 02 00 ........ ........ [0060] 00 00 01 00 09 04 00 00 00 00 00 00 00 00 00 00 ........ ........ [0070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0080] 01 00 00 00 .... rpc reply data: [0000] 00 00 00 00 50 D9 2A 93 17 5A 50 49 94 1F E5 07 ....P.*. .ZPI.... [0010] 70 FF 4E A9 01 00 00 00 01 00 00 00 00 00 00 00 p.N..... ........ [0020] 01 00 00 00 03 00 00 00 4B 00 00 00 4B 00 00 00 ........ K...K... [0030] 05 00 13 00 0D 18 5A CC F5 64 42 1A 10 8C 59 08 ......Z. .dB...Y. [0040] 00 2B 2F 84 26 38 00 02 00 00 00 13 00 0D 04 5D .+/.&8.. .......] [0050] 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 02 00 ........ ..+.H`.. [0060] 02 00 00 00 01 00 0B 02 00 00 00 01 00 07 02 00 ........ ........ [0070] 04 E5 01 00 09 04 00 0A 4F 01 5F 00 00 00 00 00 ........ O._..... Mapped to DCERPC endpoint 1253 added interface ip=129.79.35.118 nmask=255.255.255.0 added interface ip=192.168.122.1 nmask=255.255.255.0 added interface ip=129.79.35.118 nmask=255.255.255.0 added interface ip=192.168.122.1 nmask=255.255.255.0 Starting GENSEC mechanism spnego Starting GENSEC submechanism gssapi_krb5 gensec_krb5_start: krb5_init_context failed (Cannot allocate memory) Failed to start GENSEC client mech gssapi_krb5: NT_STATUS_INTERNAL_ERROR Starting GENSEC submechanism ntlmssp Got challenge flags: Got NTLMSSP neg_flags=0x62898205 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_CHAL_TARGET_INFO NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH NTLMSSP challenge set by NTLM2 challenge is: [0000] 35 8D E5 04 0E B1 2C 8D 5.....,. NTLMSSP: Set final flags: Got NTLMSSP neg_flags=0x60088205 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH Failed to bind to uuid f5cc5a18-4264-101a-8c59-08002b2f8426 - NT_STATUS_NET_WRITE_FAULT Failed to connect to remote server: ncacn_ip_tcp:iu-mssg-mbx04.ads.iu.edu[] NT_STATUS_NET_WRITE_FAULT MapiLogonProvider : MAPI_E_LOGON_FAILED (0x80040111) Deleting profile
I think this is related, except that it occurs for an exchange mailbox that was already set up and working properly under Fedora 10, before upgrading to Fedora 11. Now, Evolution hangs at start-up for about 10-15 minutes, but eventually does successfully log in to an exchange server, and works properly after that. My other accounts are unresponsive as well during this period. I have been using evolution since 2003. This is the first serious problem. (Its continuing inability to remember passwords is a minor one.) > Version-Release number of selected component (if applicable): evolution-2.26.2-1.fc11.i586 > How reproducible: Every time. > Steps to Reproduce: Start evolution. > Actual results: It takes 10-15 minutes to start, with no windows appearing for about 5 minutes. Some console messages appear during this period: see below. Then a non-responsive password window appears, followed in several minutes by the main evolution window, also non-responsive. Eventually, the windows start responding normally. > Expected results: Evolution windows should open and be usable, as before the "upgrade". > Additional info: Exchange server information: OWA URL = http://EVS01.nation.citadel.edu, Mail headers contain string "Microsoft SMTPSVC(6.0.3790.3959)". Console error messages: All messages appear early, before the longest wait, and may or may not be related to this problem. (Evolution never could save passwords, but that was a relatively minor nuisance.) ** (evolution:3812): WARNING **: LDAP authentication failed (0xffffffff (Can't contact LDAP server)) ** (evolution:3812): DEBUG: mailto URL command: /home/local/lib/thunderbird-2.0.0.22/thunderbird "%s" ** (evolution:3812): DEBUG: mailto URL program: thunderbird (evolution:3812): e-utils-WARNING **: No parent set, or default parent available for error dialog (evolution:3812): Gdk-CRITICAL **: gdk_x11_atom_to_xatom_for_display: assertion `atom != GDK_NONE' failed e-data-server-ui-Message: Unable to find password(s) in keyring (Keyring reports: No matching results) e-data-server-ui-Message: Key file does not have group 'Passwords-Exchange'
happens for me on ubuntu 9.04. Have tried a variety of workarounds with no luck.
(In reply to comment #2) > I think this is related, except that it occurs for an exchange mailbox that was > already set up and working properly under Fedora 10, before upgrading to Fedora > 11. Now, Evolution hangs at start-up for about 10-15 minutes, but eventually > does successfully log in to an exchange server, and works properly after that. > My other accounts are unresponsive as well during this period. I have been > using evolution since 2003. This is the first serious problem. (Its continuing > inability to remember passwords is a minor one.) > I would suggest to use Exchange-OWA (evolution-exchange) for 2003 accounts.
I should clarify that I am using evolution-exchange. Until that is installed, the non-exchange accounts work fine. After installation of evolution-exchange, all have a major delay at startup.
Scott, this is evolution-mapi, not evolution-exchange, you chose wrong product in bugzilla. bdwheele, what is your server version? I assume it's requiring secure connection, which was done in openchange 0.9 and is turned on if you add an attribute "seal=true" for the profile, which was done in evolution-mapi just recently, in bug #579185. You can create the profile with mapiprofile when you add also a --encrypt parameter to your above from comment #1. Can you give it a try, please?
The server version is 2007, I believe. There is talk that they are going to update to 2010 in the next few weeks. Here's some of the output of the 'about' page from the web client: ------- Outlook Web Access version: 8.2.234.1 Client Access server name: iu-mssg-cas05.ads.iu.edu Exchange Client Access server .NET Framework version: 2.0.50727.3607 Client Access server operating system version: Microsoft Windows NT 5.2.3790 Service Pack 2 Client Access server operating system language: en-US Microsoft Exchange Client Access server version: 8.2.176.0 Client Access server language: en-US Client Access server time zone: Eastern Standard Time Microsoft Exchange Client Access server platform: 64bit Mailbox server name: iu-mssg-mbx04.ads.iu.edu Mailbox server Microsoft Exchange version: 8.2.176.0 Authentication type associated with this Outlook Web Access session: Basic Public logon: Yes --------- I tried it on Fedora 13, which uses openchange-0.9-2.fc13.x86_64 openchange-client-0.9-2.fc13.x86_64 and It core dumps (although the core file isn't actually created). The output is: --------------- [bdwheele@nibbler ~]$ mapiprofile --profile=bdwheele --username=bdwheele --address=iu-mssg-mbx04.ads.iu.edu --domain=ADS --realm=ADS.IU.EDU --create --password=xxx --debuglevel=100 --seal=true Using binding ncacn_ip_tcp:iu-mssg-mbx04.ads.iu.edu Mapped to DCERPC endpoint 135 added interface ip=129.79.35.119 nmask=255.255.255.0 added interface ip=192.168.122.1 nmask=255.255.255.0 added interface ip=129.79.35.119 nmask=255.255.255.0 added interface ip=192.168.122.1 nmask=255.255.255.0 epm_Map: struct epm_Map in: struct epm_Map object : * object : 00000000-0000-0000-0000-000000000000 map_tower : * map_tower: struct epm_twr_t tower_length : 0x0000004b (75) tower: struct epm_tower num_floors : 0x0005 (5) floors: ARRAY(5) floors: struct epm_floor lhs: struct epm_lhs protocol : EPM_PROTOCOL_UUID (13) lhs_data : DATA_BLOB length=18 [0000] E0 F5 44 15 3C 61 D1 11 93 DF 00 C0 4F D7 BD 09 ..D.<a.. ....O... [0010] 01 00 .. rhs : union epm_rhs(case 13) uuid: struct epm_rhs_uuid unknown : DATA_BLOB length=2 [0000] 00 00 .. floors: struct epm_floor lhs: struct epm_lhs protocol : EPM_PROTOCOL_UUID (13) lhs_data : DATA_BLOB length=18 [0000] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H` [0010] 02 00 .. rhs : union epm_rhs(case 13) uuid: struct epm_rhs_uuid unknown : DATA_BLOB length=2 [0000] 00 00 .. floors: struct epm_floor lhs: struct epm_lhs protocol : EPM_PROTOCOL_NCACN (11) lhs_data : DATA_BLOB length=0 rhs : union epm_rhs(case 11) ncacn: struct epm_rhs_ncacn minor_version : 0x0000 (0) floors: struct epm_floor lhs: struct epm_lhs protocol : EPM_PROTOCOL_TCP (7) lhs_data : DATA_BLOB length=0 rhs : union epm_rhs(case 7) tcp: struct epm_rhs_tcp port : 0x0000 (0) floors: struct epm_floor lhs: struct epm_lhs protocol : EPM_PROTOCOL_IP (9) lhs_data : DATA_BLOB length=0 rhs : union epm_rhs(case 9) ip: struct epm_rhs_ip ipaddr : 0.0.0.0 entry_handle : * entry_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 max_towers : 0x00000001 (1) rpc request data: [0000] 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0010] 00 00 00 00 02 00 00 00 4B 00 00 00 4B 00 00 00 ........ K...K... [0020] 05 00 13 00 0D E0 F5 44 15 3C 61 D1 11 93 DF 00 .......D .<a..... [0030] C0 4F D7 BD 09 01 00 02 00 00 00 13 00 0D 04 5D .O...... .......] [0040] 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 02 00 ........ ..+.H`.. [0050] 02 00 00 00 01 00 0B 02 00 00 00 01 00 07 02 00 ........ ........ [0060] 00 00 01 00 09 04 00 00 00 00 00 00 00 00 00 00 ........ ........ [0070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0080] 01 00 00 00 .... rpc reply data: [0000] 00 00 00 00 43 4C B5 A6 F9 06 D2 4A 8A DA 55 A6 ....CL.. ...J..U. [0010] 9D 4E 34 46 01 00 00 00 01 00 00 00 00 00 00 00 .N4F.... ........ [0020] 01 00 00 00 03 00 00 00 4B 00 00 00 4B 00 00 00 ........ K...K... [0030] 05 00 13 00 0D E0 F5 44 15 3C 61 D1 11 93 DF 00 .......D .<a..... [0040] C0 4F D7 BD 09 01 00 02 00 00 00 13 00 0D 04 5D .O...... .......] [0050] 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 02 00 ........ ..+.H`.. [0060] 02 00 00 00 01 00 0B 02 00 00 00 01 00 07 02 00 ........ ........ [0070] 04 BC 01 00 09 04 00 0A 4F 01 5F 00 00 00 00 00 ........ O._..... Mapped to DCERPC endpoint 1212 added interface ip=129.79.35.119 nmask=255.255.255.0 added interface ip=192.168.122.1 nmask=255.255.255.0 added interface ip=129.79.35.119 nmask=255.255.255.0 added interface ip=192.168.122.1 nmask=255.255.255.0 Starting GENSEC mechanism spnego Starting GENSEC submechanism gssapi_krb5 Aborted (core dumped) --------------------- I'm going to try it on rawhide as soon as I get that vm up and running. If it fails there too, what's the best way to test it -- do I need to rebuild the openchange binaries or will evolution-mapi be enough?
I've tried it on rawhide and I get the abort when the krb5.conf file has my kerberos information (which I use for other things). If the krb5.conf doesn't have the requested realm, I get this error message: ---- Starting GENSEC mechanism spnego Starting GENSEC submechanism gssapi_krb5 kinit for bdwheele@ADS.IU.EDU failed (Cannot contact any KDC for requested realm: unable to reach any KDC in realm ADS.IU.EDU) Failed to get CCACHE for GSSAPI client: Cannot contact any KDC for requested realm Cannot reach a KDC we require to contact host@IU-MSSG-MBX04.ADS.IU.EDU Failed to start GENSEC client mech gssapi_krb5: NT_STATUS_INVALID_PARAMETER Starting GENSEC submechanism ntlmssp ---- then it falls back to ntlmssp and fails.
Thanks for the update. Then your server forces a kerberos login, right? It seems they have there a bug in samba4 with respect of kerberos login, or in some library they are using. I would suggest to get openchange's svn trunk and build it together with samba-git from there, to get the latest source, which will be released as part of openchange 0.10 (no exact date yet, hopefully before gnome 3.0). To make your life easier, I'm using these steps to build openchange svn trunk and samba4 from openchange sources (note the samba4 prefix is hardcoded to /usr/local and it sometimes requires root password): a) checkout openchange svn to some source directory: $ svn co https://svn.openchange.org/openchange/trunk openchange b) in openchange directory run: $ make samba-git and when it finishes: $ for i in /usr/local/samba/lib/*.so ; do cp -s $i $i.0 2>/dev/null; done c) configure openchange $ ./configure --with-samba=/usr/local/samba --prefix=/usr/local/samba && make && make install (the make install would be done as root, I suppose, but I'm using a different prefix, where is not needed a root user.) d) update .so files as in b) $ for i in /usr/local/samba/lib/*.so ; do cp -s $i $i.0 2>/dev/null; done e) and finally, as root: $ echo /usr/local/samba/lib >/etc/ld.so.conf.d/samba.conf $ ldconfig with all this you should have built all latest openchange and samba4 development versions. Try with the openchangeclient and let's see. (It will be better to ensure opencangeclient is working, then we can move to evolution-mapi). Note there is a bug #592779 about kerberos login itself, thus if this one is about it too, then we can merge them together.
I rebuilt it and I still get the crash on GENSEC. I made sure to remove the old libraries before the rebuild so they're not involved.
Reopening as I think the requested information has been provided.
Created attachment 172087 [details] samba workaround patch (In reply to comment #10) > I rebuilt it and I still get the crash on GENSEC. I made sure to remove the > old libraries before the rebuild so they're not involved. Might be related to this issue: https://bugzilla.samba.org/show_bug.cgi?id=7654 The attached is a workaround patch to samba4 which fixes the crash, but doesn't fix functionality (I suppose the krb5 authentication may fail a bit later, but when it's not enabled/used then it works). I only guess it's the same issue as mine, because you didn't provide backtrace of the crash with debug info packages installed.
Hi! I'm running Evolution 2.91.4 with MAPI plugin. All configurations are correct but I can't log in to Exchange server 2007. The error in debug show NT_STATUS_IO_TIMEOUT as below. That means evolution-mapi use port 135 as default to connect Exchange server. Do we have any way to edit default port? Because our server running Exchange server and they only open port 993,587 and 25. Unknown parameter encountered: "max log size" Ignoring unknown parameter "max log size" Unknown parameter encountered: "syslog" Ignoring unknown parameter "syslog" Unknown parameter encountered: "passdb backend" Ignoring unknown parameter "passdb backend" Unknown parameter encountered: "unix password sync" Ignoring unknown parameter "unix password sync" Unknown parameter encountered: "passwd program" Ignoring unknown parameter "passwd program" Unknown parameter encountered: "pam password change" Ignoring unknown parameter "pam password change" Unknown parameter encountered: "map to guest" Ignoring unknown parameter "map to guest" Unknown parameter encountered: "usershare allow guests" Ignoring unknown parameter "usershare allow guests" Unknown parameter encountered: "guest ok" Ignoring unknown parameter "guest ok" Unknown parameter encountered: "guest ok" Ignoring unknown parameter "guest ok" (evolution:15756): libexchangemapi-DEBUG: Logging into the server... Failed to connect host xxx.xxx.xxx.xxx on port 135 - NT_STATUS_IO_TIMEOUT Failed to connect host xxx.xxx.xxx.xxx (exc1.prism.com.vn) on port 135 - NT_STATUS_IO_TIMEOUT.
(In reply to comment #13) > I'm running Evolution 2.91.4 with MAPI plugin. All configurations are correct > but I can't log in to Exchange server 2007. The error in debug show > NT_STATUS_IO_TIMEOUT as below. That means evolution-mapi use port 135 as > default to connect Exchange server. Do we have any way to edit default port? > Because our server running Exchange server and they only open port 993,587 and > 25. I didn't find a way how to define a port in the libmapi, thus it seems it's not available. Try to setup some kind of tunnel in your system, which will use the right port in the background. I filled an openchange issue [1] for this. [1] http://tracker.openchange.org/issues/346
You can't change the port - RPC over TCP/IP needs to find the end-point mapper. I'm guessing that Thang Nguyen (reporter of this issue, which is pretty much unrelated to everything in the original report and comments 1-12) is trying to connect from outside the firewall, which isn't currently supported by openchange (or samba). Port 993 is IMAP over SSL. Port 587 is RPC over HTTP(S), which is the right solution in this case, but is still being implemented for openchange (see http://tracker.openchange.org/issues/42) Port 25 is SMTP.
Ouch. Port 587 is not RPC-over-HTTP, but is the mail submission port. So you don't have any port where you could connect using RPC over HTTP(S) or RPC over TCP/IP. I'm not sure how this could possibly work.
Yes, Brad. 587 is submission port. I tried to create 1 tunnel to Exchange server via gSTM. The Evolution still got NT_STATUS_IO_TIMEOUT and couldn't connect to exchange server via IP 127.0.0.1 port 135. Seems Evolution always connect to Exchange server via port 135
Thang, or anybody being able to reproduce this and whose server requires RPC-over-HTTP, could you compile openchange 0.11 yourself and try to change the file libmapi/IMSProvider.c in function build_binding_string(), which contains a string "ncacn_ip_tcp:%s[". The prefix "ncacn_ip_tcp" tells it how to connect. The value for RPC-over-HTTP seems to be "ncacn_http", thus try to change it to it and compile. If the server requires any proxy, then add it after the '[' in the initial string with value like "ProxyServer=myproxy:3128". I see sample binding strings from samba4 being like: "ncacn_http:127.0.0.1" "ncacn_http:127.0.0.1[78]" "ncacn_http:127.0.0.1[78,ProxyServer=myproxy:3128]" note that "127.0.0.1" is placed in the string by the %s in the initial build_binding_string() function, thus you can change the strings into one of these: "ncacn_http:%s[" "ncacn_http:%s[ProxyServer=myproxy:3128," then try to login, whether it'll help at all.
With respect of the initial issue, the kerberos error is fixed with openchange-0.11 (it is fixed in the samba version it requires), and evolution-mapi 3.2.0 depends on OpenChange 0.11, thus I consider this fixed. The rest is waiting on Bradh's issue in OpenChange from comment #15.
*** Bug 607788 has been marked as a duplicate of this bug. ***
Bad news, I tested this with samba4 alpha17 and the ncacn_http is not supported. OpenChange relies on samba4 with connections, thus we are stuck here.
(In reply to comment #21) > Bad news, I tested this with samba4 alpha17 and the ncacn_http is not > supported. OpenChange relies on samba4 with connections, thus we are stuck > here. Apparently there's not much code that needs to be done and there's code written against a much older branch of samba4 that would need to be ported. I would be interested in doing some form of bounty if you know someone that is interested.
(In reply to comment #22) > Apparently there's not much code that needs to be done and there's code written > against a much older branch of samba4 that would need to be ported. Do you have a pointer for the code, maybe a link, where it resides, please? I can give it a try, even it's quite new to me.
I can't find the original details that I found (it was around a year ago). But one link I have is the one below which had some details of the developer and repo. http://www.mail-archive.com/samba@lists.samba.org/msg104029.html
Found it [1], thanks. Based on the log there is basically nothing done, but if nothing else then it shows where to look. [1] http://git.samba.org/?p=jelmer/samba4.git;a=shortlog;h=refs/heads/v4-0-ncacn-http
Here's also description of the protocol, but I'm sorry to say, but it's quite out of my knowledge, I've not much idea what to do, especially inside samba4. http://msdn.microsoft.com/en-us/library/cc243950%28v=prot.10%29.aspx
*** Bug 659694 has been marked as a duplicate of this bug. ***
This is still waiting on samba and openchange, for a too long time. I was told (if I recall correctly), that the connection with RPC-over-HTTP will work for free once implemented by the samba/openchange. I'm closing this. MAPI protocol is disabled by default on Exchange 2013 servers, and evolution-mapi is currently in a maintenance mode only, basically to be a replacement for evolution-exchange, which was used to connect to Exchange 2003 servers. Any users with Exchange 2007 or newer servers should switch to evolution-ews, which is actively developed.