search

Zimbra-Community / account-history

A Zimbra extension that allows the user to monitor their recent login and account activity. This is important to keep the user's account safe.
GNU General Public License v2.0
21 stars 2 forks source link

Bing maps issue #7

Closed sempiterna closed 7 years ago

sempiterna commented 7 years ago

Hi,

First of all, the account history zimlet is a feature is awesome. I've been waiting for such feature from zimbra for a long time. Thank you for creating it.

The zimlet works, but there is an issue with displaying the Bing map. It displays the map, but it shows it fully zoomed in, in the center of the map. Zooming out reveals that it does not register/show the location (in any browser I try). In firebug I noticed that GeoLiteCity.dat could not be loaded:

"{"Header":{"context":{"session":{"id":"13","_content":"13"},"change":{"token":500702},"_jsns":"urn:zimbra" }},"Body":{"accountHistoryResponse":{"content":[{"geoIpResult":"Error Opening file /usr/share/GeoIP/GeoLiteCity .dat;/usr/share/GeoIP/GeoLiteCity.dat not available, skipping...;"}]}},"_jsns":"urn:zimbraSoap"}"

Which is correct, because the file is not there. I had to download that from the MaxMind.com site (maybe add that to the install instructions). After downloading that, the firebug request shows my city. However, that did not resolve the problem. The map is still fully zoomed in with no entry on the map I also tested it with multiple IP's.

Another request to bing.com shows an api token/credential. Could it be that either that one is no longer valid, or that it reached its limit of requests?

Update: I also noticed the GeoIP.dat file is from 2010. I downloaded a new one from maxmind.com, but that did not make a difference.

barrydegraaff commented 7 years ago

Hello,

What Zimbra version and OS version is that?

The geoip with update should be installed via the installer https://github.com/Zimbra-Community/account-history/blob/master/account-history-installer.sh

https://github.com/Zimbra-Community/account-history/blob/master/account-history-installer.sh#L42

https://github.com/Zimbra-Community/account-history/blob/master/account-history-installer.sh#L114

I am guessing you use Ubuntu, and there is probably a bug in my installer.

Then bing does not require an API key, but maybe you are over limit, it works here.

But not for ipv6.

Barry

sempiterna commented 7 years ago

OS: CentOS 6.9, 64bit Zimbra: 8.7.6_GA_1776.FOSS

I see now where the GeoIP data base went wrong. GeoIP is installed, but the update shows:

"Updating /usr/share/GeoIP/GeoIP.dat Received Error -21 (Sanity check database_info string failed) when attempting to update GeoIP Database"

This error seems to be related to the GeoIP version, where it expects an installed GeoIP version of 2, but finds 1. What GeoIP version is your script expecting? I assume also version 1, because version 2 has file extension mmdb instead of .dat.

I manually downloaded GeoIP.dat, GeoLiteCity.dat and GeoIPASNum.dat.

I just found I have one IP where at least I do see a different map location, where it thinks that it is an IP from Ghana, while the json response shows "DE", Germany. Any other IP i've seen so far only shows the middle of the map.

sempiterna commented 7 years ago

Below i'll also add a few json responses, maybe it's useful:

Germany, shows in Ghana: {"Header":{"context":{"session":{"id":"142","_content":"142"},"change":{"token":500818},"_jsns":"urn :zimbra"}},"Body":{"AccountHistoryAdminResponse":{"content":[{"geoIpResult":"GeoIP City Edition, Rev 1: DE, N/A, N/A, N/A, 51.299301, 9.491000, 0, 0;"}]}},"_jsns":"urn:zimbraSoap"}

NL, shows the middle of the map: {"Header":{"context":{"session":{"id":"11","_content":"11"},"change":{"token":500821},"_jsns":"urn:zimbra" }},"Body":{"accountHistoryResponse":{"content":[{"geoIpResult":"GeoIP City Edition, Rev 1: NL, 06, 's-hertogenbosch , 5231, 51.710098, 5.306700, 0, 0;"}]}},"_jsns":"urn:zimbraSoap"}

barrydegraaff commented 7 years ago

yeah I think the installer was not tested on centos 6.

So there is probably the issue.

On 12 Aug 2017, at 16:42, Jeroen Wierda notifications@github.com wrote:

OS: CentOS 6.9, 64bit Zimbra: 8.7.6_GA_1776.FOSS

I see now where the GeoIP data base went wrong. GeoIP is installed, but the update shows:

"Updating /usr/share/GeoIP/GeoIP.dat Received Error -21 (Sanity check database_info string failed) when attempting to update GeoIP Database"

This error seems to be related to the GeoIP version, where it expects an installed GeoIP version of 2, but finds 1. What GeoIP version is your script expecting? I assume also version 1, because version 2 has file extension mmdb instead of .dat.

I manually downloaded GeoIP.dat, GeoLiteCity.dat and GeoIPASNum.dat.

I just found I have one IP where at least I do see a different map location, where it thinks that it is an IP from Ghana, while the json response shows "DE", Germany. Any other IP i've seen so far only shows the middle of the map.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.

barrydegraaff commented 7 years ago

I did found one issue with the installer, and that it does not install java.

At the end of the installer it fails to run propmigr, you don't need it on fresh installs, but because of the bug it will not tell you to restart mailbox.

Please re-download the installer, reinstall en restart mailbox when done (the installer should tell you how).

I tested on 8.6 on centos 6.9 and it just works.

sempiterna commented 7 years ago

Unfortunately it still does not work. I'm giving up trying, as just having the IP's is good enough for now. Maybe it's caused by a difference in java version (java-1.5.0-gcj-1.5.0.0-29.1.el6.x86_64 is being installed/checked against).

It would be nice though if the IP list shows if it was a successful or 'invalid password' log entry is, because someone with no access to the raw logs could think his/her account is compromised when seeing all kinds of unknown IP's in the list. Another 'nice to have' would be an ability to look further back in the logs.

barrydegraaff commented 6 years ago

Account History Zimlet has been updated to use OpenStreetMap instead of Bing Maps.

The reason for this change is that Bing Maps is deprecating the API that we use. And the new API would require a per installation API KEY, that sysadmins need to obtain from Microsoft.

Therefore I opted to switch to OpenStreetMap, that does not need AP keys to be set. The result is pretty much the same as before.

barrydegraaff commented 6 years ago

@sempiterna or in your case, it should maybe work now!