Author Topic: eBox installation in combination with existing LDAP Server  (Read 4122 times)

74dani

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
eBox installation in combination with existing LDAP Server
« on: April 16, 2009, 06:50:17 pm »
Hello,

I am trying to set up an eBox-Mailserver in combination with an existing LDAP-Server. The ebox version is 1.0 on top of a ubuntu 8.04 LTS.

I have several servers running in my network for different tasks:

serverdescriptionebox
pdcopenLDAP-server for authenticationno
egwGroupware-server with the egroupware installation 1.6.0 with existing ldap connectionyes
egw-dbdatabase-server for egroupwareno
mailmail-server for egroupware with postfix, courier, fetchmailyes

The servers pdc, egw and egw-db are already running. Now I have just started with the mail-server and try to setup the userandgroups-module with the existing ldap-server. I have already tried to change the values in the sourcecode and yes, I know that these changes will be overwritten by an update:

File ldap.pm:
use constant DN            => "dc=domain";
use constant LDAP          => "ldap://ip-adress of mail";

File UsersandGroups.pm:
use constant USERSDN        => 'ou=users';
use constant GROUPSDN       => 'ou=groups';

I have changed the password in /var/lib/ebox/conf/ebox-ldap.passwd to the correct one.

When I try to edit a user the result is:

An internal error has ocurred. This is most probably a bug, relevant information can be found in the logs.
An internal error related to a template has occurred. This is a bug, relevant information can be found in the logs.

When I try to edit groups the result is:

An internal error has ocurred. This is most probably a bug, relevant information can be found in the logs.

Further information:
  • There is no firewall or something else running, which can block the connection. With phpldapadmin I can connect to the ldap-server on the pdc and to the ldap running on the mail server.
  • The slapd.conf files are identical except the schema includes for egroupware.

What else do I have to change to get this running?

It is not very charming, to set up several ldap-servers and to create the same useraccount on several servers. If there is no way to get this working as I tried to, I will have to setup an ldap-server on the mail server and a slurpd environment on each other server. But this is not the way I like it, because the pdc should do the authentication.

For further assistence I will be thankful.

best regards
Daniel
best regards
Daniel

Systeminfo: Serverfarm with vmware server and ubuntu 8.04 LTS

sixstone

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1417
  • Karma: +26/-0
    • View Profile
    • Sixstone's blog
Re: eBox installation in combination with existing LDAP Server
« Reply #1 on: April 17, 2009, 09:56:44 am »
When I try to edit a user the result is:

An internal error has ocurred. This is most probably a bug, relevant information can be found in the logs.
An internal error related to a template has occurred. This is a bug, relevant information can be found in the logs.

When I try to edit groups the result is:

An internal error has ocurred. This is most probably a bug, relevant information can be found in the logs.

Hi Daniel,

Firstly, to know more about this error. You must turn on the debug by setting "debug" variable to "yes" in /etc/ebox/99ebox.conf. Then, reproduce the steps and we'll see what's going on.

Best regards,
My secret is my silence...

74dani

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: eBox installation in combination with existing LDAP Server
« Reply #2 on: April 22, 2009, 08:06:51 pm »
Hi sixstone,

thank you for your hint to enable debugging and where to do it. The debugging output told me the problem:

Quote
\n$VAR1 = bless( {
                 '-stacktrace' => 'Can\'t create ldapi connection at /usr/share/perl5/EBox/Ldap.pm line 127
   EBox::Ldap::ldapCon(\'EBox::Ldap=HASH(0x99c97d0)\') called at /usr/share/perl5/EBox/Ldap.pm line 248
   EBox::Ldap::search(\'EBox::Ldap=HASH(0x99c97d0)\', \'HASH(0x9ee09f4)\') called at /usr/share/perl5/EBox/UsersAndGroups.pm line 635
   EBox::UsersAndGroups::users(\'EBox::UsersAndGroups=HASH(0x99c9890)\') called at /usr/share/perl5/EBox/UsersAndGroups/Model/Users.pm line 150
   EBox::UsersAndGroups::Model::Users::rows(\'EBox::UsersAndGroups::Model::Users=HASH(0x9a75438)\', \'undef\', 0) called at /usr/share/perl5/EBox/CGI/View/DataTable.pm line 57
   EBox::CGI::View::DataTable::_process(\'EBox::CGI::View::DataTable=HASH(0x8edc3f8)\') called at /usr/share/perl5/EBox/CGI/Base.pm line 261
   EBox::CGI::Base::run(\'EBox::CGI::View::DataTable=HASH(0x8edc3f8)\') called at /usr/share/perl5/EBox/CGI/Run.pm line 86
   EBox::CGI::Run::run(\'EBox::CGI::Run\', \'/Users/View/Users\') called at /usr/share/ebox/cgi/ebox.cgi line 19
   ModPerl::ROOT::ModPerl::Registry::usr_share_ebox_cgi_ebox_2ecgi::handler(\'Apache2::RequestRec=SCALAR(0x9edab84)\') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
   eval {...} called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
   ModPerl::RegistryCooker::run(\'ModPerl::Registry=HASH(0x8edc344)\') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 170
   ModPerl::RegistryCooker::default_handler(\'ModPerl::Registry=HASH(0x8edc344)\') called at /usr/lib/perl5/ModPerl/Registry.pm line 31
   ModPerl::Registry::handler(\'ModPerl::Registry\', \'Apache2::RequestRec=SCALAR(0x9edab84)\') called at -e line 0
   eval {...} called at -e line 0
',
                 '-file' => '/usr/share/perl5/EBox/Ldap.pm',
                 '-text' => 'Can\'t create ldapi connection',
                 '-line' => 127,
                 '-package' => 'EBox::Ldap'
               }, 'EBox::Exceptions::Internal' );
Now it is just working fine. I have had to adjust the settings for the constant LDAPI in the file ldap.pm.

The original line was:
use constant LDAPI         => "ldapi://%2fvar%2frun%2fslapd%2fldapi";

The correct one for my installation is:
use constant LDAPI         => "ldap://<IP-Adress>:389";

I know that this connection is just unsecure, but for the first tests it is absolutely ok.

It would be nice, if there would be a possibility to change the ldap-server within the ebox gui in the future.

Greetings
Daniel

best regards
Daniel

Systeminfo: Serverfarm with vmware server and ubuntu 8.04 LTS

bZx

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: eBox installation in combination with existing LDAP Server
« Reply #3 on: April 23, 2009, 12:12:41 am »
Hi,

I'm a new ebox user that i use in a home (5 client pc/laptops under linux/windows) and i would like to use a ldap server for the file sharing (as with active directory under windows). I fear i won't be able to help you resolving your problem but i use this topic to ask you some advice about ldap. I would like to know if ldap can make me able to synchronize the server data with the laptops/pc datas under linux/windows at log on (when connected to local area network or vpn). And if it's possible what ldap server software should i choose for a easy configuration ?