Author Topic: 1.3.15 ActiveDirectorySync Wiki out of date, how can I configure?  (Read 1741 times)

danscrima

  • Zen Apprentice
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
Hey guys, I'm having a small issue with the new 1.3.15 release.
I have a Windows Server ready to go with the AD sync program, but the wiki for setting up my ebox slave is either out of date or I have my ebox setup wrong..   :(

http://trac.ebox-platform.com/wiki/Document/Documentation/EBoxActiveDirectorySync

That wiki is saying there should be Users > Mode but I do'nt see that in 3.1.15.
Instead I see Users and Groups and under that Slave Status and LDAP Info. I would think I could configure what I need there, but its acting as if its the master. I tried removing the usersAndGroups module and installing it as a slave according to http://trac.ebox-platform.com/wiki/Document/HowTo/EBoxMasterSlaveSetup?version=9 but that didn't work either.

Any help would be greatly appreciated!! I'm trying to convince my boss we need a beefy server for ebox, but he's hesitant! Let's change his mind cuz ebox could be so awesome for us.

J. A. Calvo

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1986
  • Karma: +67/-3
    • View Profile
    • http://blogs.zentyal.org/jacalvo
Re: 1.3.15 ActiveDirectorySync Wiki out of date, how can I configure?
« Reply #1 on: January 18, 2010, 07:45:44 pm »
Hi,

During the eBox installation, did you select the "standalone" option? There is a "advanced" option that it says is for master/slave configurations or Windows AD Sync.

You can try to execute in the console "/usr/share/ebox/ebox-unconfigure-module users" and you should be able to see the "Mode" menu again.
Zentyal Server Lead Developer

danscrima

  • Zen Apprentice
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
Re: 1.3.15 ActiveDirectorySync Wiki out of date, how can I configure?
« Reply #2 on: January 18, 2010, 07:49:37 pm »
Hi,

During the eBox installation, did you select the "standalone" option? There is a "advanced" option that it says is for master/slave configurations or Windows AD Sync.

You can try to execute in the console "/usr/share/ebox/ebox-unconfigure-module users" and you should be able to see the "Mode" menu again.

I did see that option, but I selected the master/slave because my intention was to make this sync with my current Windows AD. When I selected that option, thought, the installer said that it had no current advanced installer function and that I should check http://trac.ebox-platform.com/wiki/Document/AdvancedSetup_1.3 which pointed me to those 2 wiki pages above. It then just continued to the next step and I wasn't able to set anything for the advanced option...

danscrima

  • Zen Apprentice
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
Re: 1.3.15 ActiveDirectorySync Wiki out of date, how can I configure?
« Reply #3 on: January 18, 2010, 07:52:02 pm »
Hi,

During the eBox installation, did you select the "standalone" option? There is a "advanced" option that it says is for master/slave configurations or Windows AD Sync.

You can try to execute in the console "/usr/share/ebox/ebox-unconfigure-module users" and you should be able to see the "Mode" menu again.

Oh that command did it! I hope the rest of the AD sync goes well but now I see the Mode option. Thanks so much!!

J. A. Calvo

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1986
  • Karma: +67/-3
    • View Profile
    • http://blogs.zentyal.org/jacalvo
Re: 1.3.15 ActiveDirectorySync Wiki out of date, how can I configure?
« Reply #4 on: January 18, 2010, 07:54:32 pm »
The AD Sync hasn't been tested so much. So any feedback you can give us about it is really welcome.
Zentyal Server Lead Developer

danscrima

  • Zen Apprentice
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
Re: 1.3.15 ActiveDirectorySync Wiki out of date, how can I configure?
« Reply #5 on: January 18, 2010, 08:17:44 pm »
The AD Sync hasn't been tested so much. So any feedback you can give us about it is really welcome.

Well, I might have messed things up myself when I did a manual install of the usersAndGroups when it wasn't working.. I removed the usersAndGroups from the interface under software management. Then I went to my shell and did apt-get update and apt-get autoremove... Probably not a goog idea since it removes a ton of stuff, but I figured doing apt-get install ebox-usersAndGroups would reinstall what it needed.

When I put my LDAP properties in and tried to activate the UsersAndGroups module, I got this:

Quote
A really nasty bug has occurred
Exception
Failed to enable: root command ldapadd -H 'ldapi://' -Y EXTERNAL -c -f /var/lib/ebox/tmp/slapd-master.ldif failed. Error output: ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) Command output: . Exit value: 255
Trace
Failed to enable: root command ldapadd -H 'ldapi://' -Y EXTERNAL -c -f /var/lib/ebox/tmp/slapd-master.ldif failed.
Error output: ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)

Command output: .
Exit value: 255 at /usr/share/perl5/EBox/CGI/ServiceModule/ConfigureModuleController.pm line 74

It looks like my ldap credentials couldn't bind but maybe a nicer message was supposed to display? My DN has dc=mycompany,dc=com

danscrima

  • Zen Apprentice
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
Re: 1.3.15 ActiveDirectorySync Wiki out of date, how can I configure?
« Reply #6 on: January 18, 2010, 08:32:16 pm »
Is it maybe something to do with the fact that UsersAndGroups were enabled and then disabled before I unconfigured users and set it for AD Sync? There still exists a file /var/lib/ebox/config/ebox-ldap.passwd? Just shootin in the dark at this point.

danscrima

  • Zen Apprentice
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
Re: 1.3.15 ActiveDirectorySync Wiki out of date, how can I configure?
« Reply #7 on: January 18, 2010, 09:14:19 pm »
Whoa ok I got past that step now! I kept getting random errors about ldap not being able to bind, so I ended up doing a dpkg-reconfigure slapd and overwriting the db and purging after complete. Then I did the ./ebox-unconfigure-module users again because I thought that might clean the slate. When I then tried to save the usersAndGroups module it went through and I can finally see the AD settings.

Now to try and sync users...