Author Topic: Zentyal Active Directory Synchronizer 2.0 available!  (Read 6792 times)

J. A. Calvo

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1986
  • Karma: +67/-3
    • View Profile
    • http://blogs.zentyal.org/jacalvo
Zentyal Active Directory Synchronizer 2.0 available!
« on: October 03, 2010, 01:31:42 pm »
Hi Zentyal users,

We are glad to announce the availability of the latest version of our
Active Directory synchronization package (the first with our brand new
name).

You can find all the information to download and configure it here:

http://trac.zentyal.org/wiki/Document/Documentation/EBoxActiveDirectorySync

As usual, your feedback will be really appreciated.
Zentyal Server Lead Developer

tuxmania

  • Zen Apprentice
  • *
  • Posts: 45
  • Karma: +1/-0
    • View Profile
Re: Zentyal Active Directory Synchronizer 2.0 available!
« Reply #1 on: October 04, 2010, 12:34:22 pm »
Great work!


Axis23

  • Zen Apprentice
  • *
  • Posts: 18
  • Karma: +0/-0
    • View Profile
Re: Zentyal Active Directory Synchronizer 2.0 available!
« Reply #2 on: October 06, 2010, 02:56:01 pm »
Hello, i'm new in this. I update all de modules in Zentyal 2.0 and there isn't any menu 'Mode' below menu 'Users'. Is there active this module now ?

J. A. Calvo

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1986
  • Karma: +67/-3
    • View Profile
    • http://blogs.zentyal.org/jacalvo
Re: Zentyal Active Directory Synchronizer 2.0 available!
« Reply #3 on: October 06, 2010, 07:20:59 pm »
As you can see in the guide:

"This guide also assumes that you have a fresh installation of Zentyal 2.0."

If you don't have a fresh installation, you can reset the usersandgroups module by executing:

/usr/share/ebox-usersandgroups/ebox-usersandgroups-reinstall

Note that you will lose all your LDAP data after that.
Zentyal Server Lead Developer

Axis23

  • Zen Apprentice
  • *
  • Posts: 18
  • Karma: +0/-0
    • View Profile
Re: Zentyal Active Directory Synchronizer 2.0 available!
« Reply #4 on: October 07, 2010, 04:15:52 pm »
Many thanks :)

Kamilion

  • Zen Monk
  • **
  • Posts: 82
  • Karma: +2/-0
  • NASA System Administrator
    • View Profile
Re: Zentyal Active Directory Synchronizer 2.0 available!
« Reply #5 on: October 07, 2010, 07:29:11 pm »
You can find all the information to download and configure it here:

http://trac.zentyal.org/wiki/Document/Documentation/EBoxActiveDirectorySync

As usual, your feedback will be really appreciated.

I note it says "Windows 2003" and "Windows 2008", but no specific mention of 2008R2.
Will it work? (or more to the point, how well has it been tested?)
"Never feel stupid for asking questions, feel stupid for ignoring answers."
"You're arrogant for thinking you can, ignorant for thinking you cannot."
"Asking questions is important,
because that's when intuition gets converted into inspiration."

tuxmania

  • Zen Apprentice
  • *
  • Posts: 45
  • Karma: +1/-0
    • View Profile
Re: Zentyal Active Directory Synchronizer 2.0 available!
« Reply #6 on: January 10, 2011, 09:40:19 am »
Hi there,

Just started tinkering with the Directory Synchronizer on a couple of test boxes and i may have stumbled upon a snag. It seems international characters in Windows group names creates troubles. I can see some stuff being synchronized until it hits a group or user with for eg. åäö in its name. The AD controller is installed with Swedish language.

Heres some output from the log file in /var/log/ebox/ebox.log:



2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new user 'Administratör'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:902 EBox::UsersAndGroups::addUser - Invalid value for user name: Administratör.
2011/01/10 09:40:04 WARN> ebox-ad-sync:109 main::__ANON__ - [ad-sync] Error adding user 'Administratör'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new user 'Gäst'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:902 EBox::UsersAndGroups::addUser - Invalid value for user name: Gäst.
2011/01/10 09:40:04 WARN> ebox-ad-sync:109 main::__ANON__ - [ad-sync] Error adding user 'Gäst'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Updating existing user 'danielh'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Updating existing user 'eboxadsync'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Updating existing user 'SUPPORT_388945a0'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Updating existing user 'krbtgt'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Domändatorer'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Domändatorer.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Domändatorer'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'Domändatorer' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Domängäster'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Domängäster.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Domängäster'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'Domängäster' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Skapare och ägare av grupprincip'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Skapare och ägare av grupprincip.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Skapare och ägare av grupprincip'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'Skapare och ägare av grupprincip' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Schemaadministratörer'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Schemaadministratörer.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Schemaadministratörer'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'Schemaadministratörer' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Användare av prestandaövervakning'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Användare av prestandaövervakning.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Användare av prestandaövervakning'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'Användare av prestandaövervakning' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Ansvariga för replikering'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Ansvariga för replikering.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Ansvariga för replikering'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'Ansvariga för replikering' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Hjälptjänster'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Hjälptjänster.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Hjälptjänster'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'Hjälptjänster' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Användare av prestandaloggar'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Användare av prestandaloggar.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Användare av prestandaloggar'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'Användare av prestandaloggar' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'DCOM-användare'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: DCOM-användare.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'DCOM-användare'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'DCOM-användare' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Användare'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Användare.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Användare'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'Användare' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Företagsadministratörer'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Företagsadministratörer.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Företagsadministratörer'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'Företagsadministratörer' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Gäster'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Gäster.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Gäster'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'Gäster' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Domänanvändare'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Domänanvändare.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Domänanvändare'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'Domänanvändare' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Användare av fjärrskrivbord'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Användare av fjärrskrivbord.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Användare av fjärrskrivbord'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'Användare av fjärrskrivbord' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Domänkontrollanter'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Domänkontrollanter.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Domänkontrollanter'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'Domänkontrollanter' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Ansvariga för nätverkskonfigurering'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Ansvariga för nätverkskonfigurering.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Ansvariga för nätverkskonfigurering'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'Ansvariga för nätverkskonfigurering' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Ansvariga för säkerhetskopiering'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Ansvariga för säkerhetskopiering.
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Ansvariga för säkerhetskopiering'.
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Skipping adding users to not existing group 'Ansvariga för säkerhetskopiering' (probably ignored).
2011/01/10 09:40:04 DEBUG> ebox-ad-sync:407 main::logIfDebug - [ad-sync] Adding new group 'Åtkomst till äldre operativsystem (före Windows 2000)'.
2011/01/10 09:40:04 DEBUG> UsersAndGroups.pm:1549 EBox::UsersAndGroups::addGroup - Invalid value for group name: Åtkomst till äldre operativsystem (före Windows 2000).
2011/01/10 09:40:04 WARN> ebox-ad-sync:157 main::__ANON__ - [ad-sync] Error adding group 'Åtkomst till äldre operativsystem (före Windows 2000)'.
2011/01/10 09:40:04 ERROR> Ldap.pm:701 EBox::Ldap::_errorOnLdap - $VAR1 = {
          'base' => 'ou=Groups,dc=ebox,dc=skola,dc=solleftea,dc=se',
          'filter' => '(cn=Åtkomst till äldre operativsystem (före Windows 2000))',
          'scope' => 'one'
        };
2011/01/10 09:40:04 ERROR> Ldap.pm:703 EBox::Ldap::_errorOnLdap - Unknown error at EBox::UsersAndGroups::groupExists Bad filter

J. A. Calvo

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1986
  • Karma: +67/-3
    • View Profile
    • http://blogs.zentyal.org/jacalvo
Re: Zentyal Active Directory Synchronizer 2.0 available!
« Reply #7 on: January 10, 2011, 11:30:42 am »
Hi,

If you upgrade to the last version of the ebox-usersandgroups package (2.0.10), you can add the name of the group that causes the problem to the /etc/ebox/ad-sync_ignore.groups file and it will be skipped.
Zentyal Server Lead Developer

tuxmania

  • Zen Apprentice
  • *
  • Posts: 45
  • Karma: +1/-0
    • View Profile
Re: Zentyal Active Directory Synchronizer 2.0 available!
« Reply #8 on: January 10, 2011, 01:00:22 pm »
Hi,

If you upgrade to the last version of the ebox-usersandgroups package (2.0.10), you can add the name of the group that causes the problem to the /etc/ebox/ad-sync_ignore.groups file and it will be skipped.

I guess i could do that but i would personally prefer to be able to choose what groups to sync instead of specifying all the ones that shouldnt be synced.

J. A. Calvo

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1986
  • Karma: +67/-3
    • View Profile
    • http://blogs.zentyal.org/jacalvo
Re: Zentyal Active Directory Synchronizer 2.0 available!
« Reply #9 on: January 12, 2011, 12:42:48 pm »
I note it says "Windows 2003" and "Windows 2008", but no specific mention of 2008R2.
Will it work? (or more to the point, how well has it been tested?)

The new 2.0.1 version has been successfully tested with 2008 R2 :)
Zentyal Server Lead Developer

Rexsol

  • Zen Apprentice
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: Zentyal Active Directory Synchronizer 2.0 available!
« Reply #10 on: January 13, 2011, 11:24:48 am »
We wish there was the possibility to choose which groups to sync instead of entering all those who should not be synchronized.