User's home folder not created when a user is added to the Master LDAP

[erickmelo]

Hi,

I'm trying to configure Zentyal Master/Slave servers.
-The first server that I added was a LDAP Server (user and groups module).

-The second server is a PDC and File Server (File sharing module). I have configured this server as slave of the first. When I add an user in the Master server the user is being replicated across the slave servers. The problem is that the home folder of the newer users aren't being created by Zentyal. I can autthenticate in the samba server with a LDAP user, but his home folder doesn't exist. Looking to the /home partition I can see that there is not a new folder to that user.

Is this a problem of configuration or a Zentyal bug?
I'm using the newest version (beta - 2.2rc), from the ubuntu repository.

[Jan Jacobs]

I think the "bug" is that AFAIK LDAP doesnt create home directory's, it only does authentication...
so what you need to do, probably, is have samba make the home dir's, or have your local server synchronice with LDAP

[erickmelo]

Hi Jan,

I know that LDAP just authenticate the user. But in my SLAVE sever I have the samba modulo installed... If I use Zentyal as Stand-alone server it creates the home folders when I create a new user. I think it should do the same when working as a SLAVE.

I thing it shoud have a cron job that check if there is another LDAP added user that don't have his home folder create and create it. My users are able to acess the Samba server and authenticated over LDAP. When the users access the file sharing they can see their "home folder", but when try to access get an error, because the folder doesn't exist (/home/username).

Is there some way to Zentyal take care of it or have I to create the home folder by-the-hand?

[Jan Jacobs]

i think you need to create it by hand, or do a search for a script that takes care of that..

Remember, Samba was never a Linux solution in its own right, Samba is a mere "fix" to combine linux and windows.
NIS was (and AFAIK still is) always the correct way to take care of such things..
But correct me if im wrong

[christian]

Jan,

I don't want to "correct" you and mean you could be wrong but:
- NIS stands for Network Information Service, not really linked with any file sharing service but more central backend reproducing what single Unix system does but in a central way to ease administration.
- it covers file sharing service focusing on NFS (Network File System) which may rely on NIS for access control.
- NIS is deprecated since... years and has been replaced by NIS+  which is now deprecated too as Sun (who initiated NIS and NIS+) decided some years ago to move to LDAP.
- As you notice, LDAP is yet another central backend (with some specific objectclasses to handle Posix account and RFC2307 related attributes) but doesn't provide any file sharing feature by itself.

As you state, Samba aims at replacing, "at no cost", Windows file sharing mechanism (i.e. CIFS file server) plus later windows domain like feature, building bridge between pure Windows and Unix worlds.
To complete a bit the picture, Samba can rely on LDAP backend for user authentication plus some other settings.

Does it clarify the matter? (if I'm not wrong  )

[erickmelo]

I didn't test the current version of Zentyal.. Does some one know if that "problem" was solved? Can I have a Samba as DNS slave server with home folders been created by Zentyal?

[exekias]

Home folder creation on slaves was already fixed for 2.2, so now it should work

Best regards

[erickmelo]

Sorry, but I still having the same problem...

I really don't know what's happening...

I will try to describe what I'm doing:

I have two servers.. The first is the Zentyal Master Server.. The second is my File Sharing Server (also Zentyal)...

- server1: LDAP Master
- server2: LDAP Slave + File Sharing

I add my user to the server1 (username: erick). My operation is been replicated to the slave (server2). I can see the new user using the Zentyal web interface on both servers...  The problem is when I take a look in the /home folder... The folder do the added user is being created on server1 (the master, that doesn't have File Sharing), but is not being created at the server2 (slave, but the File Sharing Server). So, the added user doesn't have any home folder on the File Sharing Server.

If I click in the edit button of an user (UsersAndGroups/User?username=erick) I get this error:

Unknown error at EBox::SambaLdapUser::_getAccountFlags Referral received at /usr/share/perl5/EBox/Ldap.pm line 701
EBox::Ldap::_errorOnLdap('Net::LDAP::Search=HASH(0x7f851d929810)', 'HASH(0x7f851d5c1b18)') called at /usr/share/perl5/EBox/Ldap.pm line 341
EBox::Ldap::search('EBox::Ldap=HASH(0x7f851717a0e0)', 'HASH(0x7f851d5c1b18)') called at /usr/share/perl5/EBox/SambaLdapUser.pm line 843
EBox::SambaLdapUser::_getAccountFlags('EBox::SambaLdapUser=HASH(0x7f851d5cf020)', 'erick') called at /usr/share/perl5/EBox/SambaLdapUser.pm line 853
EBox::SambaLdapUser::_userSharing('EBox::SambaLdapUser=HASH(0x7f851d5cf020)', 'erick') called at /usr/share/perl5/EBox/SambaLdapUser.pm line 431
EBox::SambaLdapUser::_userAddOns('EBox::SambaLdapUser=HASH(0x7f851d5cf020)', 'erick') called at /usr/share/perl5/EBox/UsersAndGroups.pm line 2458
EBox::UsersAndGroups::allUserAddOns('EBox::UsersAndGroups=HASH(0x7f851c498860)', 'erick') called at /usr/share/perl5/EBox/CGI/UsersAndGroups/User.pm line 51
EBox::CGI::UsersAndGroups::User::_process('EBox::CGI::UsersAndGroups::User=HASH(0x7f851d5514a8)') called at /usr/share/perl5/EBox/CGI/Base.pm line 275
EBox::CGI::Base::run('EBox::CGI::UsersAndGroups::User=HASH(0x7f851d5514a8)') called at /usr/share/perl5/EBox/CGI/Run.pm line 129
EBox::CGI::Run::run('EBox::CGI::Run', 'UsersAndGroups/User', 'EBox') called at /usr/share/zentyal/cgi/ebox.cgi line 34
ModPerl::ROOT::ModPerl::Registry::usr_share_zentyal_cgi_ebox_2ecgi::handler('Apache2::RequestRec=SCALAR(0x7f851d90dc70)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
eval {...} called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
ModPerl::RegistryCooker::run('ModPerl::Registry=HASH(0x7f851d90dbb0)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 170
ModPerl::RegistryCooker::default_handler('ModPerl::Registry=HASH(0x7f851d90dbb0)') called at /usr/lib/perl5/ModPerl/Registry.pm line 31
ModPerl::Registry::handler('ModPerl::Registry', 'Apache2::RequestRec=SCALAR(0x7f851d90dc70)') called at -e line 0
eval {...} called at -e line 0

[exekias]

Hi erickmelo,

That error happens when you have installed in the master some module that depends on users. Have you done that?

Also it would be interesting if you can provide the output of this command (in master side):

Code: [Select]

sudo slapcat -b cn=config | grep schema
And this one for both master and slave:

Code: [Select]

dpkg -l | grep zentyal
Thank you for your feedback, it's very useful and it really help us
Best regards

[scroob]

Hi! As I'm experiencing the same problem (user home dirs not created on the slaves; other things work fine) I do append myself to this thread, hoping anyone can tell, how to fix this issue.

Thanks in advance!

scroob

My Zentyal version: 2.2 installed from ISO

My output:

Code: [Select]

zentyal@ariel:/etc/phpldapadmin$ sudo slapcat -b cn=config | grep schema
[sudo] password for zentyal:
dn: cn=schema,cn=config
cn: schema
dn: cn={0}core,cn=schema,cn=config
dn: cn={1}cosine,cn=schema,cn=config
dn: cn={2}nis,cn=schema,cn=config
dn: cn={3}inetorgperson,cn=schema,cn=config
dn: cn={4}passwords,cn=schema,cn=config
dn: cn={5}master,cn=schema,cn=config
dn: cn={6}slaves,cn=schema,cn=config
dn: cn={7}quota,cn=schema,cn=config
olcAccess: {2}to dn.base="cn=subschema" by * read
zentyal@ariel:/etc/phpldapadmin$ dpkg -l | grep zentyal
ii  language-pack-zentyal-de             2.2.1                                    Zentyal translations for language German
ii  libhtml-mason-perl                   1:1.44-1+zentyal1                        HTML::Mason Perl module
ii  liblog-any-perl                      0.11-1+zentyal1                          Log anywhere
ii  libredis-perl                        2:2.0.1-0ubuntu1+zentyal1                persistent key-value database with network interface (P
ii  zentyal                              2.2                                      Zentyal - Core metapackage
ii  zentyal-ca                           2.2.1                                    Zentyal - Certification Authority
ii  zentyal-common                       2.2                                      Zentyal - Common Library
ii  zentyal-core                         2.2.2                                    Zentyal - Core
ii  zentyal-firewall                     2.2                                      Zentyal - Firewall
ii  zentyal-network                      2.2.1                                    Zentyal - Network Configuration
ii  zentyal-objects                      2.2                                      Zentyal - Network Objects
ii  zentyal-services                     2.2                                      Zentyal - Network Services
ii  zentyal-software                     2.2.2                                    Zentyal - Software Management
ii  zentyal-users                        2.2                                      Zentyal - Users and Groups
ii  zentyal-webserver                    2.2.1                                    Zentyal - Web Server


[plegendre]

Hello,
My version of Zentyal 2.2.2
I have the same problem.
In the master zentyal LDAP I just install module users-groups

And in the slave ldap just install module users-groups.
In first when I enable module users-groups in the slave all users groups are Ok.
But when I creat a new user on the master I don't have synchronization with the slave.
But if a see the list of users on the slave I see all users.

This is the zentyal.log master ldap:

2011/10/12 00:50:02 INFO> Service.pm:716 EBox::Module::Service::restartService - Restarting service for module: apache
2011/10/12 00:55:00 INFO> GlobalImpl.pm:539 EBox::GlobalImpl::saveAllModules - Saving config and restarting services: firewall logs
2011/10/12 00:55:00 INFO> Base.pm:228 EBox::Module::Base::save - Restarting service for module: firewall
2011/10/12 00:55:00 INFO> Base.pm:228 EBox::Module::Base::save - Restarting service for module: logs
2011/10/12 00:55:00 INFO> GlobalImpl.pm:653 EBox::GlobalImpl::saveAllModules - Changes saved successfully
2011/10/12 01:14:04 DEBUG> SOAPClient.pm:108 EBox::SOAPClient::__ANON__ - 500 Connect failed: connect: Connection timed out; Connection timed out
2011/10/12 01:14:04 DEBUG> UsersAndGroups.pm:909 EBox::UsersAndGroups::__ANON__ - Unable to perform operation addUser with parameter toto on slave mail

Have you any ideas ??

[jsalamero]

Master needs to connect to the Zentyal webui port of the slave to perform a SOAP call.

[erickmelo]

Which port is user for soap calls? What config file have I to check to change it?