Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - cheleb

Pages: [1]
1
Installation and Upgrades / Mail troubles
« on: February 25, 2010, 10:49:39 pm »
Hey everyone,

i have some troubles with our mail server not delivering messages over the past few days.
After searching for the cause in the logs, I found out that the messages were received and processed by ebox, but were delivered locally and did not reach the user inboxes. While searching the forums for a similar issue, I came upon this ticket in the bugtracker.

Surely enough, the proposed workaround there fixed my problem and I am able to receive messages again, but there are still a lot of messages hanging around in /var/mail/[username] and /var/spool/mail [username].

Is there any way to properly deliver those to the user inboxes?

2
Installation and Upgrades / Services starting in wrong order
« on: February 08, 2010, 01:18:30 am »
Hi everybody,

I just did the final upgrade on one of our servers from 1.3 to 1.4.

There is a little problem with the ebox services starting order. If i restart one of our ebox ldap slaves via machine reboot, or by issuing

Code: [Select]
sudo /etc/init.d/ebox restart
, it seems the users module always starts AFTER samba, mail and mailfilter. Thus, mail, mailfilter and samba fail to start without a proper ldap connection.

Code: [Select]
sudo /etc/init.d/ebox restart
 * Stopping eBox module: network                                                                                                                                                                                                      [ OK ]
 * Stopping eBox module: firewall                                                                                                                                                                                                     [ OK ]
 * Stopping eBox module: antivirus                                                                                                                                                                                                    [ OK ]
 * Stopping eBox module: ebackup                                                                                                                                                                                                      [ OK ]
 * Stopping eBox module: events                                                                                                                                                                                                       [ OK ]
 * Stopping eBox module: logs                                                                                                                                                                                                         [ OK ]
 * Stopping eBox module: mail                                                                                                                                                                                                         [ OK ]
 * Stopping eBox module: mailfilter                                                                                                                                                                                                   [ OK ]
 * Stopping eBox module: monitor                                                                                                                                                                                                      [ OK ]
 * Stopping eBox module: ntp                                                                                                                                                                                                          [ OK ]
 * Stopping eBox module: printers                                                                                                                                                                                                     [ OK ]
 * Stopping eBox module: samba                                                                                                                                                                                                        [ OK ]
 * Stopping eBox module: software                                                                                                                                                                                                     [ OK ]
 * Stopping eBox module: usercorner                                                                                                                                                                                                   [ OK ]
 * Stopping eBox module: users                                                                                                                                                                                                        [ OK ]
 * Stopping eBox module: webmail                                                                                                                                                                                                      [ OK ]
 * Stopping eBox module: webserver                                                                                                                                                                                                    [ OK ]
 * Stopping eBox module: apache                                                                                                                                                                                                       [ OK ]
 * Starting eBox module: network                                         [ OK ]
 * Starting eBox module: firewall                                        [ OK ]
 * Starting eBox module: antivirus                                       [ OK ]
 * Starting eBox module: ebackup                                         [ OK ]
 * Starting eBox module: events                                          [ OK ]
 * Starting eBox module: logs                                            [ OK ]
 * Starting eBox module: mail                                            [fail]
 * Starting eBox module: mailfilter                                      [fail]
 * Starting eBox module: monitor                                         [ OK ]
 * Starting eBox module: ntp                                             [ OK ]
 * Starting eBox module: printers                                        [ OK ]
 * Starting eBox module: samba                                           [fail]
 * Starting eBox module: software                                        [ OK ]
 * Starting eBox module: usercorner                                      [ OK ]
 * Starting eBox module: users                                           [ OK ]
 * Starting eBox module: webmail                                         [ OK ]
 * Starting eBox module: webserver                                       [ OK ]
 * Starting eBox module: apache                                          [ OK ]

Starting those modules by hand afterwards works.

Any ideas?

3
Installation and Upgrades / [solved] 1.3 -> 1.4 upgrade woes
« on: February 02, 2010, 12:31:17 am »
Hi all,

I have some trouble updating our current systems from 1.3 to 1.4
There seems to be a missing attribute 'masterLDAPCACertificate' in the ldap tree.

I followed the steps provided at http://trac.ebox-platform.com/wiki/Document/Documentation/13To14Update to get the system up an running again, but without success.

Here's a quick rundown of what i got:
Code: [Select]
user@host:~$ dpkg -l | grep slapd
ii  slapd                                      2.4.21-0ubuntu2hardy1           OpenLDAP server (slapd)

user@host:~$ ps aux | grep slapd
openldap  4287  0.0  0.2  57292  5004 ?        Ssl  Feb01   0:00 /usr/sbin/slapd -h ldap://0.0.0.0 ldapi://%2fvar%2frun%2fslapd%2fldapi/????x-mod=0777 -g openldap -u openldap -F /etc/ldap/slapd.d/
1000     23135  0.0  0.0   3016   788 pts/0    S+   00:06   0:00 grep slapd

user@host:~$ sudo cat /etc/ldap/slapd.d/cn\=config/olcDatabase={0}config.ldif
dn: olcDatabase={0}config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcRootDN: cn=admin,cn=config
olcRootPW:: e2NyeXB0fURReUp3a05VV201NXc=
olcAccess: {0}to * by dn.exact=cn=localroot,cn=config manage by * break
olcAccess: {1}to * by dn="cn=ebox,dc=domain,dc=tld" write
structuralObjectClass: olcDatabaseConfig
entryUUID: 783e95a6-86a8-102e-9bac-17198d4c81a9
creatorsName: cn=config
createTimestamp: 20091226202453Z
entryCSN: 20091226203250.785866Z#000000#000#000000
modifiersName: cn=admin,cn=config
modifyTimestamp: 20091226203250Z

user@host:~$ sudo cat /etc/ldap/slapd.d/cn\=config/olcDatabase\=\{-1\}frontend.ldif
dn: olcDatabase={-1}frontend
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}frontend
olcSizeLimit: 500
olcAccess: {0}to * by dn.exact=cn=localroot,cn=config manage by * break
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to dn.base="cn=subschema" by * read
structuralObjectClass: olcDatabaseConfig
entryUUID: 783e8bce-86a8-102e-9bab-17198d4c81a9
creatorsName: cn=config
createTimestamp: 20091226202453Z
entryCSN: 20091226202453.368254Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20091226202453Z

Should be ok so far. Now, when i try to restart usersandgroups:
Code: [Select]
user@host:~$ sudo /etc/init.d/ebox users restart
 * Restarting eBox module: users                                                                                                                                                                                                      [fail]
Can't create ldapi connection

This is where my results differ from the troubleshooting guide.
ebox.log says (sensible data blanked):
Code: [Select]
2010/02/01 20:49:26 INFO> Service.pm:625 EBox::Module::Service::restartService - Restarting service for module: users
2010/02/01 20:49:27 ERROR> Ldap.pm:710 EBox::Ldap::_errorOnLdap - $VAR1 = 'cn=master,dc=domain,dc=tld';
2010/02/01 20:49:27 ERROR> Ldap.pm:712 EBox::Ldap::_errorOnLdap - Unknown error at EBox::UsersAndGroups::__ANON__ No such object
2010/02/01 20:49:27 ERROR> Ldap.pm:710 EBox::Ldap::_errorOnLdap - $VAR1 = {
          'attr' => [
                      'objectClass',
                      'masterHost',
                      'masterCertificate',
                      '-----BEGIN CERTIFICATE-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END CERTIFICATE-----
',
                      'masterCACertificate',
                      '-----BEGIN CERTIFICATE-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END CERTIFICATE-----
',
                      'masterLDAPCACertificate',
                      '-----BEGIN CERTIFICATE-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END CERTIFICATE-----
'
                    ]
        };
2010/02/01 20:49:27 ERROR> Ldap.pm:712 EBox::Ldap::_errorOnLdap - Unknown error at EBox::UsersAndGroups::_loadCertificates masterLDAPCACertificate: attribute type undefined
2010/02/01 20:49:27 ERROR> Service.pm:630 EBox::Module::Service::__ANON__ - Error restarting service: Unknown error at EBox::UsersAndGroups::_loadCertificates masterLDAPCACertificate: attribute type undefined

Of course, there's also an error when trying to access the users, groups, ldap info and slave status pages in the browser:
Code: [Select]
A really nasty bug has occurred
Exception
Can't create ldapi connection
Trace
Can't create ldapi connection at /usr/share/perl5/EBox/Ldap.pm line 175
EBox::Ldap::anonymousLdapCon('EBox::Ldap=HASH(0x96756c8)') called at /usr/share/perl5/EBox/Ldap.pm line 243
EBox::Ldap::dn('EBox::Ldap=HASH(0x96756c8)') called at /usr/share/perl5/EBox/UsersAndGroups.pm line 338
EBox::UsersAndGroups::groupsDn('EBox::UsersAndGroups=HASH(0x9675554)') called at /usr/share/perl5/EBox/UsersAndGroups.pm line 1663
EBox::UsersAndGroups::groups('EBox::UsersAndGroups=HASH(0x9675554)') called at /usr/share/perl5/EBox/CGI/UsersAndGroups/Users.pm line 48
EBox::CGI::UsersAndGroups::Users::_process('EBox::CGI::UsersAndGroups::Users=HASH(0x96419c0)') called at /usr/share/perl5/EBox/CGI/Base.pm line 262
EBox::CGI::Base::run('EBox::CGI::UsersAndGroups::Users=HASH(0x96419c0)') called at /usr/share/perl5/EBox/CGI/Run.pm line 120
EBox::CGI::Run::run('EBox::CGI::Run', 'UsersAndGroups/Users', 'EBox') called at /usr/share/ebox/cgi/ebox.cgi line 19
ModPerl::ROOT::ModPerl::Registry::usr_share_ebox_cgi_ebox_2ecgi::handler('Apache2::RequestRec=SCALAR(0x8f7fffc)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
eval {...} called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
ModPerl::RegistryCooker::run('ModPerl::Registry=HASH(0x8f80098)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 170
ModPerl::RegistryCooker::default_handler('ModPerl::Registry=HASH(0x8f80098)') called at /usr/lib/perl5/ModPerl/Registry.pm line 31
ModPerl::Registry::handler('ModPerl::Registry', 'Apache2::RequestRec=SCALAR(0x8f7fffc)') called at -e line 0
eval {...} called at -e line 0

Can anyone please give me some hints on what to do next?

4
Installation and Upgrades / Unable to activate ebox-mailfilter 1.3.12
« on: December 27, 2009, 03:24:47 pm »
Hello everyone,

on my shiny new email machine, I am unable to activate the mailfilter module.
The machine is an up to date 1.3 installation. Mailfilter version is:

Code: [Select]
$ apt-cache policy ebox-mailfilter
ebox-mailfilter:
  Installed: 1.3.12-0ubuntu1~ppa1~hardy1
  Candidate: 1.3.12-0ubuntu1~ppa1~hardy1
  Version table:
 *** 1.3.12-0ubuntu1~ppa1~hardy1 0
        500 http://ppa.launchpad.net hardy/main Packages
        100 /var/lib/dpkg/status

Unconfiguring and reactivating the module always leads to the same error.
Here's a little rundown. First, I unconfigure the module with:

Code: [Select]
sudo /usr/share/ebox/ebox-unconfigure-module mailfilter
Then, after activating and accepting the changes, i get (passwords blanked):

Code: [Select]
2009/12/27 15:09:28 ERROR> Ldap.pm:681 EBox::Ldap::_errorOnLdap - $VAR1 = {
          'attr' => [
                      'cn',
                      'Spam sapm',
                      'uid',
                      'spam',
                      'sn',
                      'sapm',
                      'uidNumber',
                      1901,
                      'gidNumber',
                      '1901',
                      'homeDirectory',
                      '/nonexistent',
                      'userPassword',
                      '{SHA}xxxxxxxxxxxxxxxxxxxxxxxxxxxx',
                      'objectclass',
                      [
                        'inetOrgPerson',
                        'posixAccount',
                        'passwordHolder'
                      ],
                      'eboxSha1Password',
                      '{SHA}xxxxxxxxxxxxxxxxxxxxxxxxxxxx',
                      'eboxMd5Password',
                      '{MD5}xxxxxxxxxxxxxxxxxxxxxxxx',
                      'eboxLmPassword',
                      'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
                      'eboxNtPassword',
                      'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
                      'eboxDigestPassword',
                      '{MD5}xxxxxxxxxxxxxxxxxxxxxxxx',
                      'eboxRealmPassword',
                      '{MD5}xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
                    ]
        };
2009/12/27 15:09:28 ERROR> Ldap.pm:683 EBox::Ldap::_errorOnLdap - Unknown error at EBox::UsersAndGroups::addUser Referral received

And finally, after saving the changes:

Code: [Select]
2009/12/27 15:03:07 INFO> Global.pm:435 EBox::Global::saveAllModules - Saving config and restarting services: firewall mailfilter logs
2009/12/27 15:03:07 INFO> Base.pm:150 EBox::Module::Base::save - Restarting service for module: firewall
2009/12/27 15:03:08 INFO> Base.pm:777 EBox::Module::Base::_hook - Running hook: /etc/ebox/hooks/firewall.postservice 1
2009/12/27 15:03:09 INFO> Base.pm:150 EBox::Module::Base::save - Restarting service for module: mailfilter
2009/12/27 15:03:12 ERROR> Ldap.pm:681 EBox::Ldap::_errorOnLdap - $VAR1 = {
          'changes' => [
                         'replace',
                         [
                           'amavisBypassVirusChecks',
                           'FALSE'
                         ]
                       ]
        };
2009/12/27 15:03:12 ERROR> Ldap.pm:683 EBox::Ldap::_errorOnLdap - Unknown error at EBox::Ldap::modifyAttribute attribute 'amavisBypassVirusChecks' not allowed
2009/12/27 15:03:12 INFO> Base.pm:150 EBox::Module::Base::save - Restarting service for module: logs
2009/12/27 15:03:13 ERROR> Global.pm:489 EBox::Global::saveAllModules - The following modules failed while saving their changes, their state is unknown: mailfilter

Any help would be greatly appreciated!

5
Installation and Upgrades / eBox 1.3 - Samba PDC
« on: November 17, 2009, 09:18:46 pm »
Hi everyone,

i am currently evaluating eBox 1.3 beta to see if it fits our company needs. The new central LDAP feature is exactly what i was looking for as a replacement  for our current setup.

I use Virtualbox to test the new topology - currently with 3 machine instances:

gateway:
classic ebox gateway setup + ebox-dns, but with 1.3 packages to make it possible to include mail/jabber connected to the central ldap on this machine in the future.

ldap:
ebox-usersandgroups only

server:
samba pdc, ldap slave

Ideally, i would like to merge samba and ldap into one machine, but according to the tutorial that is not possible at the moment. So i stick with this setup for testing purposes.

I followed the tutorial to the point and with the exception of a missing "disabled" directory in /etc/apparmor.d/ on the samba server, everything went smooth.
Currently, everything looks good. LDAP slaves are synced correctly - Users and Groups appear in the respective configuation panels on the samba server. I am, however, unable to join any version of Windows to the domain.
I tried both, WinXP Sp3 and Windows 7 RTM+registry fixes. Every time i try to join the domain, i get an error message saying "Unknown user or wrong password". The user i am trying to join with has administration rights and the password is correct (i am able to log into the usercorner on the ldap server, but not on the samba server).

While Windows tries to join, i get the following error message in /var/log/syslog:

Code: [Select]
Nov 15 21:51:57 server slapd[10957]: conn=381 op=2 do_search: invalid dn (sambaDomainName=,sambaDomainName=SMBDOMAIN,dc=domain,dc=tld)
Note the double "sambaDomainName=" entry here. Could this be the problem?
Does anyone else have trouble joining Windows machines to the Samba Domain on 1.3?

Cheers,
Ralf

Pages: [1]