Kolab + Samba and domain maintainers
Liutauras Adomaitis
liutauras.adomaitis at gmail.com
Tue Sep 22 11:53:43 CEST 2009
On Mon, Sep 21, 2009 at 4:55 PM, Thomas Arendsen Hein
<thomas at intevation.de> wrote:
> * Liutauras Adomaitis <liutauras.adomaitis at gmail.com> [20090921 15:10]:
>> On Mon, Sep 21, 2009 at 4:01 PM, Thomas Arendsen Hein
>> <thomas at intevation.de> wrote:
>> > * Liutauras Adomaitis <liutauras.adomaitis at gmail.com> [20090921 11:32]:
>> >> we have running Kolab 2.2.2 with Samba accounts integrated. Everything
>> >> runs ok, except that domain maintainers cannot create new users. Error
>> >> is "Object class violation" then adding sambaLMPassword attribute for
>> >> new user. I did some investigation and found out that then using
>> >> domain maintainer to login to Kolab admin it tries to add new ldap
>> >> user as cn=nobody,cn=internal,...
>> >
>> > This should not happen this way.
>> >
>> > I just verified again that in 2.2.2 the user is added by the domain
>> > maintainer's LDAP account, not cn=nobody.
>> >
>> > How did you verify that cn=nobody is used?
>>
>> I saw it in the ldap log.
>
> Can you copy&paste the log message?
>
> Regards,
> Thomas Arendsen Hein
>
Here is the ldap session log, then I try to create new user as domain
maintainer. I'am probably wrong about cn=nobody connecting used to
bind to server. I was misled by first BIND operation. But still the
problem exists.
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 fd=12 ACCEPT from
IP=127.0.0.1:45559 (IP=0.0.0.0:389)
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=0 BIND
dn="cn=nobody,cn=internal,o=MYDOMAIN" method=128
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=0 BIND
dn="cn=nobody,cn=internal,o=MYDOMAIN" mech=SIMPLE ssf=0
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=0 RESULT
tag=97 err=0 text=
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=1 BIND
anonymous mech=implicit ssf=0
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=1 BIND
dn="cn=Liutauras Adomaitis,cn=internal,o=MYDOMAIN" method=128
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=1 BIND
dn="cn=Liutauras Adomaitis,cn=internal,o=MYDOMAIN" mech=SIMPLE ssf=0
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=1 RESULT
tag=97 err=0 text=
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=2 SRCH
base="cn=domains,cn=internal,o=MYDOMAIN" scope=2 deref=0
filter="(member=cn=liutauras adomaitis,cn=internal,o=MYDOMAIN)"
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=2 SEARCH
RESULT tag=101 err=0 nentries=1 text=
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=3 SRCH
base="k=kolab,o=MYDOMAIN" scope=0 deref=0 filter="(objectClass=*)"
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=3 SEARCH
RESULT tag=101 err=0 nentries=1 text=
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=4 SRCH
base="cn=domains,cn=internal,o=MYDOMAIN" scope=2 deref=0
filter="(member=cn=liutauras adomaitis,cn=internal,o=MYDOMAIN.lt)"
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=4 SEARCH
RESULT tag=101 err=0 nentries=1 text=
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=5 SRCH
base="o=MYDOMAIN" scope=2 deref=0
filter="(|(|(mail=asd.dsa at mydomain.lt)(alias=asd.dsa at mydomain.lt))(uid=asd.dsa at mydomnain.lt))"
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=5 SRCH attr=dn
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=5 SEARCH
RESULT tag=101 err=0 nentries=0 text=
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=6 SRCH
base="o=MYDOMAIN" scope=2 deref=0
filter="(&(objectClass=kolabGroupOfNames)(cn=asd.dsa))"
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=6 SRCH attr=dn
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=6 SEARCH
RESULT tag=101 err=0 nentries=0 text=
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=7 SRCH
base="o=MYDOMAIN" scope=2 deref=0
filter="(|(|(mail=asd.dsa)(alias=asd.dsa))(uid=asd.dsa))"
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=7 SRCH attr=dn
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=7 SEARCH
RESULT tag=101 err=0 nentries=0 text=
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=8 SRCH
base="o=MYDOMAIN" scope=2 deref=0
filter="(&(objectClass=kolabGroupOfNames)(?=undefined))"
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=8 SRCH attr=dn
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=8 SEARCH
RESULT tag=101 err=0 nentries=0 text=
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=9 SRCH
base="o=MYDOMAIN" scope=2 deref=0 filter="(objectClass=sambaDomain)"
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=9 SRCH attr=sambaSid
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=9 SEARCH
RESULT tag=101 err=0 nentries=1 text=
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=10 SRCH
base="o=MYDOMAIN" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(gidNumber=513))"
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=10 SRCH attr=sambaSid
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=10 SEARCH
RESULT tag=101 err=0 nentries=0 text=
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=11 ADD
dn="cn=ASD DSA,o=MYDOMAIN"
Sep 22 12:45:17 mail <debug> slapd[2820]: Entry (cn=ASD
DSA,o=MYDOMAIN), attribute 'sambaLMPassword' not allowed
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=11 RESULT
tag=105 err=65 text=attribute 'sambaLMPassword' not allowed
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=12 SRCH
base="o=MYDOMAIN" scope=2 deref=0
filter="(|(|(mail=asd.dsa at mydomain.lt)(alias=asd.dsa at mydomain.lt))(uid=asd.dsa at mydomain.lt))"
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=12 SRCH attr=dn
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=12 SEARCH
RESULT tag=101 err=0 nentries=0 text=
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=13 SRCH
base="o=MYDOMAIN" scope=2 deref=0
filter="(&(objectClass=kolabGroupOfNames)(cn=asd.dsa))"
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=13 SRCH attr=dn
Sep 22 12:45:17 mail <debug> slapd[2820]: conn=25156 op=13 SEARCH
RESULT tag=101 err=0 nentries=0 text=
Sep 22 12:45:18 mail <debug> slapd[2820]: conn=25156 op=14 UNBIND
Sep 22 12:45:18 mail <debug> slapd[2820]: conn=25156 fd=12 closed
More information about the users
mailing list