Kolab 3.4 Multi-Domain and ptloader

Brady, Mike mike.brady at devnull.net.nz
Tue Nov 24 21:09:31 CET 2015 

On 2015-11-25 05:09, Cornelius Hald wrote:
> Hi Mike,
> 
> unfortunately I've no solution for your actual problem. I just wanted
> to let you know that I'm running a multi-domain setup with Kolab 3.3
> and enabled ptloader.
> 
> With 3.3 there was an issue that ptloader could crash quite often, but
> AFAIK this has been resolved in 3.4. So yes, I think this combination s
> hould be possible.
> 
> Cheers,
> Conny
> 
> 
> On Sun, 2015-11-22 at 11:17 +1300, Brady, Mike wrote:
>> I have a Kolab 3.1/Centos 6 Multi-Domain system that I am in the
>> process
>> of migrating to a Kolab 3.4/Centos 7 system and am having some
>> problems
>> with ptloader.
>> 
>> On the 3.1 system ptloader just didn't work on a Multi-Domain system
>> and
>> as per the wiki and TBits Multi-Domain scripts I have been running
>> successfully for sometime with ptloader disabled.
>> 
>> I was under the impression that the issues with ptloader and
>> Multi-Domain had bee resolved back in 3.3, but doing some testing
>> with
>> 3.4 last week suggests otherwise.
>> 
>> The specific problem that I am seeing is that the ptloader LDAP
>> query,
>> as shown in the dirsrv access log, has a "corrupt" ldap_base.  For
>> instance I see "dc=example,dc=co,dc=n1" (that is a digit one on the
>> end)
>> instead of dc=example,dc=co,dc=nz in the query.  The query returns no
>> results and causes ptloader to crash which in turn means that the
>> user
>> login fails.  If I disable ptloader as per the 3.1 system everything
>> seems to work just fine.
>> 
>> In the log for Cyrus I see
>> 
>> Nov 20 10:01:55 kolab00 ptloader[13550]: starting: ptloader.c,v
>> git2.5+0
>> Nov 20 10:01:55 kolab00 imaplocal[13513]: ptload(): empty response
>> from
>> ptloader server
>> Nov 20 10:01:55 kolab00 master[13492]: process type:SERVICE
>> name:ptloader path:/usr/lib/cyrus-imapd/ptloader age:0.015s pid:13550
>> signaled to death by signal 6 (Aborted)
>> Nov 20 10:01:55 kolab00 master[13492]: service ptloader/unix pid
>> 13550
>> in READY state: terminated abnormally
>> Nov 20 10:01:55 kolab00 imaplocal[13513]: ptload completely failed:
>> unable to canonify identifier: mbrady at example.co.nz
>> Nov 20 10:01:55 kolab00 imaplocal[13513]: SASL bad userid
>> authenticated
>> Nov 20 10:01:55 kolab00 imaplocal[13513]: badlogin: localhost [::1]
>> PLAIN [SASL(-13): authentication failure: bad userid authenticated]
>> 
>> In the dirsrv access log I see
>> 
>> [20/Nov/2015:10:01:55 +1300] conn=858 fd=71 slot=71 connection from
>> ::1
>> to ::1
>> [20/Nov/2015:10:01:55 +1300] conn=858 op=0 BIND
>> dn="uid=kolab-service,ou=Special Users,dc=example,dc=co,dc=nz"
>> method=128 version=3
>> [20/Nov/2015:10:01:55 +1300] conn=858 op=0 RESULT err=0 tag=97
>> nentries=0 etime=0 dn="uid=kolab-service,ou=special
>> users,dc=example,dc=co,dc=nz"
>> [20/Nov/2015:10:01:55 +1300] conn=858 op=1 SRCH
>> base="ou=People,dc=example,dc=co,dc=nz" scope=2
>> filter="(&(objectClass=inetorgperson)(|(uid=mbrady)(
>> mail=mbrady at example.co.nz)(alias=mbrady at example.co.nz)))"
>> attrs="displayName mail alias nsRoleDN uid"
>> [20/Nov/2015:10:01:55 +1300] conn=858 op=1 RESULT err=0 tag=101
>> nentries=1 etime=0 notes=U
>> [20/Nov/2015:10:01:55 +1300] conn=859 fd=72 slot=72 connection from
>> ::1
>> to ::1
>> [20/Nov/2015:10:01:55 +1300] conn=859 op=0 BIND
>> dn="uid=kolab-service,ou=Special Users,dc=example,dc=co,dc=nz"
>> method=128 version=3
>> [20/Nov/2015:10:01:55 +1300] conn=859 op=0 RESULT err=0 tag=97
>> nentries=0 etime=0 dn="uid=kolab-service,ou=special
>> users,dc=example,dc=co,dc=nz"
>> [20/Nov/2015:10:01:55 +1300] conn=859 op=1 SRCH
>> base="cn=kolab,cn=config" scope=2
>> filter="(&(objectClass=domainrelatedobject)(associatedDomain=example.
>> co.nz))"
>> attrs="associatedDomain inetDomainBaseDN"
>> [20/Nov/2015:10:01:55 +1300] conn=859 op=1 RESULT err=0 tag=101
>> nentries=1 etime=0
>> [20/Nov/2015:10:01:55 +1300] conn=859 op=2 SRCH
>> base="dc=example,dc=co,dc=n1" scope=2
>> filter="(|(&(|(uid=cyrus-admin)(uid=cyrus
>> -murderzzzz))(uid=mbrady))(&(|(uid=mbrady)(mail=mbrady at example.co.nz)
>> (mail=mbrady@))(objectClass=kolabinetorgperson)))"
>> attrs="1.1"
>> [20/Nov/2015:10:01:55 +1300] conn=859 op=2 RESULT err=32 tag=101
>> nentries=0 etime=0
>> [20/Nov/2015:10:01:55 +1300] conn=859 op=-1 fd=72 closed - B1
>> [20/Nov/2015:10:01:58 +1300] conn=858 op=2 UNBIND
>> [20/Nov/2015:10:01:58 +1300] conn=858 op=2 fd=71 closed - U1
>> 
>> Note the dc=n1 in the second query. I ran a separate configuration
>> file
>> ptloader and put the uid=cyrus-murderzzzz to make sure that I was
>> looking at the correct query.
>> 
>> At first I thought that it must be a configuration mistake on my part
>> (wouldn't be the first time), but if it is I can't find it and it is
>> only ptloader.  All the other queries look as they should.
>> 
>> The current Multi-Domain wiki page (
>> https://docs.kolab.org/howtos/multi-domain.html) suggests to me that
>> Multi-Domain should work with ptloader enabled, but the Kolab 3.4
>> TBits
>> Multi-Domain scripts still disable it.
>> 
>> So to the point of this email.
>> 1) Is ptloader supposed to work in a Multi-Domain set up with the
>> Kolab
>> 3.4 packages?
>> 2) If not, are there newer packages available somewhere that I can
>> try?
>> 
>> Thanks
>> 
>> Mike
>> _______________________________________________
>> users mailing list
>> users at lists.kolab.org
>> https://lists.kolab.org/mailman/listinfo/users
> _______________________________________________
> users mailing list
> users at lists.kolab.org
> https://lists.kolab.org/mailman/listinfo/users

Hi Conny

Thanks for that. I have a test system that works.  It is the production 
system (or what will be the production system) that doesn't work.  
Typical.

I will go back over my configuration again.  There have been issues in 
this area with ptloader which have been fixed upstream, but I do not 
know exactly what release, relative to upstream,  is included in Kolab 
3.4.

Thanks

Mike

More information about the users mailing list