Unable to Sync Slave to Master LDAP

[aldrin@…]

The goal is to sync the slave to the master ldap server.

We've just set up a clean installation of LDAP slave server by following the steps here:  http://trac.zentyal.org/wiki/Documentation/Community/HowTo/EBoxMasterSlaveSetup

But it said that it couldn't bind to the master LDAP server. I then found out that the users and groups module is stopped.

How do I resolve this problem?

[aldrin@…]

ebox log after seeing the error message

[aldrin@…]

This problem only happens when we import the configuration file from our zentyal production server. This doesn't happen on our test servers. I've attached the exported configuration files from our production server.

[aldrin@…]

exported config file of our production zentyal server. This is imported to a test master ldap zentyal server but a test zentyal ldap slave server can't sync on it.

[cperez@…]

Hi Aldrin,

From your logs:

ConfigureModuleController.pm:74 EBox::CGI::ServiceModule::ConfigureModuleController::__ANON__ - Failed to enable: Couldn't bind to LDAP server, result code: 49

That error code (49) means that you entered a wrong password (in slave configuration). Please check you copied your password well, just paste it in some visible pace before pasting it in slave GUI.

[aldrin@…]

I retried typing the password. I'm certain I've typed it correctly. Replication still failed.

Please try to replicate my issue by using the new attachments. I've attached new attachments (ebox.log, LDAPMTZ backup.tar).

I believe in Zentyal's contribution for Linux users, newbies & advanced. I believe this ticket can help a lot of people that are also experiencing this problem.

I've using Core version 2.0.22. I've updated my minimal install of Ubuntu server 10.04 with the latest Ubuntu & Zentyal updates as of this writing.

[aldrin@…]

latest ebox.log

[aldrin@…]

latest imported configuraton file of our test master ldap server

[aldrin@…]

To avoid confusion, the filenames of the new attachments are ebox3.log and LDAPMTZ backup.tar.

[cperez@…]

This time you entered the correct password, but replication failed.

What modules have you installed in the master server? Remember that you cannot use modules depending on users on master.

[aldrin@…]

Thank you Perez for promptly responding!

I didn't install any other modules on the Zentyal master LDAP server other than the following, which are dependent to each other upon installation:

sysinfo network firewall apache events global logs objects services software usercorner users

This info can be found from the LDAPMTZ backup.tar -> modules file.

Please try to import the LDAPMTZ backup.tar to your test Zentyal server so you can reproduce this problem. Reproducing the problem helps to pinpoint the root cause, and consequently, the solution to this problem.

[cperez@…]

Hi,

I've checked your backup and it contains samba attributes. You have installed ebox-samba so you cannot use it as master.

You will need to reinstall master server without any "users-dependent" module.

Best regards

[aldrin@…]

We have a standalone production Zentyal LDAP server (LDAPZ) that has user-dependent modules installed.

I set up a test master LDAP Zentyal server (LDAPMTZ) that has no user-dependent modules installed.

My problem is how to properly migrate the users & groups from LDAPZ to LDAPMTZ.

I was able to do this but it looks like it's improperly migrated because the test slave LDAP Zentyal server (LDAPSTZ) couldn't sync to LDAPMTZ.

These are the steps on how I migrated the users & groups from LDAPZ to LDAPMTZ.

1. Exported the config files of both LDAPZ & LDAPMTZ.
2. Deleted users.bak folder in the exported config tar file of LDAPMTZ.
3. Copied users.bak folder from the exported config tar file of LDAPZ to that of LDAPMTZ.
4. Disabled MD5 checking of Backup.pm of LDAPMTZ.
5. Imported the edited config tar file of LDAPMTZ to itself (LDAPMTZ).

The edited config tar file of LDAPMTZ is the attached LDAPMTZ backup.tar.

Please let me know how to properly migrate users from an LDAP server w/ user-dependent modules installed, to an LDAP server w/ no user-dependent modules installed.

I believe this needs to be solved since it's a real-world scenario.

Thank you & your team for making Ubuntu server much easier to learn & manage!

[jacalvo@…]

Hi Aldrin,

You should ask for help migrating your servers at  http://forum.zentyal.org, so all the community can participate and benefit from the possible solution. This trac is only for reporting bugs. Thanks.