Ticket #3379 (closed defect: worksforme)
LDAP Binding master/slave not working
| Reported by: | vladislav.shaulskiy@… | Owned by: | cperez@… |
|---|---|---|---|
| Milestone: | 3.0.X | Component: | base |
| Severity: | major | Keywords: | ldap master slave |
| Cc: |
Description
I have LDAP to bind, but now I have an error when it come to syncing the master and slave + using samba. below is my output first from my slave log and the second is my master log SLAVE
2011/10/18 22:51:26 ERROR> Ldap.pm:699 EBox::Ldap::_errorOnLdap - $VAR1 = {
'base' => 'uid=test1,ou=Users,dc=master,dc=shaulskiy,dc=com', 'attrs' => [
'sambaAcctFlags'
],
'filter' => '(objectclass=*)', 'scope' => 'base'
};
2011/10/18 22:51:26 ERROR> Ldap.pm:701 EBox::Ldap::_errorOnLdap - Unknown error at EBox::SambaLdapUser::_getAccountFlags Referral received
Master
2011/10/18 22:48:47 DEBUG> SOAPClient.pm:108 EBox::SOAPClient::ANON - 500 configure certs failed: failed to load /var/lib/zentyal/conf/ssl/ssl.key: Illegal seek 2011/10/18 22:48:54 DEBUG> SOAPClient.pm:108 EBox::SOAPClient::ANON - 500 configure certs failed: failed to load /var/lib/zentyal/conf/ssl/ssl.key: Illegal seek 2011/10/18 22:50:02 DEBUG> SOAPClient.pm:108 EBox::SOAPClient::ANON - 500 configure certs failed: failed to load /var/lib/zentyal/conf/ssl/ssl.key: Illegal seek 2011/10/18 22:55:01 DEBUG> SOAPClient.pm:108 EBox::SOAPClient::ANON - 500 configure certs failed: failed to load /var/lib/zentyal/conf/ssl/ssl.key: Illegal seek
I can't seem to figure out what I am doing wrong....
Attachments
Change History
comment:1 Changed 19 months ago by cperez@…
- Status changed from new to closed
- Resolution set to fixed
comment:2 Changed 19 months ago by vladislav.shaulskiy@…
I have upgraded to the latest users package.... actually I reinstalled my master and slave last night. I have also tried reinstalling just the
/usr/share/zentyal-users/reinstall
However I am still having the issue I described. What could I be doing wrong in my setup or what else can I look at ???
comment:3 Changed 19 months ago by cperez@…
- Status changed from closed to reopened
- Resolution fixed deleted
Hi vladislav,
This is strange, it should be fixed with last core release. Can you show the result of the following commands on master and slave?
dpkg -l | grep zentyal
Also, have you check that the master can access the slave, is there any pending action on the master?
Best regards
comment:4 Changed 19 months ago by jacalvo@…
- Owner changed from jacalvo@… to cperez@…
- Status changed from reopened to new
- Milestone set to 2.2.X
comment:5 Changed 19 months ago by jacalvo@…
- Status changed from new to closed
- Resolution set to worksforme
Please reopen if you can provide the requested information or any other information which can be useful to reproduce this. Thanks.
comment:6 Changed 17 months ago by rafael@…
Hello,
Can I provide some information about this ticket?
Greetings,
ASRIX
comment:7 Changed 17 months ago by rafael@…
- Keywords ldap master slave added
- Status changed from closed to reopened
- Resolution worksforme deleted
Buenas tardes,
Tenemos un problema de sincronización en el esquema master/slave. Ambos servidores están actualizados con los últimos paquetes disponibles, y fueron instalados de 0 con la versión 2.2.
En el master, el primer error aparece al configurarlo como maestro: 2012/01/05 17:31:27 INFO> ServiceManager?.pm:631 EBox::ServiceManager::_getMD5 - File /etc/ldap.conf does not exist. So we won't compute its digest 2012/01/05 17:31:27 INFO> ServiceManager?.pm:631 EBox::ServiceManager::_getMD5 - File /etc/ldap.secret does not exist. So we won't compute its digest 2012/01/05 17:31:29 ERROR> Ldap.pm:699 EBox::Ldap::_errorOnLdap - $VAR1 = 'cn=master,dc=huilen-master-server'; 2012/01/05 17:31:29 ERROR> Ldap.pm:701 EBox::Ldap::_errorOnLdap - Unknown error at EBox::UsersAndGroups::ANON No such object 2012/01/05 17:31:32 ERROR> Ldap.pm:1103 EBox::Ldap::safeConnect - Couldn't connect to LDAP server ldapi://%2fvar%2frun%2fslapd%2fldapi, retrying
Luego de eso, creamos un usuario "test" y un grupo "prueba" sin problemas. Un comentario aparte, el el log dice cd=master, mientras que la gui muestra cn=EBox.
Luego sincronizamos el esclavo, que tiró los errores siguientes: 2012/01/05 18:00:27 INFO> ServiceManager?.pm:631 EBox::ServiceManager::_getMD5 - File /etc/ldap.conf does not exist. So we won't compute its digest 2012/01/05 18:00:28 INFO> ServiceManager?.pm:631 EBox::ServiceManager::_getMD5 - File /etc/ldap.secret does not exist. So we won't compute its digest 2012/01/05 18:00:28 INFO> ServiceManager?.pm:631 EBox::ServiceManager::_getMD5 - File /etc/ldap.conf does not exist. So we won't compute its digest 2012/01/05 18:00:28 INFO> ServiceManager?.pm:631 EBox::ServiceManager::_getMD5 - File /etc/ldap.secret does not exist. So we won't compute its digest 2012/01/05 18:00:29 ERROR> Ldap.pm:699 EBox::Ldap::_errorOnLdap - $VAR1 = 'ou=Users,dc=huilen-master-server'; 2012/01/05 18:00:29 ERROR> Ldap.pm:701 EBox::Ldap::_errorOnLdap - Unknown error at EBox::UsersAndGroups::ANON Referral received 2012/01/05 18:00:29 ERROR> Ldap.pm:699 EBox::Ldap::_errorOnLdap - $VAR1 = 'uid=test,ou=Users,dc=huilen-master-server'; 2012/01/05 18:00:29 ERROR> Ldap.pm:701 EBox::Ldap::_errorOnLdap - Unknown error at EBox::UsersAndGroups::ANON Referral received 2012/01/05 18:00:29 ERROR> Ldap.pm:699 EBox::Ldap::_errorOnLdap - $VAR1 = 'ou=Groups,dc=huilen-master-server'; 2012/01/05 18:00:29 ERROR> Ldap.pm:701 EBox::Ldap::_errorOnLdap - Unknown error at EBox::UsersAndGroups::ANON Referral received 2012/01/05 18:00:29 ERROR> Ldap.pm:699 EBox::Ldap::_errorOnLdap - $VAR1 = 'cn=USERS,ou=Groups,dc=huilen-master-server'; 2012/01/05 18:00:29 ERROR> Ldap.pm:701 EBox::Ldap::_errorOnLdap - Unknown error at EBox::UsersAndGroups::ANON Referral received 2012/01/05 18:00:29 ERROR> Ldap.pm:699 EBox::Ldap::_errorOnLdap - $VAR1 = 'cn=prueba,ou=Groups,dc=huilen-master-server'; 2012/01/05 18:00:29 ERROR> Ldap.pm:701 EBox::Ldap::_errorOnLdap - Unknown error at EBox::UsersAndGroups::ANON Referral received
Otro comentario: los usuarios aparecen en el esclavo pese a los errores, pero las contraseñas no se actualizan.
Por último, creamos el usuario "test2" en el maestro. Esa operación arrojó el error: 2012/01/05 18:03:03 DEBUG> SOAPClient.pm:108 EBox::SOAPClient::ANON - 500 configure certs failed: failed to load /var/lib/zentyal/conf/ssl/ssl.key: Illegal seek
Ese error se repite cada 5 minutos, es decir, al tratar de sincronizar.
A continuación, muestro el resultado de dpkg -l | grep zentyal en cada equipo: MASTER: ii duplicity 0.6.13-0ubuntu1+zentyal1 encrypted bandwidth-efficient backup ii language-pack-zentyal-es 2.2.1 Zentyal translations for language Spanish ii libhtml-mason-perl 1:1.44-1+zentyal1 HTML::Mason Perl module ii liblog-any-perl 0.11-1+zentyal1 Log anywhere ii libredis-perl 2:2.0.1-0ubuntu1+zentyal1 persistent key-value database with network interface (P ii zentyal 2.2 Zentyal - Core metapackage ii zentyal-ca 2.2.2 Zentyal - Certification Authority ii zentyal-common 2.2.2 Zentyal - Common Library ii zentyal-core 2.2.4 Zentyal - Core ii zentyal-ebackup 2.2.2 Zentyal - Backup ii zentyal-firewall 2.2 Zentyal - Firewall ii zentyal-monitor 2.2.1 Zentyal - Monitor ii zentyal-network 2.2.3 Zentyal - Network Configuration ii zentyal-objects 2.2 Zentyal - Network Objects ii zentyal-services 2.2 Zentyal - Network Services ii zentyal-software 2.2.2 Zentyal - Software Management ii zentyal-usercorner 2.2 Zentyal - User Corner ii zentyal-users 2.2.5 Zentyal - Users and Groups ii zentyal-webserver 2.2.2 Zentyal - Web Server
SLAVE: ii duplicity 0.6.13-0ubuntu1+zentyal1 encrypted bandwidth-efficient backup ii language-pack-zentyal-es 2.2.1 Zentyal translations for language Spanish ii libhtml-mason-perl 1:1.44-1+zentyal1 HTML::Mason Perl module ii liblog-any-perl 0.11-1+zentyal1 Log anywhere ii libredis-perl 2:2.0.1-0ubuntu1+zentyal1 persistent key-value database with network i ii zentyal 2.2 Zentyal - Core metapackage ii zentyal-antivirus 2.2 Zentyal - Antivirus ii zentyal-ca 2.2.2 Zentyal - Certification Authority ii zentyal-common 2.2.2 Zentyal - Common Library ii zentyal-core 2.2.4 Zentyal - Core ii zentyal-ebackup 2.2.2 Zentyal - Backup ii zentyal-firewall 2.2 Zentyal - Firewall ii zentyal-monitor 2.2.1 Zentyal - Monitor ii zentyal-network 2.2.3 Zentyal - Network Configuration ii zentyal-objects 2.2 Zentyal - Network Objects ii zentyal-printers 2.2 Zentyal - Printer Sharing Service ii zentyal-samba 2.2 Zentyal - File Sharing Service ii zentyal-services 2.2 Zentyal - Network Services ii zentyal-software 2.2.2 Zentyal - Software Management ii zentyal-users 2.2.5 Zentyal - Users and Groups
Historia: Los dos servidores se instalaron de cero con el CD de instalación de Zentyal 2.2. En ambos casos, las operaciones de sincronización no arrojaban errores en la GUI, pero comenzaron a aparecer los problemas al hacer las modificaciones, y ver que fallaba la sincronización. También se reinstaló el módulo usrers en cada uno, pero el problema persiste. Y en el caso especial del master, aparecen las operaciones pendientes que existían antes de reinstalar el módulo users.
¿Qué es lo que estamos haciendo mal? La instalación se hizo de acuerdo con los documentos de Zentyal.
comment:8 Changed 17 months ago by cperez@…
- Status changed from reopened to closed
- Resolution set to worksforme
Hola,
El problema surge por no actualizar los paquetes antes de realizar la primera sincronización master-slave.
Asegúrese de actualizar todos los paquetes (en master y slave) antes de sincronizarlos.
Un saludo
comment:9 Changed 4 months ago by buy nandrolone
- Milestone changed from 2.2.X to 3.0.X
Lo admito, no he estado en esta página web en mucho tiempo ... sin embargo, fue otra alegría al ver que es un tema tan importante e ignorado por muchos, incluso los profesionales. Le doy las gracias para ayudar a hacer que la gente más consciente de los posibles problemas.
This problem was already fixed in latest core and users packages, please upgrade them in your slaves. Probably you will also need to reinstall users package, use:
/usr/share/zentyal-users/reinstall
Best regards