Error output: kadmin: kadm5_create_principal: ldap_add_ext_s: IMAP/cowboy.magsplace.oz@MAGSPLACE.OZ (DN=krb5PrincipalName=IMAP/cowboy.magsplace.oz@MAGSPLACE.OZ,ou=kerberos,dc=magsplace,dc=oz) Invalid DN syntax: invalid DN

[agauld@…]

/usr/share/zentyal-users/reinstall since sync was not working as this was the slave and not updating users and groups from master.

Error

root command set -e
kadmin -l add -r --max-ticket-life='1 day' --max-renewable-life='1 week' --attributes='' --expiration-time=never --pw-expiration-time=never --policy=default 'IMAP/cowboy.magsplace.oz'
kadmin -l ext -k '/etc/dovecot/dovecot.keytab' 'IMAP/cowboy.magsplace.oz'
chown root:dovecot '/etc/dovecot/dovecot.keytab'
chmod 440 '/etc/dovecot/dovecot.keytab' failed. 
Error output: kadmin: kadm5_create_principal: ldap_add_ext_s: IMAP/cowboy.magsplace.oz@MAGSPLACE.OZ (DN=krb5PrincipalName=IMAP/cowboy.magsplace.oz@MAGSPLACE.OZ,ou=kerberos,dc=magsplace,dc=oz) Invalid DN syntax: invalid DN
 kadmin: adding IMAP/cowboy.magsplace.oz: ldap_add_ext_s: IMAP/cowboy.magsplace.oz@MAGSPLACE.OZ (DN=krb5PrincipalName=IMAP/cowboy.magsplace.oz@MAGSPLACE.OZ,ou=kerberos,dc=magsplace,dc=oz) Invalid DN syntax: invalid DN

Command output: . 
Exit value: 1

Trace

root command set -e
kadmin -l add -r --max-ticket-life='1 day' --max-renewable-life='1 week' --attributes='' --expiration-time=never --pw-expiration-time=never --policy=default 'IMAP/cowboy.magsplace.oz'
kadmin -l ext -k '/etc/dovecot/dovecot.keytab' 'IMAP/cowboy.magsplace.oz'
chown root:dovecot '/etc/dovecot/dovecot.keytab'
chmod 440 '/etc/dovecot/dovecot.keytab' failed. 
Error output: kadmin: kadm5_create_principal: ldap_add_ext_s: IMAP/cowboy.magsplace.oz@MAGSPLACE.OZ (DN=krb5PrincipalName=IMAP/cowboy.magsplace.oz@MAGSPLACE.OZ,ou=kerberos,dc=magsplace,dc=oz) Invalid DN syntax: invalid DN
 kadmin: adding IMAP/cowboy.magsplace.oz: ldap_add_ext_s: IMAP/cowboy.magsplace.oz@MAGSPLACE.OZ (DN=krb5PrincipalName=IMAP/cowboy.magsplace.oz@MAGSPLACE.OZ,ou=kerberos,dc=magsplace,dc=oz) Invalid DN syntax: invalid DN

Command output: . 
Exit value: 1 at /usr/share/perl5/Error.pm line 182
	Error::throw('EBox::Exceptions::Sudo::Command', 'cmd', 'set -e\x{a}kadmin -l add -r --max-ticket-life=\'1 day\' --max-ren...', 'output', 'ARRAY(0xbb423f48)', 'error', 'ARRAY(0xb8e64b38)', 'exitValue', 1, ...) called at /usr/share/perl5/EBox/Sudo.pm line 215
	EBox::Sudo::_rootError('/usr/bin/sudo -p sudo: /var/lib/zentyal/tmp/G4Op2hDpLl.cmd 2>...', 'set -e\x{a}kadmin -l add -r --max-ticket-life=\'1 day\' --max-ren...', 256, 'ARRAY(0xbb423f48)', 'ARRAY(0xb8e64b38)') called at /usr/share/perl5/EBox/Sudo.pm line 184
	EBox::Sudo::_root(1, 'kadmin -l add -r --max-ticket-life=\'1 day\' --max-renewable-...', 'kadmin -l ext -k \'/etc/dovecot/dovecot.keytab\' \'IMAP/cowbo...', 'chown root:dovecot \'/etc/dovecot/dovecot.keytab\'', 'chmod 440 \'/etc/dovecot/dovecot.keytab\'') called at /usr/share/perl5/EBox/Sudo.pm line 137
	EBox::Sudo::root('kadmin -l add -r --max-ticket-life=\'1 day\' --max-renewable-...', 'kadmin -l ext -k \'/etc/dovecot/dovecot.keytab\' \'IMAP/cowbo...', 'chown root:dovecot \'/etc/dovecot/dovecot.keytab\'', 'chmod 440 \'/etc/dovecot/dovecot.keytab\'') called at /usr/share/perl5/EBox/KerberosModule.pm line 110
	EBox::KerberosModule::kerberosCreatePrincipals('EBox::Mail=HASH(0xba8da480)') called at /usr/share/perl5/EBox/Samba.pm line 315
	EBox::Samba::enableService('EBox::Samba=HASH(0xbb1d9a6c)', undef) called at /usr/share/perl5/EBox/ServiceManager.pm line 95
	EBox::ServiceManager::moduleStatus('EBox::ServiceManager=HASH(0xb9d8a280)') called at /usr/share/perl5/EBox/CGI/ServiceModule/StatusView.pm line 54
	EBox::CGI::ServiceModule::StatusView::_process('EBox::CGI::ServiceModule::StatusView=HASH(0xb9d725bc)') called at /usr/share/perl5/EBox/CGI/Base.pm line 274
	EBox::CGI::Base::run('EBox::CGI::ServiceModule::StatusView=HASH(0xb9d725bc)') called at /usr/share/perl5/EBox/CGI/Run.pm line 132
	EBox::CGI::Run::run('EBox::CGI::Run', 'ServiceModule/StatusView', 'EBox') called at /usr/share/zentyal/cgi/ebox.cgi line 34
	ModPerl::ROOT::ModPerl::Registry::usr_share_zentyal_cgi_ebox_2ecgi::handler('Apache2::RequestRec=SCALAR(0xb9d0f8fc)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
	eval {...} called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
	ModPerl::RegistryCooker::run('ModPerl::Registry=HASH(0xb9d0fa14)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 170
	ModPerl::RegistryCooker::default_handler('ModPerl::Registry=HASH(0xb9d0fa14)') called at /usr/lib/perl5/ModPerl/Registry.pm line 31
	ModPerl::Registry::handler('ModPerl::Registry', 'Apache2::RequestRec=SCALAR(0xb9d0f8fc)') called at -e line 0
	eval {...} called at -e line 0

[anonymous]

zentyal.log

[anonymous]

software.log

[jamor@…]

Hello Agauld,

I think the problem is the DN you have chosen. Could you try to setup with a DN without the '@' symbol?

[jacalvo@…]

We can't reproduce this, please reopen if you can give us more details about your scenario and which steps we need to follow to reproduce this.