Results 1 to 5 of 5

Thread: Creating posix accounts creates error

  1. #1
    timwiel is offline Active Member
    Join Date
    Mar 2007
    Posts
    39
    Rep Power
    8

    Default Creating posix accounts creates error

    ZIMBRA VERSION: 5.0.2_GA_1975.UBUNTU6.20080130235804
    UNAME: Linux maungatua 2.6.15-28-server #1 SMP Wed Jul 18 23:11:55 UTC 2007 i686 GNU/Linux
    OS: Ubuntu 6.06LTS

    I have installed Open Source Zimbra on an ubuntu server using the guide located at: UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI - Zimbra :: Wiki

    - I have successfully loaded the admin zimlets and created the samba configuration and upload reload of samba and zimbra the domain was loaded into the zimbra admin samba window.

    However trying to add a posix account using the following information creates an error:



    The error created results in the following in the /opt/zimbra/log/mailbox.log

    Code:
    Code:service.FAILURE
            at com.zimbra.common.service.ServiceException.FAILURE(ServiceException.java:183)
            at com.zimbra.ldaputils.CreateLDAPEntry.createSubcontext(CreateLDAPEntry.java:119)
            at com.zimbra.ldaputils.CreateLDAPEntry.createLDAPEntry(CreateLDAPEntry.java:85)
            at com.zimbra.ldaputils.CreateLDAPEntry.handle(CreateLDAPEntry.java:61)
            at com.zimbra.soap.SoapEngine.dispatchRequest(SoapEngine.java:342)
            at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.java:208)
            at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.java:113)
            at com.zimbra.soap.SoapServlet.doPost(SoapServlet.java:272)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
            at com.zimbra.cs.servlet.ZimbraServlet.service(ZimbraServlet.java:174)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
            at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487)
            at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1093)
            at org.mortbay.servlet.UserAgentFilter.doFilter(UserAgentFilter.java:81)
            at org.mortbay.servlet.GzipFilter.doFilter(GzipFilter.java:132)
            at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
            at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)
            at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
            at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
            at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:716)
            at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:406)
            at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:211)
            at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
            at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)
            at org.mortbay.jetty.handler.RewriteHandler.handle(RewriteHandler.java:176)
            at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)
            at org.mortbay.jetty.Server.handle(Server.java:313)
            at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:506)
            at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:844)
            at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:644)
            at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:205)
            at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:381)
            at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:396)
            at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:442)
    Caused by: javax.naming.NoPermissionException: [LDAP: error code 50 - no write access to parent]; remaining name 'cn=Domain Users,ou=groups,dc=fmhs,dc=co,dc=nz'
            at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3013)
            at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951)
            at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2758)
            at com.sun.jndi.ldap.LdapCtx.c_createSubcontext(LdapCtx.java:774)
            at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_createSubcontext(ComponentDirContext.java:319)
            at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:248)
            at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:236)
            at javax.naming.directory.InitialDirContext.createSubcontext(InitialDirContext.java:178)
            at com.zimbra.ldaputils.CreateLDAPEntry.createSubcontext(CreateLDAPEntry.java:105)
            ... 32 more
    I have searched and searched the forums, wiki, other google search relating to other applications (ie Specifying write access for more then one user?) and have found no information on how to fix this issue.

    Additionally - I am un sure if it is related when I do a ldap search I get this error:

    Code:
    root@maungatua:~# /opt/zimbra/openldap/bin/ldapsearch -h fmhs.co.nz -b dc=fmhs,dc=co,dc=nz objectclass=posixaccount
    SASL/GSSAPI authentication started
    ldap_sasl_interactive_bind_s: Local error (-2)
            additional info: SASL(-1): generic failure: GSSAPI Error:  Miscellaneous failure (see text) (open(/tmp/krb5cc_0): No such file or directory)
    I would love some help on this issue - we have several clients wishing to impliment this solution, two who are soon to be network edition clients.

    Any other information I will gladly post....
    Attached Images Attached Images
    Last edited by timwiel; 02-20-2008 at 04:06 PM.

  2. #2
    timwiel is offline Active Member
    Join Date
    Mar 2007
    Posts
    39
    Rep Power
    8

    Default Webmin doesn't work properly either

    I have just tried to create a ldap group with webmin as below:



    However it create this error
    Code:
    Failed to save group : Failed to add group to LDAP database : objectclass: value #1 invalid per syntax
    and this error in the /var/log/zimbra.log

    Code:
    Feb 21 11:45:51 fmhs e/webmin/ldap-useradmin/save_group.cgi: unable to dlopen /opt/zimbra/cyrus-sasl-2.1.22.3z/lib/sasl2/libgssapiv2.so.2: /opt/zimbra/heimdal-1.0.2/lib/libhx509.so.1: undefined symbol: EVP_CIPHER_iv_length
    However if I remove the option to create a samba group from webmin then I am successful and the posix group appears in zimbraAdmin - however then trying to modify the group and adding a samba group fails in zimbra.

    This is starting to get infuriating
    Attached Images Attached Images

  3. #3
    quanah is offline Zimbra Employee
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,265
    Rep Power
    10

    Default

    Quote Originally Posted by timwiel View Post
    Code:
    Failed to save group : Failed to add group to LDAP database : objectclass: value #1 invalid per syntax
    and this error in the /var/log/zimbra.log
    This error indicates that you are missing a schema file necessary for the operation to succeed, as it cannot find the objectClass referenced in the server.
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

  4. #4
    quanah is offline Zimbra Employee
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,265
    Rep Power
    10

    Default

    Quote Originally Posted by timwiel View Post
    Code:
    Caused by: javax.naming.NoPermissionException: [LDAP: error code 50 - no write access to parent]; remaining name 'cn=Domain Users,ou=groups,dc=fmhs,dc=co,dc=nz'
    Code:
    root@maungatua:~# /opt/zimbra/openldap/bin/ldapsearch -h fmhs.co.nz -b dc=fmhs,dc=co,dc=nz objectclass=posixaccount
    SASL/GSSAPI authentication started
    ldap_sasl_interactive_bind_s: Local error (-2)
            additional info: SASL(-1): generic failure: GSSAPI Error:  Miscellaneous failure (see text) (open(/tmp/krb5cc_0): No such file or directory)
    Unless you have Kerberos set up, I suggest you add a -x to your ldapsearch command. On the other error, are you sure that the ou=groups,... entry already exists prior to trying to add things to it?

    --Quanah
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

  5. #5
    Greg is offline Zimbra Employee
    Join Date
    Sep 2005
    Location
    Tucson - San Francisco - Moscow
    Posts
    127
    Rep Power
    9

    Default

    Just fixed the bug (will be in 5.0.3) and fixed some errors in the HowTo for Zimbra+Samba integration.
    Bugzilla - Wiki - Downloads - Before posting... Search!
    P.S.: don't forget to vote on this bug
    add Samba LDAP entries to Exchange Migration Tool

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Zimbra fails after working for 2 weeks
    By Linsys in forum Administrators
    Replies: 10
    Last Post: 10-07-2008, 12:42 AM
  2. [SOLVED] Debian Etch 32 / 64: MTA not working
    By xflip in forum Installation
    Replies: 2
    Last Post: 01-18-2008, 04:58 AM
  3. [SOLVED] Simple backup question...
    By dameron in forum Administrators
    Replies: 3
    Last Post: 08-25-2007, 09:36 PM
  4. 3.0 to 4.5.3 Upgrade failed (mysql error)
    By dealt in forum Installation
    Replies: 35
    Last Post: 03-19-2007, 10:30 PM
  5. M3 problem with shares
    By titangears in forum Users
    Replies: 4
    Last Post: 01-12-2006, 01:01 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •