Results 1 to 4 of 4

Thread: [SOLVED] SOAP Provisioning leads to bad LDAP

  1. #1
    java_macchiato is offline Intermediate Member
    Join Date
    Mar 2008
    Posts
    15
    Rep Power
    7

    Default [SOLVED] SOAP Provisioning leads to bad LDAP

    I've run into a strange problem and I'm not quite sure where to look to solve it. We've created an external provisioning system that sends SOAP messages to Zimbra to create new accounts. These SOAP messages are exactly like the ones the web-based admin generates. This allows us to have a central provisioning server that does a bunch of other tasks while creating the Zimbra accounts for us.

    This all works great with one exception. Somehow the UID of the user does not get set in LDAP. Accounts that I provision by hand (through the admin interface) have an entry in ldap that looks like

    Code:
    dn: uid=test1,ou=people,dc=testtest,dc=com
    zimbraMailTransport: lmtp:xxx.xxx.com:7025
    zimbraMailDeliveryAddress: test1@testtest.com
    givenName: test1
    sn: surname
    zimbraMailStatus: enabled
    zimbraId: 113187d8-e415-47a9-bda4-93d419baa2db
    mail: test1@testtest.com
    displayName: test1 surname
    uid: test1
    objectClass: organizationalPerson
    objectClass: zimbraAccount
    objectClass: amavisAccount
    cn: test1 surname
    zimbraMailHost: xxx.xxx.com
    The ones I create via SOAP look similar:

    Code:
    dn: uid=test1,ou=people,dc=testtest,dc=com
    zimbraMailTransport: lmtp:xxx.xxx.com:7025
    zimbraMailDeliveryAddress: test1@testtest.com
    zimbraMailStatus: enabled
    zimbraId: 113187d8-e415-47a9-bda4-93d419baa2db
    objectClass: organizationalPerson
    objectClass: zimbraAccount
    objectClass: amavisAccount
    zimbraMailHost: xxx.xxx.com
    Notice that a bunch of items including UID are missing from LDAP. This makes external LDAP lookups from our edge spam device not work.

    What is odd about this is that the two SOAP messages sent to Zimbra are the same. What am I missing that creates the exta LDAP settings in one case but not the other?

    FWIW Zimbra itself works fine without those extra values.

  2. #2
    bdial's Avatar
    bdial is offline Moderator
    Join Date
    Jul 2007
    Location
    Baltimore
    Posts
    1,649
    Rep Power
    10

    Default

    all these fields like givenname, surname, etc.. are fields you usually have to give it. like hwen you do it via command line with zmprov you specify displayName and what not. perhaps you need to explicitely set the uid in your soap query?

  3. #3
    java_macchiato is offline Intermediate Member
    Join Date
    Mar 2008
    Posts
    15
    Rep Power
    7

    Default

    The UID is not being passed in via the SOAP message, but many of the other fields are. The mystery is why the apparently same SOAP message sent via the web admin interface causes Zimbra to configure LDAP differently than if I "spoof" the message and send it from my provisioning system. I believe Zimbra should create the UID as I don't specify a UID when I create the account in the admin interface.

  4. #4
    java_macchiato is offline Intermediate Member
    Join Date
    Mar 2008
    Posts
    15
    Rep Power
    7

    Default

    Just in case anyone comes across this, apparently there are two lines in the SOAP header that are important:

    Code:
    <userAgent xmlns="" name="ZimbraWebClient - FF3.0 (Win)"/>
    <format xmlns="" type="js"/>
    If you don't include those everything seems to work, but the LDAP records do not get created properly. If you do, everything works great. *shrug*

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. upgrading from 5.0.4 to 5.0.5 opensource
    By smoke in forum Installation
    Replies: 4
    Last Post: 10-19-2008, 10:38 AM
  2. Replies: 8
    Last Post: 08-07-2008, 05:18 AM
  3. mobile calender Internal Server Error
    By padraig in forum Administrators
    Replies: 19
    Last Post: 04-24-2008, 08:04 AM
  4. Zimbra Install Problem - getDirectContext
    By bsimzer in forum Installation
    Replies: 27
    Last Post: 07-19-2007, 10:12 AM
  5. 3 testing: LDAP: 389 Failed when restore zimbra
    By victorLeong in forum Administrators
    Replies: 15
    Last Post: 05-24-2007, 06:45 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •