Page 1 of 3 123 LastLast
Results 1 to 10 of 26

Thread: Zimbra 8 Auto Provisioning not work properly

  1. #1
    gruzin is offline Junior Member
    Join Date
    Nov 2012
    Posts
    9
    Rep Power
    2

    Question Zimbra 8 Auto Provisioning not work properly

    Hello!

    My AutoProvision settings:

    zmprov md domain.ru zimbraAutoProvMode EAGER
    zmprov md domain.ru zimbraAutoProvLdapURL "ldap://pdc.sp.local:3268"
    zmprov md domain.ru zimbraAutoProvLdapAdminBindDn "cn=zimbra,cn=users,dc=sp,dc=local"
    zmprov md domain.ru zimbraAutoProvLdapAdminBindPassword password
    zmprov md domain.ru zimbraAutoProvLdapSearchBase "ou=test,dc=sp,dc=local"
    zmprov md domain.ru zimbraAutoProvLdapSearchFilter "(&(objectCategory=user)(mail=*domain.ru))"
    zmprov md domain.ru zimbraAutoProvLdapBindDn "%u@%d"
    zmprov md domain.ru zimbraAutoProvAccountNameMap samAccountName
    zmprov md domain.ru zimbraAutoProvNotificationFromAddress admin@domain.ru
    zmprov md domain.ru +zimbraAutoProvAttrMap sn=sn +zimbraAutoProvAttrMap description=description
    zmprov ms mail.domain.ru +zimbraAutoProvScheduledDomains domain.ru
    zmprov ms mail.domain.ru zimbraAutoProvPollingInterval 1m

    By the first launch new mailbox has been created, but after...

    In log file write this:

    2012-12-04 12:32:45,030 INFO [AutoProvision] [] autoprov - Auto provisioning accounts on domain domain.ru

    And nothing, don't creating new or delete removed mailbox

    zimbraAutoProvLastPolledTimestamp has ben changed.

    zimbraAutoProvLastPolledTimestamp: 20121204050744Z

    zimbraAutoProvLastPolledTimestamp: 20121204050944Z

    zimbraAutoProvLastPolledTimestamp: 20121204051744Z

    Anybody, help, this is bug? Or I forgot many options configured?

    Zimbra version: 8.0.1_GA_5438.FOSS

  2. #2
    amessina's Avatar
    amessina is offline Active Member
    Join Date
    Jun 2007
    Location
    Campobello di Mazara, Italy
    Posts
    38
    Rep Power
    7

    Default

    Are you able to do a ldap search with those settings via command line? Any results?

    Port 3268 on a AD domain controller is usually for Global Catalog, an LDAP-compliant directory consisting of a partial representation of every object from every domain within the forest.

    Note:

    • Global catalog role must be enabled
    • samAccountName is no longer unique when viewing an entire forest of domains
    Antonio

  3. #3
    gruzin is offline Junior Member
    Join Date
    Nov 2012
    Posts
    9
    Rep Power
    2

    Question

    Quote Originally Posted by amessina View Post
    Are you able to do a ldap search with those settings via command line? Any results?
    Yes.

    Code:
    zimbra@mail:/home/user$ ldapsearch -v -b "ou=test,DC=sp,DC=local" -h pdc.sp.local -D root -W -x "(&(objectCategory=user)(mail=*stimul-kd.ru))"
    ldap_initialize( ldap://pdc.sp.local )
    Enter LDAP Password:
    filter: (&(objectCategory=user)(mail=*stimul-kd.ru))
    requesting: All userApplication attributes
    # extended LDIF
    #
    # LDAPv3
    # base <ou=test,DC=sp,DC=local> with scope subtree
    # filter: (&(objectCategory=user)(mail=*stimul-kd.ru))
    # requesting: ALL
    #
    
    # \D0\A4\D0\B0\D0\BC\D0\B8\D0\BB\D0\B8\D1\8F1 \D0\98\D0\BC\D1\8F1 \D0\9E\D1\8
     2\D1\87\D0\B5\D1\81\D1\82\D0\B2\D0\BE1, test, sp.local
    dn:: Q0490KTQsNC80LjQu9C40Y8xINCY0LzRjzEg0J7RgtGH0LXRgdGC0LLQvjEsT1U9dGVzdCxEQ
     z1zcCxEQz1sb2NhbA==
    objectClass: top
    objectClass: person
    objectClass: organizationalPerson
    objectClass: user
    cn:: 0KTQsNC80LjQu9C40Y8xINCY0LzRjzEg0J7RgtGH0LXRgdGC0LLQvjE=
    sn:: 0KTQsNC80LjQu9C40Y8x
    description:: 0KLQtdGB0YLQvtCy0LDRjyDRg9GH0LXRgtC90Y/QsCDQt9Cw0L/QuNGB0YwgMQ==
    physicalDeliveryOfficeName:: 0JrQsNC70LjQvdC40L3Qs9GA0LDQtA==
    givenName:: 0JjQvNGPMQ==
    distinguishedName:: Q0490KTQsNC80LjQu9C40Y8xINCY0LzRjzEg0J7RgtGH0LXRgdGC0LLQvj
     EsT1U9dGVzdCxEQz1zcCxEQz1sb2NhbA==
    instanceType: 4
    whenCreated: 20121203044620.0Z
    whenChanged: 20121204040507.0Z
    displayName:: 0JjQvNGPMSDQntGC0YfQtdGB0YLQstC+MSDQpNCw0LzQuNC70LjRjzE=
    uSNCreated: 3218011
    uSNChanged: 3231573
    name:: 0KTQsNC80LjQu9C40Y8xINCY0LzRjzEg0J7RgtGH0LXRgdGC0LLQvjE=
    objectGUID:: 9WgosP5/XEW/m7NeTZTX0A==
    userAccountControl: 66048
    badPwdCount: 0
    codePage: 0
    countryCode: 0
    badPasswordTime: 0
    lastLogoff: 0
    lastLogon: 0
    pwdLastSet: 129989835802848323
    primaryGroupID: 513
    objectSid:: AQUAAAAAAAUVAAAA7cqjbNStIV1TQiv0oQUAAA==
    accountExpires: 9223372036854775807
    logonCount: 0
    sAMAccountName: test1
    sAMAccountType: 805306368
    userPrincipalName: test1@sp.local
    objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=sp,DC=local
    dSCorePropagationData: 16010101000000.0Z
    mail: test1@stimul-kd.ru
    
    # \D0\A4\D0\B0\D0\BC\D0\B8\D0\BB\D0\B8\D1\8F3 \D0\98\D0\BC\D1\8F3 \D0\9E\D1\8
     2\D1\87\D0\B5\D1\81\D1\82\D0\B2\D0\BE3, test, sp.local
    dn:: Q0490KTQsNC80LjQu9C40Y8zINCY0LzRjzMg0J7RgtGH0LXRgdGC0LLQvjMsT1U9dGVzdCxEQ
     z1zcCxEQz1sb2NhbA==
    objectClass: top
    objectClass: person
    objectClass: organizationalPerson
    objectClass: user
    cn:: 0KTQsNC80LjQu9C40Y8zINCY0LzRjzMg0J7RgtGH0LXRgdGC0LLQvjM=
    sn:: 0J7RgtGH0LXRgdGC0LLQvjM=
    description:: 0KLQtdGB0YLQvtCy0LDRjyDRg9GH0LXRgtC90LDRjyDQt9Cw0L/QuNGB0YwgMw==
    physicalDeliveryOfficeName:: 0JrQsNC70LvQuNC90LjQs9GA0LDQtA==
    givenName:: 0JjQvNGPMw==
    distinguishedName:: Q0490KTQsNC80LjQu9C40Y8zINCY0LzRjzMg0J7RgtGH0LXRgdGC0LLQvj
     MsT1U9dGVzdCxEQz1zcCxEQz1sb2NhbA==
    instanceType: 4
    whenCreated: 20121203044741.0Z
    whenChanged: 20121204040556.0Z
    displayName:: 0KTQsNC80LjQu9C40Y8zINCY0LzRjzMg0J7RgtGH0LXRgdGC0LLQvjM=
    uSNCreated: 3218048
    uSNChanged: 3231590
    name:: 0KTQsNC80LjQu9C40Y8zINCY0LzRjzMg0J7RgtGH0LXRgdGC0LLQvjM=
    objectGUID:: qXWJpKXQg0251tvwqCTX4w==
    userAccountControl: 66048
    badPwdCount: 0
    codePage: 0
    countryCode: 0
    badPasswordTime: 0
    lastLogoff: 0
    lastLogon: 0
    pwdLastSet: 129989836616726408
    primaryGroupID: 513
    objectSid:: AQUAAAAAAAUVAAAA7cqjbNStIV1TQiv0owUAAA==
    accountExpires: 9223372036854775807
    logonCount: 0
    sAMAccountName: test3
    sAMAccountType: 805306368
    userPrincipalName: test3@sp.local
    objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=sp,DC=local
    dSCorePropagationData: 16010101000000.0Z
    mail: test3@stimul-kd.ru
    
    # \D0\9C\D0\B0\D0\B7\D1\83\D1\80\D0\B1\D0\B5\D0\BA \D0\91\D1\83\D0\B3\D0\B0\D
     0\B3\D0\B0\D0\BD\D0\BE\D0\B2\D0\B8\D1\87, test, sp.local
    dn:: Q0490JzQsNC30YPRgNCx0LXQuiDQkdGD0LPQsNCz0LDQvdC+0LLQuNGHLE9VPXRlc3QsREM9c
     3AsREM9bG9jYWw=
    objectClass: top
    objectClass: person
    objectClass: organizationalPerson
    objectClass: user
    cn:: 0JzQsNC30YPRgNCx0LXQuiDQkdGD0LPQsNCz0LDQvdC+0LLQuNGH
    sn:: 0JHRg9Cz0LDQs9Cw0L3QvtCy0LjRhw==
    description:: 0KLQtdGB0YLQvtCy0Lkg0L7Qu9C+0LvQvtC10LLQuNGH
    givenName:: 0JzQsNC30YPRgNCx0LXQug==
    distinguishedName:: Q0490JzQsNC30YPRgNCx0LXQuiDQkdGD0LPQsNCz0LDQvdC+0LLQuNGHLE
     9VPXRlc3QsREM9c3AsREM9bG9jYWw=
    instanceType: 4
    whenCreated: 20121204043832.0Z
    whenChanged: 20121204043857.0Z
    displayName:: 0JzQsNC30YPRgNCx0LXQuiDQkdGD0LPQsNCz0LDQvdC+0LLQuNGH
    uSNCreated: 3232173
    uSNChanged: 3232186
    name:: 0JzQsNC30YPRgNCx0LXQuiDQkdGD0LPQsNCz0LDQvdC+0LLQuNGH
    objectGUID:: LaeWmE6g+0O1ahajnnjMSg==
    userAccountControl: 66048
    badPwdCount: 0
    codePage: 0
    countryCode: 0
    badPasswordTime: 0
    lastLogoff: 0
    lastLogon: 0
    pwdLastSet: 129990695124009893
    primaryGroupID: 513
    objectSid:: AQUAAAAAAAUVAAAA7cqjbNStIV1TQiv0qQUAAA==
    accountExpires: 9223372036854775807
    logonCount: 0
    sAMAccountName: test5
    sAMAccountType: 805306368
    userPrincipalName: test5@sp.local
    objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=sp,DC=local
    dSCorePropagationData: 20121204043832.0Z
    dSCorePropagationData: 16010101000000.0Z
    mail: mazurbek@stimul-kd.ru
    
    # \D0\98\D0\BC\D1\8F6 \D0\9E\D1\82\D1\87\D0\B5\D1\81\D1\82\D0\B2\D0\BE \D0\A4
     \D0\B0\D0\BC\D0\B8\D0\BB\D0\B8\D1\8F6, test, sp.local
    dn:: Q0490JjQvNGPNiDQntGC0YfQtdGB0YLQstC+INCk0LDQvNC40LvQuNGPNixPVT10ZXN0LERDP
     XNwLERDPWxvY2Fs
    objectClass: top
    objectClass: person
    objectClass: organizationalPerson
    objectClass: user
    cn:: 0JjQvNGPNiDQntGC0YfQtdGB0YLQstC+INCk0LDQvNC40LvQuNGPNg==
    sn:: 0KTQsNC80LjQu9C40Y82
    description:: 0KLQtdGB0YLQvtCy0YvQuSDQsNC60LrQsNGD0L3RgiA2
    givenName:: 0JjQvNGPNg==
    distinguishedName:: Q0490JjQvNGPNiDQntGC0YfQtdGB0YLQstC+INCk0LDQvNC40LvQuNGPNi
     xPVT10ZXN0LERDPXNwLERDPWxvY2Fs
    instanceType: 4
    whenCreated: 20121204052611.0Z
    whenChanged: 20121204052634.0Z
    displayName:: 0JjQvNGPNiDQntGC0YfQtdGB0YLQstC+NiDQpNCw0LzQuNC70LjRjzY=
    uSNCreated: 3233039
    uSNChanged: 3233060
    name:: 0JjQvNGPNiDQntGC0YfQtdGB0YLQstC+INCk0LDQvNC40LvQuNGPNg==
    objectGUID:: EeOBqZELNUOdft0E6WmIBw==
    userAccountControl: 512
    badPwdCount: 0
    codePage: 0
    countryCode: 0
    badPasswordTime: 0
    lastLogoff: 0
    lastLogon: 0
    pwdLastSet: 129990723718002993
    primaryGroupID: 513
    objectSid:: AQUAAAAAAAUVAAAA7cqjbNStIV1TQiv0qgUAAA==
    accountExpires: 9223372036854775807
    logonCount: 0
    sAMAccountName: test6
    sAMAccountType: 805306368
    userPrincipalName: test6@sp.local
    objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=sp,DC=local
    dSCorePropagationData: 20121204052611.0Z
    dSCorePropagationData: 16010101000000.0Z
    mail: test6@stimul-kd.ru
    
    # search result
    search: 2
    result: 0 Success
    
    # numResponses: 5
    # numEntries: 4

    Port 3268 on a AD domain controller is usually for Global Catalog, an LDAP-compliant directory consisting of a partial representation of every object from every domain within the forest.
    I tried port 389, not any effect. In the first run auto provision has ben create new mailbox! This is work, but after dosn't

    Look this:
    Code:
    2012-12-04 11:32:25,688 INFO  [AutoProvision] [] autoprov - Auto provisioning accounts on domain stimul-kd.ru
    2012-12-04 11:32:25,701 INFO  [AutoProvision] [] autoprov - auto creating account in EAGER mode: test1@stimul-kd.ru
    2012-12-04 11:32:25,713 INFO  [AutoProvision] [] autoprov - auto provisioned account: test1@stimul-kd.ru
    2012-12-04 11:32:25,898 INFO  [AutoProvision] [] autoprov - auto provision notification sent rcpt='test1@stimul-kd.ru' Message-ID=<1713805053.1.135459554577$
    2012-12-04 11:32:25,898 INFO  [AutoProvision] [] autoprov - auto creating account in EAGER mode: test3@stimul-kd.ru
    2012-12-04 11:32:25,902 INFO  [AutoProvision] [] autoprov - auto provisioned account: test3@stimul-kd.ru
    2012-12-04 11:32:25,984 INFO  [AutoProvision] [] autoprov - auto provision notification sent rcpt='test3@stimul-kd.ru' Message-ID=<497592306.3.1354595545905$
    2012-12-04 11:32:27,005 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailbox - Creating database mboxgroup5
    2012-12-04 11:32:29,893 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailbox - Creating mailbox with id 5 and group id 5 for test1@stimul-kd.ru.
    2012-12-04 11:32:29,893 INFO  [LmtpServer-2] [ip=10.5.0.2;] cache - initializing folder and tag caches for mailbox 5
    2012-12-04 11:32:29,897 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailop - adding folder ROOT: id=11, parentId=11.
    2012-12-04 11:32:29,899 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailop - adding folder Tags: id=8, parentId=11.
    2012-12-04 11:32:29,900 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailop - adding folder Conversations: id=9, parentId=11.
    2012-12-04 11:32:29,901 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailop - adding folder Comments: id=17, parentId=11.
    2012-12-04 11:32:29,902 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailop - adding folder USER_ROOT: id=1, parentId=11.
    2012-12-04 11:32:29,903 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailop - adding folder Inbox: id=2, parentId=1.
    2012-12-04 11:32:29,904 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailop - adding folder Trash: id=3, parentId=1.
    2012-12-04 11:32:29,904 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailop - adding folder Junk: id=4, parentId=1.
    2012-12-04 11:32:29,905 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailop - adding folder Sent: id=5, parentId=1.
    2012-12-04 11:32:29,906 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailop - adding folder Drafts: id=6, parentId=1.
    2012-12-04 11:32:29,907 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailop - adding folder Contacts: id=7, parentId=1.
    2012-12-04 11:32:29,908 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailop - adding folder Calendar: id=10, parentId=1.
    2012-12-04 11:32:29,909 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailop - adding folder Tasks: id=15, parentId=1.
    2012-12-04 11:32:29,910 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailop - adding folder Emailed Contacts: id=13, parentId=1.
    2012-12-04 11:32:29,911 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailop - adding folder Chats: id=14, parentId=1.
    2012-12-04 11:32:29,911 INFO  [LmtpServer-2] [ip=10.5.0.2;] mailop - adding folder Briefcase: id=16, parentId=1.
    2012-12-04 11:32:29,951 INFO  [LmtpServer-2] [ip=10.5.0.2;] index - OpenLuceneIndex impl=NIOFSDirectory,dir=/opt/zimbra/index/0/5/index/0
    2012-12-04 11:32:29,951 INFO  [Index-9] [name=test1@stimul-kd.ru;mid=5;] index - Batch complete processed=0,failed=0,elapsed=0 (NaN items/sec)
    2012-12-04 11:32:29,953 INFO  [LmtpServer-1] [ip=10.5.0.2;] mailbox - Creating database mboxgroup6
    I tried to add new account to AD, setting string mail, but dosn't add new mailbox in zimbra

    if delete domain and create and add setting to auto provisioning, in the first run this function work properly, but second...


  4. #4
    amessina's Avatar
    amessina is offline Active Member
    Join Date
    Jun 2007
    Location
    Campobello di Mazara, Italy
    Posts
    38
    Rep Power
    7

    Default

    zimbra@mail:/home/user$ ldapsearch -v -b "ou=test,DC=sp,DC=local" -h pdc.sp.local -D root -W -x "(&(objectCategory=user)(mail=*stimul-kd.ru))"
    "(&(objectClass=user)(mail=*stimul-kd.ru))"
    Antonio

  5. #5
    gruzin is offline Junior Member
    Join Date
    Nov 2012
    Posts
    9
    Rep Power
    2

    Default

    Quote Originally Posted by amessina View Post
    "(&(objectClass=user)(mail=*stimul-kd.ru))"
    thanks for ldap search filter, but problem not this...

    Code:
    zimbra@mail:/home/user$ ldapsearch -v -b "ou=test,DC=sp,DC=local" -h pdc.sp.local -D root -W -x "(&(objectClass=user)(mail=*stimul-kd.ru))"
    ldap_initialize( ldap://pdc.sp.local )
    Enter LDAP Password:
    filter: (&(objectClass=user)(mail=*stimul-kd.ru))
    requesting: All userApplication attributes
    # extended LDIF
    #
    # LDAPv3
    # base <ou=test,DC=sp,DC=local> with scope subtree
    # filter: (&(objectClass=user)(mail=*stimul-kd.ru))
    # requesting: ALL
    #
    
    # \D0\A4\D0\B0\D0\BC\D0\B8\D0\BB\D0\B8\D1\8F3 \D0\98\D0\BC\D1\8F3 \D0\9E\D1\8
     2\D1\87\D0\B5\D1\81\D1\82\D0\B2\D0\BE3, test, sp.local
    dn:: Q0490KTQsNC80LjQu9C40Y8zINCY0LzRjzMg0J7RgtGH0LXRgdGC0LLQvjMsT1U9dGVzdCxEQ
     z1zcCxEQz1sb2NhbA==
    objectClass: top
    objectClass: person
    objectClass: organizationalPerson
    objectClass: user
    cn:: 0KTQsNC80LjQu9C40Y8zINCY0LzRjzMg0J7RgtGH0LXRgdGC0LLQvjM=
    sn:: 0J7RgtGH0LXRgdGC0LLQvjM=
    description:: 0KLQtdGB0YLQvtCy0LDRjyDRg9GH0LXRgtC90LDRjyDQt9Cw0L/QuNGB0YwgMw==
    physicalDeliveryOfficeName:: 0JrQsNC70LvQuNC90LjQs9GA0LDQtA==
    givenName:: 0JjQvNGPMw==
    distinguishedName:: Q0490KTQsNC80LjQu9C40Y8zINCY0LzRjzMg0J7RgtGH0LXRgdGC0LLQvj
     MsT1U9dGVzdCxEQz1zcCxEQz1sb2NhbA==
    instanceType: 4
    whenCreated: 20121203044741.0Z
    whenChanged: 20121204040556.0Z
    displayName:: 0KTQsNC80LjQu9C40Y8zINCY0LzRjzMg0J7RgtGH0LXRgdGC0LLQvjM=
    uSNCreated: 3218048
    uSNChanged: 3231590
    name:: 0KTQsNC80LjQu9C40Y8zINCY0LzRjzMg0J7RgtGH0LXRgdGC0LLQvjM=
    objectGUID:: qXWJpKXQg0251tvwqCTX4w==
    userAccountControl: 66048
    badPwdCount: 0
    codePage: 0
    countryCode: 0
    badPasswordTime: 0
    lastLogoff: 0
    lastLogon: 0
    pwdLastSet: 129989836616726408
    primaryGroupID: 513
    objectSid:: AQUAAAAAAAUVAAAA7cqjbNStIV1TQiv0owUAAA==
    accountExpires: 9223372036854775807
    logonCount: 0
    sAMAccountName: test3
    sAMAccountType: 805306368
    userPrincipalName: test3@sp.local
    objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=sp,DC=local
    dSCorePropagationData: 16010101000000.0Z
    mail: test3@stimul-kd.ru
    
    # \D0\9C\D0\B0\D0\B7\D1\83\D1\80\D0\B1\D0\B5\D0\BA \D0\91\D1\83\D0\B3\D0\B0\D
     0\B3\D0\B0\D0\BD\D0\BE\D0\B2\D0\B8\D1\87, test, sp.local
    dn:: Q0490JzQsNC30YPRgNCx0LXQuiDQkdGD0LPQsNCz0LDQvdC+0LLQuNGHLE9VPXRlc3QsREM9c
     3AsREM9bG9jYWw=
    objectClass: top
    objectClass: person
    objectClass: organizationalPerson
    objectClass: user
    cn:: 0JzQsNC30YPRgNCx0LXQuiDQkdGD0LPQsNCz0LDQvdC+0LLQuNGH
    sn:: 0JHRg9Cz0LDQs9Cw0L3QvtCy0LjRhw==
    description:: 0KLQtdGB0YLQvtCy0Lkg0L7Qu9C+0LvQvtC10LLQuNGH
    givenName:: 0JzQsNC30YPRgNCx0LXQug==
    distinguishedName:: Q0490JzQsNC30YPRgNCx0LXQuiDQkdGD0LPQsNCz0LDQvdC+0LLQuNGHLE
     9VPXRlc3QsREM9c3AsREM9bG9jYWw=
    instanceType: 4
    whenCreated: 20121204043832.0Z
    whenChanged: 20121204043857.0Z
    displayName:: 0JzQsNC30YPRgNCx0LXQuiDQkdGD0LPQsNCz0LDQvdC+0LLQuNGH
    uSNCreated: 3232173
    uSNChanged: 3232186
    name:: 0JzQsNC30YPRgNCx0LXQuiDQkdGD0LPQsNCz0LDQvdC+0LLQuNGH
    objectGUID:: LaeWmE6g+0O1ahajnnjMSg==
    userAccountControl: 66048
    badPwdCount: 0
    codePage: 0
    countryCode: 0
    badPasswordTime: 0
    lastLogoff: 0
    lastLogon: 0
    pwdLastSet: 129990695124009893
    primaryGroupID: 513
    objectSid:: AQUAAAAAAAUVAAAA7cqjbNStIV1TQiv0qQUAAA==
    accountExpires: 9223372036854775807
    logonCount: 0
    sAMAccountName: test5
    sAMAccountType: 805306368
    userPrincipalName: test5@sp.local
    objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=sp,DC=local
    dSCorePropagationData: 20121204043832.0Z
    dSCorePropagationData: 16010101000000.0Z
    mail: mazurbek@stimul-kd.ru
    
    # \D0\98\D0\BC\D1\8F6 \D0\9E\D1\82\D1\87\D0\B5\D1\81\D1\82\D0\B2\D0\BE \D0\A4
     \D0\B0\D0\BC\D0\B8\D0\BB\D0\B8\D1\8F6, test, sp.local
    dn:: Q0490JjQvNGPNiDQntGC0YfQtdGB0YLQstC+INCk0LDQvNC40LvQuNGPNixPVT10ZXN0LERDP
     XNwLERDPWxvY2Fs
    objectClass: top
    objectClass: person
    objectClass: organizationalPerson
    objectClass: user
    cn:: 0JjQvNGPNiDQntGC0YfQtdGB0YLQstC+INCk0LDQvNC40LvQuNGPNg==
    sn:: 0KTQsNC80LjQu9C40Y82
    description:: 0KLQtdGB0YLQvtCy0YvQuSDQsNC60LrQsNGD0L3RgiA2
    givenName:: 0JjQvNGPNg==
    distinguishedName:: Q0490JjQvNGPNiDQntGC0YfQtdGB0YLQstC+INCk0LDQvNC40LvQuNGPNi
     xPVT10ZXN0LERDPXNwLERDPWxvY2Fs
    instanceType: 4
    whenCreated: 20121204052611.0Z
    whenChanged: 20121204052634.0Z
    displayName:: 0JjQvNGPNiDQntGC0YfQtdGB0YLQstC+NiDQpNCw0LzQuNC70LjRjzY=
    uSNCreated: 3233039
    uSNChanged: 3233060
    name:: 0JjQvNGPNiDQntGC0YfQtdGB0YLQstC+INCk0LDQvNC40LvQuNGPNg==
    objectGUID:: EeOBqZELNUOdft0E6WmIBw==
    userAccountControl: 512
    badPwdCount: 0
    codePage: 0
    countryCode: 0
    badPasswordTime: 0
    lastLogoff: 0
    lastLogon: 0
    pwdLastSet: 129990723718002993
    primaryGroupID: 513
    objectSid:: AQUAAAAAAAUVAAAA7cqjbNStIV1TQiv0qgUAAA==
    accountExpires: 9223372036854775807
    logonCount: 0
    sAMAccountName: test6
    sAMAccountType: 805306368
    userPrincipalName: test6@sp.local
    objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=sp,DC=local
    dSCorePropagationData: 20121204052611.0Z
    dSCorePropagationData: 16010101000000.0Z
    mail: test6@stimul-kd.ru
    
    # search result
    search: 2
    result: 0 Success
    
    # numResponses: 4
    # numEntries: 3

  6. #6
    ccelis5215 is online now Elite Member
    Join Date
    Jun 2011
    Location
    Caracas Venezuela
    Posts
    442
    Rep Power
    3

    Default

    Hi gruzin,

    Did you set zimbraAutoProvBatchSize as you are in EAGER mode?

    ccelis

  7. #7
    gruzin is offline Junior Member
    Join Date
    Nov 2012
    Posts
    9
    Rep Power
    2

    Default

    Quote Originally Posted by ccelis5215 View Post
    Hi gruzin,

    Did you set zimbraAutoProvBatchSize as you are in EAGER mode?

    ccelis
    Hi!

    Default value is 20.

    zmprov md stimul-kd.ru zimbraAutoProvBatchSize 20

    the problem did not go away

  8. #8
    ccelis5215 is online now Elite Member
    Join Date
    Jun 2011
    Location
    Caracas Venezuela
    Posts
    442
    Rep Power
    3

    Default

    Quote Originally Posted by gruzin View Post
    Hi!

    Default value is 20.

    zmprov md stimul-kd.ru zimbraAutoProvBatchSize 20

    the problem did not go away
    Hi gruzim,

    I've read autoprov.txt.. didn't see a default value.

    Sorry for my wrong posts.

    I've expecting for indications.

    ccelis.

  9. #9
    gruzin is offline Junior Member
    Join Date
    Nov 2012
    Posts
    9
    Rep Power
    2

    Default

    Quote Originally Posted by ccelis5215 View Post
    Hi gruzim,

    I've read autoprov.txt.. didn't see a default value.

    Sorry for my wrong posts.

    I've expecting for indications.

    ccelis.
    Hi!

    In the file there is no default, sorry. I found this value by running the following command:

    Code:
    zimbra@mail:/home/user$ zmprov md stimul-kd.ru zimbraAutoProvBatchSize 40
    zimbra@mail:/home/user$ zmprov getAllConfig | grep zimbraAutoProvBatchSize
    zimbraAutoProvBatchSize: 20
    zimbra@mail:/home/user$ zmprov gd stimul-kd.ru | grep zimbraAutoProvBatchSize
    zimbraAutoProvBatchSize: 40
    zimbra@mail:/home/user$
    Thank you for your willingness to help!

    To All: Auto provisioning EAGER mode is working properly to us?

  10. #10
    amessina's Avatar
    amessina is offline Active Member
    Join Date
    Jun 2007
    Location
    Campobello di Mazara, Italy
    Posts
    38
    Rep Power
    7

    Default

    zimbraAutoProvBatchSize = 20 implies that your test accounts must be provisioned at the first polling.
    Check if there is something wrong with the missing accounts.

    The results of some tests in my lab

    Ldap search:
    Code:
    [zimbra@zimbra8 ~]$ ldapsearch -h w2008 -D "cn=Administrator,cn=users,dc=iknowconsulting,dc=it" -b "cn=users,dc=iknowconsulting,dc=it" -W "(&(objectClass=user)(userPrincipalName=*iknowconsulting.it))" | grep sAMAccountName
    Enter LDAP Password:
    sAMAccountName: iknow
    sAMAccountName: prova
    sAMAccountName: prova1
    sAMAccountName: prova2
    sAMAccountName: prova3
    sAMAccountName: prova4
    sAMAccountName: prova5
    sAMAccountName: prova6
    Only the first one already exists in zimbra and autoprovisiong should create the other 7 accounts, right?

    Now I set autoprovisiong with your similar values, except zimbraAutoProvPollingInterval initially to 0. If I change it from 0 to a non-0 value while server is running, the auto provision thread will be started.

    Code:
    [zimbra@zimbra8 ~]$ zmprov gd iknowconsulting.it |grep zimbraAutoProv
    zimbraAutoProvAccountNameMap: samAccountName
    zimbraAutoProvAttrMap: sn=sn
    zimbraAutoProvAttrMap: description=description
    zimbraAutoProvBatchSize: 20
    zimbraAutoProvLdapAdminBindDn: cn=Administrator,cn=Users,dc=iknowconsulting,dc=it
    zimbraAutoProvLdapAdminBindPassword: password
    zimbraAutoProvLdapBindDn: %u@%d
    zimbraAutoProvLdapSearchBase: cn=users,dc=iknowconsulting,dc=it
    zimbraAutoProvLdapSearchFilter: (&(objectClass=user)(userPrincipalName=*iknowconsulting.it))
    zimbraAutoProvLdapURL: ldap://w2008.iknowconsulting.it:389
    zimbraAutoProvMode: EAGER
    zimbraAutoProvNotificationBody: Your account has been auto provisioned.  Your email address is ${ACCOUNT_ADDRESS}.
    zimbraAutoProvNotificationSubject: New account auto provisioned
    
    [zimbra@zimbra8 ~]$ zmprov gs zimbra8.iknowconsulting.it |grep zimbraAutoProv
    zimbraAutoProvPollingInterval: 0
    zimbraAutoProvScheduledDomains: iknowconsulting.it
    Now I set the initial sleep time to a lower value and turn on autoprovision thread:
    Code:
    [zimbra@zimbra8 ~]$ zmlocalconfig -e autoprov_initial_sleep_ms=1000
    [zimbra@zimbra8 ~]$ zmlocalconfig -l
    [zimbra@zimbra8 ~]$ zmprov ms zimbra8.iknowconsulting.it zimbraAutoProvPollingInterval 1m
    The (grepped) logs:
    Code:
    [zimbra@zimbra8 log]$ tail -f mailbox.log|grep AutoProvision
    2012-12-05 07:16:48,175 INFO  [AutoProvision] [] autoprov - Auto provision thread sleeping for 1000ms before doing work.
    2012-12-05 07:16:49,209 INFO  [AutoProvision] [] autoprov - Auto provisioning accounts on domain iknowconsulting.it
    2012-12-05 07:16:49,232 INFO  [AutoProvision] [] autoprov - auto creating account in EAGER mode: iknow@iknowconsulting.it
    2012-12-05 07:16:49,352 INFO  [AutoProvision] [] autoprov - auto creating account in EAGER mode: prova@iknowconsulting.it
    2012-12-05 07:16:49,384 INFO  [AutoProvision] [] autoprov - auto provisioned account: prova@iknowconsulting.it
    2012-12-05 07:16:49,385 INFO  [AutoProvision] [] autoprov - auto creating account in EAGER mode: prova1@iknowconsulting.it
    2012-12-05 07:16:49,389 INFO  [AutoProvision] [] autoprov - auto provisioned account: prova1@iknowconsulting.it
    2012-12-05 07:16:49,389 INFO  [AutoProvision] [] autoprov - auto creating account in EAGER mode: prova2@iknowconsulting.it
    2012-12-05 07:16:49,397 INFO  [AutoProvision] [] autoprov - auto provisioned account: prova2@iknowconsulting.it
    2012-12-05 07:16:49,398 INFO  [AutoProvision] [] autoprov - auto creating account in EAGER mode: prova3@iknowconsulting.it
    2012-12-05 07:16:49,402 INFO  [AutoProvision] [] autoprov - auto provisioned account: prova3@iknowconsulting.it
    2012-12-05 07:16:49,402 INFO  [AutoProvision] [] autoprov - auto creating account in EAGER mode: prova4@iknowconsulting.it
    2012-12-05 07:16:49,406 INFO  [AutoProvision] [] autoprov - auto provisioned account: prova4@iknowconsulting.it
    2012-12-05 07:16:49,406 INFO  [AutoProvision] [] autoprov - auto creating account in EAGER mode: prova5@iknowconsulting.it
    2012-12-05 07:16:49,410 INFO  [AutoProvision] [] autoprov - auto provisioned account: prova5@iknowconsulting.it
    2012-12-05 07:16:49,410 INFO  [AutoProvision] [] autoprov - auto creating account in EAGER mode: prova6@iknowconsulting.it
    2012-12-05 07:16:49,414 INFO  [AutoProvision] [] autoprov - auto provisioned account: prova6@iknowconsulting.it
    2012-12-05 07:17:49,420 INFO  [AutoProvision] [] autoprov - Auto provisioning accounts on domain iknowconsulting.it
    2012-12-05 07:18:49,430 INFO  [AutoProvision] [] autoprov - Auto provisioning accounts on domain iknowconsulting.it
    2012-12-05 07:19:49,439 INFO  [AutoProvision] [] autoprov - Auto provisioning accounts on domain iknowconsulting.it
    2012-12-05 07:20:49,448 INFO  [AutoProvision] [] autoprov - Auto provisioning accounts on domain iknowconsulting.it
    2012-12-05 07:21:05,000 INFO  [AutoProvision] [] autoprov - Shutting down auto provision thread.
    The first account was not auto provisioned because already exists in zimbra.

    It works.

    This is what I can suggest:
    • use the Administrator account
    • use the normal LDAP and not the Global Catalog
    • check the missing accounts


    And remember that the mail attribute is not necessarily equal to %u@%d!

    Hope this help.
    Antonio

Page 1 of 3 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Zimbra 8.0 Auto Provisioning help
    By frankchavez in forum Administrators
    Replies: 5
    Last Post: 04-27-2013, 03:02 AM
  2. nedd help with zimbra 8.0 Configure Lazy Mode Auto-Provisioning
    By bahram741413 in forum Administrators
    Replies: 2
    Last Post: 04-01-2013, 01:44 AM
  3. Auto-provisioning calendar data/shared calendars
    By Rich Graves in forum Administrators
    Replies: 18
    Last Post: 07-23-2009, 11:02 AM
  4. Mail filters do not work properly
    By c.bossola in forum General Questions
    Replies: 2
    Last Post: 07-10-2009, 05:20 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •