Could you please be a little more specific?

okay,

we've recently updated our ox 6.14 installation to 6.16. after upgrading, the ldap syncronisation seemed to work fine except for the access-combination settings. when changing the ldap attribute for a user's access-combination the settings aren't synced to the ox server. when i issue an getaccesscombinationbyuser command for the changed user-account i get an access-combination name of <NONE>. looking at the logfiles i got a lot of the following messages :

2010/04/02 14:15:06 > /opt/open-xchange/sbin/changeuser .......
Server response:
Primary mail address already exists in this context.

It seems that the changeuser command changed it's behavior between ox 6.14 and 6.16, thus it checks if the primary email address in the changeuser command already exists. if this is the case it drops the corresponding "Primary email address already exists in this contest" error message.

A snapshot of our old 6.14 installation worked fine without dropping these errors.

our ldapsync.conf settings :

ldapuri = ldap://*****
vardirectory = /var/opt/oxldapsync
oxpath = /opt/open-xchange/sbin
logfile = /var/log/oxldapsync.log
userbasedn = *****
groupbasedn = *****
ldapuserdn = *****
ldapuserpassword = *****
mappingfile = /opt/oxldapsync/etc/mapping.openldap.conf
ldaptype = openldap
updateGroups = yes
usemodifytimestamp = no
updateemptyattributes = yes
userFilter =
groupFilter =
userignorefilter =
updateAliases = yes
deleteusers = yes
deletegroups = yes
uidAttribute = uid
dontModifyUids = admin
groupMemberAttribute = member
memberAttributeIsDN = yes
groupNameAttribute = cn
groupDisplayNameAttribute = displayName
groupNumberAttribute = gidNumber
userPrimaryGroupAttribute = gidNumber

Greetings
lars

• Accesscombination names cannot be used when using oxldapsync because it is setting the accesscombinations individually, check /opt/oxldapsync/etc/mapping.<YOURUSEDMAPPING>.conf
  Code:

  /opt/open-xchange/sbin/getaccesscombinationnameforuser -A oxadmin -P secret -u test -c 1
  null

• The other problem is, that you gave a user the same primary mail address another user already has. That's not possible with open-xchange.

hi,

1) good to know
2) the error message occurs with all our synced users not only one or two of them. the changeuser script is called with all needed parameters for the ox user including it's email address. the new changeuser script seems to check the email address and prevents changing the user even if there's no other user having the given primary email address.

greetings
lars

You are right.
I am able to reproduce that.
Going to open a bug.

thanks and keep up the good work ;-)