Announcement

Collapse
No announcement yet.

error syncing access-combination after upgrading to 6.16 ....

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • error syncing access-combination after upgrading to 6.16 ....

    hi,

    after upgrading our open-xchange installation to version 6.16 the access-combination attribute won't be synced anymore. by reverting to the 6.14 snapshot the problem was gone, after applying the update again the problem occoured again. we're using the latest and unmodified version of oxldapsync.

    when checking the access-combination by the getaccesscombination command the output is <NONE>.

    any idea's ?

    best regards
    lars

  • #2
    Could you please be a little more specific?

    Comment


    • #3
      okay,

      we've recently updated our ox 6.14 installation to 6.16. after upgrading, the ldap syncronisation seemed to work fine except for the access-combination settings. when changing the ldap attribute for a user's access-combination the settings aren't synced to the ox server. when i issue an getaccesscombinationbyuser command for the changed user-account i get an access-combination name of <NONE>. looking at the logfiles i got a lot of the following messages :

      2010/04/02 14:15:06 > /opt/open-xchange/sbin/changeuser .......
      Server response:
      Primary mail address already exists in this context.

      It seems that the changeuser command changed it's behavior between ox 6.14 and 6.16, thus it checks if the primary email address in the changeuser command already exists. if this is the case it drops the corresponding "Primary email address already exists in this contest" error message.

      A snapshot of our old 6.14 installation worked fine without dropping these errors.

      our ldapsync.conf settings :

      ldapuri = ldap://*****
      vardirectory = /var/opt/oxldapsync
      oxpath = /opt/open-xchange/sbin
      logfile = /var/log/oxldapsync.log
      userbasedn = *****
      groupbasedn = *****
      ldapuserdn = *****
      ldapuserpassword = *****
      mappingfile = /opt/oxldapsync/etc/mapping.openldap.conf
      ldaptype = openldap
      updateGroups = yes
      usemodifytimestamp = no
      updateemptyattributes = yes
      userFilter =
      groupFilter =
      userignorefilter =
      updateAliases = yes
      deleteusers = yes
      deletegroups = yes
      uidAttribute = uid
      dontModifyUids = admin
      groupMemberAttribute = member
      memberAttributeIsDN = yes
      groupNameAttribute = cn
      groupDisplayNameAttribute = displayName
      groupNumberAttribute = gidNumber
      userPrimaryGroupAttribute = gidNumber

      Greetings
      lars

      Comment


      • #4
        • Accesscombination names cannot be used when using oxldapsync because it is setting the accesscombinations individually, check /opt/oxldapsync/etc/mapping.<YOURUSEDMAPPING>.conf
          Code:
          /opt/open-xchange/sbin/getaccesscombinationnameforuser -A oxadmin -P secret -u test -c 1
          null
        • The other problem is, that you gave a user the same primary mail address another user already has. That's not possible with open-xchange.

        Comment


        • #5
          hi,

          1) good to know
          2) the error message occurs with all our synced users not only one or two of them. the changeuser script is called with all needed parameters for the ox user including it's email address. the new changeuser script seems to check the email address and prevents changing the user even if there's no other user having the given primary email address.

          greetings
          lars

          Comment


          • #6
            You are right.
            I am able to reproduce that.
            Going to open a bug.

            Comment


            • #7
              https://bugs.open-xchange.com/show_bug.cgi?id=15786

              Comment


              • #8
                thanks and keep up the good work ;-)

                Comment

                Working...
                X