[Solved] external 389ds and kolab.conf



  • Hello, i have set up external 389ds server.
    Moved users cyrus-admin and kolab-service to new ldap.
    Changed ldap adress in kolab.conf

    But i have an errors in /var/log/kolab-webadmin/errors while i login to webadmin.
    and no users , no groups etc in it.

    [ERROR] (api) Command /usr/lib64/mozldap/ldapsearch returned error code: 32

    It seems , that problem in kolab.conf:
    domain_base_dn = cn=kolab,cn=config

    What is it? What i must to add/import to external 389ds? Or maybe i could change kolab.conf?
    Could i also turn on kolab-webadmin debug for more information?



  • Tradition: help yourself w/o documentation. Just read-read-read python code.

    Solution:

    # ldapmodify -x -D "uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot" -W
    Enter LDAP Password: 
    dn: cn=kolab,cn=config
    changetype: add
    objectClass: top
    objectClass: extensibleobject
    cn: kolab
    
    Ctrl-D
    
    adding new entry "cn=kolab,cn=config"
    
    
    # ldapmodify -x -D "uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot" -W
    Enter LDAP Password: 
    dn: associateddomain=**example.com**,cn=kolab,cn=config
    changetype: add
    objectClass: top
    objectClass: domainrelatedobject
    objectClass: inetdomain
    associatedDomain: **example.com**
    associatedDomain: localhost.localdomain
    associatedDomain: kadmin.example.local
    associatedDomain: localhost
    inetDomainBaseDN: dc=example,dc=local
    
    Crtl-D
    
    adding new entry "associateddomain=example.com,cn=kolab,cn=config"
    


  • But why do you use it in cn=config?
    What if i use multiply external 389ds servers with MM sync? In this case i need to sync conf too?)
    So i moved this object to dc=example,dc=local .



  • Also need to apply acl to cn=kolab,cn=config

    aci: (targetattr = "*") (version 3.0;acl "Kolab Services";allow (read,compare,
    search)(userdn = "ldap:///uid=kolab-service,ou=Special Users,dc=alveus,dc=loc
    al");)



  • and change host configuration in these files
    etc/kolab/kolab.conf
    /etc/postfix/ldap/mailenabled_distgroups.cf
    /etc/postfix/ldap/virtual_alias_maps.cf
    /etc/postfix/ldap/local_recipient_maps.cf:
    /etc/postfix/ldap/mailenabled_dynamic_distgroups.cf
    /etc/postfix/ldap/transport_maps.cf:
    /etc/postfix/ldap/virtual_alias_maps_sharedfolders.cf
    /etc/postfix/ldap/virtual_alias_maps_mailforwarding.cf:
    /etc/postfix/ldap/mydestination.cf
    /etc/amavisd/amavisd.conf
    /etc/kolab-freebusy/config.ini:
    /etc/roundcubemail/config.inc.php
    /etc/roundcubemail/password.inc.php
    /etc/roundcubemail/calendar.inc.php
    /etc/roundcubemail/kolab_auth.inc.php
    /etc/imapd.conf:
    /etc/manticore/local.env.js
    /etc/roundcubemail/kolab_auth.inc.php



  • /etc/roundcubemail/defaults.inc.php



  • @Constin What did you change in that file? config.inc.conf shouldn't do all the magic ?



  • @Dragnell
    Yes, seems that was a mistake. config.inc.conf should overwrite defaults.inc.php



  • 
    $ldapmodify -x -D "uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot" -W
    Enter LDAP Password: 
    dn: cn=config
    changetype: modify
    replace: nsslapd-allow-hashed-passwords
    nsslapd-allow-hashed-passwords: on
    
    Crtl-D
    

Log in to reply