Aller au contenu


Auto provissioning zimbra/ldap externe


  • Veuillez vous connecter pour répondre
7 réponses à ce sujet

#1 matt6015

matt6015

    Membre

  • Membres
  • 10 messages

Posté 01 septembre 2014 - 19:21

Bonjour,

Après avec configuré le GAL + autentification sur LDAP externe avec succès. Je souhaite que lorsque l'on ajoute un user sur le ldap cela s'ajoute automatiquement sur zimbra.

Pour cela j'utilise l'auto provissionning.
Voici les commande que j'utilise:
  • zmprov md projet.fr zimbraAutoProvMode EAGER
  • zmprov md projet.fr zimbraAutoProvBatchSize 20
  • zmprov md projet.fr zimbraAutoProvLdapURL “ldap://192.168.1.121:389″
  • zmprov md projet.fr zimbraAutoProvLdapAdminBindDn “cn=admin,dc=projet,dc=fr”
  • zmprov md projet.fr zimbraAutoProvLdapAdminBindPassword PASSWORD
  • zmprov md projet.fr zimbraAutoProvLdapSearchBase “dc=projet,dc=fr”
  • zmprov md projet.fr zimbraAutoProvLdapSearchFilter “(|(cn=%s*)(sn=%s*)(gn=%s*)(mail=%s*))”
  • zmprov md projet.fr zimbraAutoProvLdapBindDn “%u@%d”
  • zmprov md projet.fr zimbraAutoProvAccountNameMap samAccountName
  • zmprov ms zimbra.projet.fr +zimbraAutoProvScheduledDomains projet.fr
  • zmprov ms zimbra.projet.fr zimbraAutoProvPollingInterval 1m
J'ai essayé de m'inspiré de ceci mais ça ne fonctionne pas.
POuvez vous m'éclairé sur le sujet.

Serveur Zimbra
Zimbra 8.0.7

Serveur LDAP
OPENldap PDC SAmba

Matthieu TROUSSELLE
mail : mattheiu@trousselle.fr
matt6015
zimbra 8.0.5 OSE

#2 matt6015

matt6015

    Membre

  • Membres
  • 10 messages

Posté 01 septembre 2014 - 19:27

Je ne detecte pas d'erreur dans le maibox.log
matt6015
zimbra 8.0.5 OSE

#3 Zimbra Guy

Zimbra Guy

    Zimbra Jedi

  • Modérateurs
  • 5 010 messages
  • LocalisationPlanète Terre

Posté 02 septembre 2014 - 10:54

merci de mettre une signature.
Qu'est-ce qui se passe au moment du provisioning dans les logs ?
Guy Carré, professionel certifié de Zimbra, Contributeur Zimbra
tel : (+33) 2 47 66 60 11 / mail : guy@netixia.fr
https://myzimbra.net / http://www.yaziba.net / http://www.netixia.fr / http://blog.yaziba.net/

#4 matt6015

matt6015

    Membre

  • Membres
  • 10 messages

Posté 03 septembre 2014 - 17:33

Voici les logs obtenu dans le mailbox.log lors de la saisie de la conf:

2014-09-03 18:30:20,255 INFO  [qtp449262134-100:https://127.0.0.1:7071/service/admin/soap/AuthRequest] [] AuthProvider - Adding auth provider: zimbra com.zimbra.cs.service.ZimbraAuthProvider
2014-09-03 18:30:20,415 INFO  [qtp449262134-100:https://127.0.0.1:7071/service/admin/soap/AuthRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - AuthRequest elapsed=71
2014-09-03 18:30:24,035 INFO  [qtp449262134-109:https://127.0.0.1:7071/service/admin/soap/GetDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] account - Initialized access manager: com.zimbra.cs.account.accesscontrol.ACLAccessManager
2014-09-03 18:30:24,052 INFO  [qtp449262134-109:https://127.0.0.1:7071/service/admin/soap/GetDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - GetDomainRequest elapsed=21
2014-09-03 18:30:25,018 INFO  [qtp449262134-100:https://127.0.0.1:7071/service/admin/soap/ModifyDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - ModifyDomainRequest elapsed=9
2014-09-03 18:30:28,157 INFO  [qtp449262134-100:https://127.0.0.1:7071/service/admin/soap/AuthRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - AuthRequest elapsed=2
2014-09-03 18:30:31,759 INFO  [qtp449262134-100:https://127.0.0.1:7071/service/admin/soap/GetDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - GetDomainRequest elapsed=1
2014-09-03 18:30:32,667 INFO  [qtp449262134-105:https://127.0.0.1:7071/service/admin/soap/ModifyDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - ModifyDomainRequest elapsed=4
2014-09-03 18:30:40,682 INFO  [qtp449262134-100:https://127.0.0.1:7071/service/admin/soap/AuthRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - AuthRequest elapsed=1
2014-09-03 18:30:44,192 INFO  [qtp449262134-100:https://127.0.0.1:7071/service/admin/soap/GetDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - GetDomainRequest elapsed=0
2014-09-03 18:30:45,066 INFO  [qtp449262134-100:https://127.0.0.1:7071/service/admin/soap/ModifyDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - ModifyDomainRequest elapsed=2
2014-09-03 18:30:51,020 INFO  [qtp449262134-100:https://127.0.0.1:7071/service/admin/soap/AuthRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - AuthRequest elapsed=1
2014-09-03 18:30:54,485 INFO  [qtp449262134-111:https://127.0.0.1:7071/service/admin/soap/GetDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - GetDomainRequest elapsed=0
2014-09-03 18:30:55,384 INFO  [qtp449262134-109:https://127.0.0.1:7071/service/admin/soap/ModifyDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - ModifyDomainRequest elapsed=2
2014-09-03 18:31:01,547 INFO  [qtp449262134-109:https://127.0.0.1:7071/service/admin/soap/AuthRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - AuthRequest elapsed=1
2014-09-03 18:31:05,039 INFO  [qtp449262134-112:https://127.0.0.1:7071/service/admin/soap/GetDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - GetDomainRequest elapsed=1
2014-09-03 18:31:05,946 INFO  [qtp449262134-111:https://127.0.0.1:7071/service/admin/soap/ModifyDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - ModifyDomainRequest elapsed=3
2014-09-03 18:31:11,259 INFO  [qtp449262134-109:https://127.0.0.1:7071/service/admin/soap/AuthRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - AuthRequest elapsed=1
2014-09-03 18:31:14,729 INFO  [qtp449262134-112:https://127.0.0.1:7071/service/admin/soap/GetDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - GetDomainRequest elapsed=2
2014-09-03 18:31:15,621 INFO  [qtp449262134-112:https://127.0.0.1:7071/service/admin/soap/ModifyDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - ModifyDomainRequest elapsed=2
2014-09-03 18:31:23,009 INFO  [qtp449262134-114:https://127.0.0.1:7071/service/admin/soap/AuthRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - AuthRequest elapsed=3
2014-09-03 18:31:26,501 INFO  [qtp449262134-114:https://127.0.0.1:7071/service/admin/soap/GetDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - GetDomainRequest elapsed=0
2014-09-03 18:31:27,374 INFO  [qtp449262134-112:https://127.0.0.1:7071/service/admin/soap/ModifyDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - ModifyDomainRequest elapsed=3
2014-09-03 18:31:32,411 INFO  [qtp449262134-115:https://127.0.0.1:7071/service/admin/soap/AuthRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - AuthRequest elapsed=1
2014-09-03 18:31:35,873 INFO  [qtp449262134-114:https://127.0.0.1:7071/service/admin/soap/GetDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - GetDomainRequest elapsed=1
2014-09-03 18:31:36,771 INFO  [qtp449262134-111:https://127.0.0.1:7071/service/admin/soap/ModifyDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - ModifyDomainRequest elapsed=6
2014-09-03 18:31:40,771 INFO  [qtp449262134-114:https://127.0.0.1:7071/service/admin/soap/AuthRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - AuthRequest elapsed=2
2014-09-03 18:31:44,203 INFO  [qtp449262134-116:https://127.0.0.1:7071/service/admin/soap/GetDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - GetDomainRequest elapsed=1
2014-09-03 18:31:45,105 INFO  [qtp449262134-115:https://127.0.0.1:7071/service/admin/soap/ModifyDomainRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - ModifyDomainRequest elapsed=1
2014-09-03 18:31:48,547 INFO  [qtp449262134-116:https://127.0.0.1:7071/service/admin/soap/AuthRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - AuthRequest elapsed=2
2014-09-03 18:31:51,975 INFO  [qtp449262134-114:https://127.0.0.1:7071/service/admin/soap/GetServerRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - GetServerRequest elapsed=1
2014-09-03 18:31:52,825 INFO  [qtp449262134-115:https://127.0.0.1:7071/service/admin/soap/ModifyServerRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] autoprov - Starting auto provision thread with sleep interval 15m.
2014-09-03 18:31:52,827 INFO  [qtp449262134-115:https://127.0.0.1:7071/service/admin/soap/ModifyServerRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - ModifyServerRequest elapsed=11
2014-09-03 18:31:52,828 INFO  [AutoProvision] [] autoprov - Auto provision thread sleeping for 300000ms before doing work.
2014-09-03 18:31:59,790 INFO  [qtp449262134-115:https://127.0.0.1:7071/service/admin/soap/AuthRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - AuthRequest elapsed=1
2014-09-03 18:32:05,041 INFO  [qtp449262134-117:https://127.0.0.1:7071/service/admin/soap/GetServerRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - GetServerRequest elapsed=7
2014-09-03 18:32:06,860 INFO  [qtp449262134-119:https://127.0.0.1:7071/service/admin/soap/ModifyServerRequest] [name=zimbra;ip=127.0.0.1;ua=zmprov/8.0.7_GA_6021;] soap - ModifyServerRequest elapsed=39
matt6015
zimbra 8.0.5 OSE

#5 matt6015

matt6015

    Membre

  • Membres
  • 10 messages

Posté 03 septembre 2014 - 17:37

les message concernant l'autoprovission j'ai ceci:

zimbra@Zimbra:~/log$ grep AutoProvision mailbox.log
        at com.zimbra.cs.account.ldap.AutoProvisionLazy.auth(AutoProvisionLazy.java:102)
        at com.zimbra.cs.account.ldap.AutoProvisionLazy.handle(AutoProvisionLazy.java:58)
2014-09-03 18:31:52,828 INFO  [AutoProvision] [] autoprov - Auto provision thread sleeping for 300000ms before doing work.
2014-09-03 18:33:44,353 INFO  [AutoProvision] [] autoprov - Shutting down auto provision thread.
2014-09-03 18:35:09,495 INFO  [AutoProvision] [] autoprov - Auto provision thread sleeping for 300000ms before doing work.
matt6015
zimbra 8.0.5 OSE

#6 matt6015

matt6015

    Membre

  • Membres
  • 10 messages

Posté 03 septembre 2014 - 18:09

test avec ces commande

[ zimbra @ zt root] $ zmprov
prov > md projet.fr zimbraAutoProvMode LAZY
prov > md projet.fr zimbraAutoProvLdapURL ldap://192.168.1.121:389
prov > md projet.fr zimbraAutoProvLdapAdminBindDn "cn=admin,dc=projet,dc=fr"
prov > md projet.fr zimbraAutoProvLdapAdminBindPassword " xxxxxxxx "
prov > md projet.fr zimbraAutoProvLdapSearchFilter " (&(|(objectclass=inetOrgPerson)((memberof=cn=Domain Users,ou=Groups,dc=projet,dc=fr))(uid=%u)) "
prov> md projet.fr zimbraAutoProvLdapSearchBase "ou=Users,dc=projet,dc=fr"
prov> md projet.fr +zimbraAutoProvAttrMap description=description +zimbraAutoProvAttrMap cn=displayName +zimbraAutoProvAttrMap givenName=givenName +zimbraAutoProvAttrMap sn=sn
prov> md projet.fr zimbraAutoProvAuthMech LDAP
prov> exit
[ zimbra @ zt root] $ zmcontrol restart

zimbra@Zimbra:~/log$ grep auto mailbox.log
2014-08-06 16:48:13,469 INFO  [Thread-1] [] autoprov - shutdown() called, but auto provision thread is not running.
2014-08-06 16:56:18,296 INFO  [Thread-1] [] autoprov - shutdown() called, but auto provision thread is not running.
2014-08-07 15:24:44,597 INFO  [qtp449262134-349:http://127.0.0.1:80/service/soap/AuthRequest] [oip=192.168.1.20;ua=zclient/8.0.7_GA_6021;] autoprov - unable to authenticate projet for auto provisioning
        at com.zimbra.cs.account.ldap.LdapProvisioning.autoProvAccountLazy(LdapProvisioning.java:981)
2014-08-07 15:28:49,740 INFO  [qtp449262134-389:https://192.168.1.120:443/service/soap/AutoCompleteRequest] [name=matthieu.trousselle@projet.fr;mid=3;ip=192.168.1.20;ua=ZimbraWebClient - GC36 (Win)/8.0.7_GA_6021;] gal - autocomplete: overall=118ms, ranking=42ms, folder=66ms, gal=10ms
2014-08-07 15:42:21,348 INFO  [Thread-1] [] autoprov - shutdown() called, but auto provision thread is not running.
2014-08-07 16:45:52,615 INFO  [Thread-1] [] autoprov - shutdown() called, but auto provision thread is not running.
2014-09-01 18:11:40,229 INFO  [Thread-1] [] autoprov - shutdown() called, but auto provision thread is not running.
2014-09-03 19:01:04,070 INFO  [Thread-1] [] autoprov - shutdown() called, but auto provision thread is not running.
matt6015
zimbra 8.0.5 OSE

#7 matt6015

matt6015

    Membre

  • Membres
  • 10 messages

Posté 03 septembre 2014 - 19:09

J'ai reussi a synchro les users. Sauf que maintenant zimbra n'arrive pas a me les créer:

2014-09-07 11:35:37,379 WARN  [AutoProvision] [] autoprov - unable to auto create account, dn="cn=projet,ou=Users,dc=projet,dc=fr"
com.zimbra.common.service.ServiceException: system failure: AutoProvision: unable to get localpart: null
ExceptionId:AutoProvision:1410082537379:3d480ab5ae822856
at com.zimbra.cs.account.ldap.AutoProvision.mapName(AutoProvision.java:274)
at com.zimbra.cs.account.ldap.AutoProvisionEager.createAccountBatch(AutoProvisionEager.java:161)
at com.zimbra.cs.account.ldap.AutoProvisionEager.handleBatch(AutoProvisionEager.java:130)
at com.zimbra.cs.account.ldap.AutoProvisionEager.handleScheduledDomains(AutoProvisionEager.java:101)
at com.zimbra.cs.account.AutoProvisionThread.run(AutoProvisionThread.java:148)

matt6015
zimbra 8.0.5 OSE

#8 matt6015

matt6015

    Membre

  • Membres
  • 10 messages

Posté 07 septembre 2014 - 10:40

J'ai reussi a synchro les users. Sauf que maintenant zimbra n'arrive pas a me les créer:

2014-09-07 11:35:37,379 WARN  [AutoProvision] [] autoprov - unable to auto create account, dn="cn=projet,ou=Users,dc=projet,dc=fr"
com.zimbra.common.service.ServiceException: system failure: AutoProvision: unable to get localpart: null
ExceptionId:AutoProvision:1410082537379:3d480ab5ae822856
        at com.zimbra.cs.account.ldap.AutoProvision.mapName(AutoProvision.java:274)
        at com.zimbra.cs.account.ldap.AutoProvisionEager.createAccountBatch(AutoProvisionEager.java:161)
        at com.zimbra.cs.account.ldap.AutoProvisionEager.handleBatch(AutoProvisionEager.java:130)
        at com.zimbra.cs.account.ldap.AutoProvisionEager.handleScheduledDomains(AutoProvisionEager.java:101)
        at com.zimbra.cs.account.AutoProvisionThread.run(AutoProvisionThread.java:148)
matt6015
zimbra 8.0.5 OSE




0 utilisateur(s) li(sen)t ce sujet

0 membre(s), 0 invité(s), 0 utilisateur(s) anonyme(s)