From: Rob T. <ro...@op...> - 2008-03-02 10:44:47
|
Hi Jamie, Wow, this is the kind of documentation I was thinking of writing. I have never seen this. I hope it is quiet recent, otherwise I am getting a little blind :-). I thought I walked through all of your documentation. I will test it properly on a client and server model running a basic CentOS 5.1 and let you know everything I ran into when it's finished. It will probably take me some hours, but I think it is worth the effort. Thanks again. Rob Tielen Van: web...@li... [mailto:web...@li...] Namens Jamie Cameron Verzonden: zondag 2 maart 2008 2:12 Aan: Webmin users list Onderwerp: Re: [webmin-l] Virtualmin and LDAP Hi Rob, I think I know the underlying cause of this problem now - Webmin should give new users the person object class, and set sn automatically. This appears to be mandatory in more recent versions of the LDAP schema.. By the way, I've created some docs on using Virtualmin <http://www.virtualmin.com/documentation/id,combining_virtualmin_and_ldap/> and LDAP that others may find useful. They cover the steps that worked for me, but feedback on alternate setups is welcome. The URL is : http://www.virtualmin.com/documentation/id,combining_virtualmin_and_ldap/ - Jamie On 29/Feb/2008 10:35 Rob Tielen wrote .. Hello Jamie, That solved the LDAP Users and Groups problem created in an earlier step. So I was back to the original problem. All these fixes didn't solve the problem. However, I got Virtualmin running. And probably all of these fixes have changed something. Because during testing, I got a bit sloppy and didn't enter any description in the virtualmin description field. This was the major problem. When I started looking around in the code, I found that Virtualmin description is for LDAP the real name. So finally, thanks to all changes and filling in a description I have LDAP in virtualmin working. Thanks a lot for all your help. Rob Tielen Van: web...@li... [mailto:web...@li...] Namens Jamie Cameron Verzonden: vrijdag 29 februari 2008 6:58 Aan: Webmin users list Onderwerp: Re: [webmin-l] Virtualmin and LDAP This FAQ page was useful : http://www.openldap.org/faq/data/cache/1385.html Basically, the real problem is that your LDAP users don't have a structural object class. The fix should be to go to the Module Config page, clear out the Object class to add for given name? field, and enter inetOrgPerson into the Other objectClasses to add to new users field. - Jamie On 28/Feb/2008 17:30 Rob Tielen wrote .. Hi Jamie, I'm using webmin 1.400 and virtualmin 3.522. The ldap-useradmin config is: . That's it. Rob Tielen Van: web...@li... [mailto:web...@li...] Namens Jamie Cameron Verzonden: vrijdag 29 februari 2008 2:17 Aan: Webmin users list Onderwerp: Re: [webmin-l] Virtualmin and LDAP Hi Rob, Could you post the contents of your /etc/webmin/ldap-useradmin/config file (minus any passwords) ? I'd like to see if there are any other settings that could be causing problems .. Also, you have the latest Webmin and Virtualmin versions, right? - Jamie On 28/Feb/2008 15:50 Rob Tielen wrote .. Hi Jamie, Yes, when I don't fill in the surname field, I get Failed to add user to LDAP database : no structuralObjectClass operational attribute. And yes, I added it to the correct field: LDAP properties for all new users. Rob Tielen Van: web...@li... [mailto:web...@li...] Namens Jamie Cameron Verzonden: vrijdag 29 februari 2008 0:04 Aan: Webmin users list Onderwerp: Re: [webmin-l] Virtualmin and LDAP Hi Rob, Do you get an error if you don't fill in the surname field when adding a new user in the LDAP Users and Groups module? Also, are you sure you added sn: unknown to LDAP properties for all new users and not modified users ? - Jamie On 28/Feb/2008 14:22 Rob Tielen wrote .. Hello Jamie, First of all thanks for all the effort you put in helping all of us. Maybe I can spend some hours to help you (e.g. creating howto's or extra help pages in Dutch or English). About the problem: unfortunately it doesn't help. I have added to LDAP properties for all new users field sn: unknown. This didn't help, so I went back to LDAP users and groups and tried to add a user without a surname (sn). My expectation was that this user would be added with an sn of unknown (like if I filled in the lastname field), but it didn't. Then I filled in a surname (xyz) and the entry was added to the ldap directory with a surname of: unknown xyz. It appears to me that the existence of surname is checked and if it is not available, the entry is rejected. When it is available, then the LDAP properties for all new users is added to the sn property. Thanks again for your answer. Rob Tielen Van: web...@li... [mailto:web...@li...] Namens Jamie Cameron Verzonden: donderdag 28 februari 2008 21:59 Aan: Webmin users list Onderwerp: Re: [webmin-l] Virtualmin and LDAP On 28/Feb/2008 10:17 Rob Tielen wrote .. Hello, I have got virtualmin running and try to add users to an LDAP directory. Everything works fine with LDAP users and groups when I switch on: Show fields for given name and surname and give a username in Last Name. Unfortunately when I use virtualmin to add a new domain (and user), it fails: with failed to create administration user! Virtualmin version is 3.522, webmin version 1.400. Do you have any hints for me how to solve this problem? This suggests that your LDAP schema requires that the 'sn' attribute by set. You can have it do this automatically as follows : 1. Go to the LDAP Users and Groups module, and click on Module Config. 2. In the LDAP properties for all new users field, enter something like : sn: Unknown 3. Click Save, then re-try creating a domain in Virtualmin. - Jamie |