Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Zimbra + Samba --> add new user failed...

  1. #1
    Join Date
    Jul 2008
    Posts
    1
    Rep Power
    7

    Question Zimbra + Samba --> add new user failed...

    Hi,
    I have read both "UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI" and "Zimbra Integration With Samba - Ubuntu Based (Similar To AD And Exchange)" carefully.
    Then I followed the instructions in "UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI".

    I am running ZCS_5.0.7_GA_2444_DEBIAN4.0.20080626025055.tgz on Debian 4.0.

    Almost everything works fine:
    • Samba Domain is recognized in Zimbra Admin.
    • Samba Group & Posix Group is created successfully.
    • PosixAccount attributes are added to the previously established users.
    • A Windows XP machine is added into the Domain.
    • I can even login this domain on that XP machine with previously established users.


    But I just can't add a new user successfully.
    When I click on finish in the last step adding new user, I got error message like this:

    Message: createAccount invalid attr value: [LDAP: error code 21 - objectClass: value #4 invalid per syntax] Error code: account.INVALID_ATTR_VALUE Method: CreateAccountRequest Details:soap:Sender

    I tried to capture the more information via firebug. Here is what I got
    Code:
    <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
    <soap:Header>
    <context xmlns="urn:zimbra">
    <userAgent xmlns="" name="ZimbraWebClient - FF3.0 (Win)"/>
    <sessionId xmlns="" id="34"/>
    <format xmlns="" type="js"/>
    <authToken xmlns="">
    0_5eaf96452bed647931b54b7e4ed821fc2fde25f0_69643d33363a66323963313363642d366366302d346235342d623835642d3133363466323734636465343b6578703d31333a313231353233303336383737373b61646d696e3d313a313b747970653d363a7a696d6272613b6d61696c686f73743d31363a3139322e3136382e31302e31393a38303b
    </authToken>
    </context>
    </soap:Header>
    <soap:Body>
    <CreateAccountRequest xmlns="urn:zimbraAdmin">
    <name xmlns="">
    some.one@qsan.com.tw
    </name>
    <a xmlns="" n="zimbraAccountStatus">
    active
    </a>
    <a xmlns="" n="displayName">
    Some One
    </a>
    <a xmlns="" n="givenName">
    Some
    </a>
    <a xmlns="" n="sn">
    One
    </a>
    <a xmlns="" n="uidNumber">
    10003
    </a>
    <a xmlns="" n="homeDirectory">
    /home/some.one
    </a>
    <a xmlns="" n="gidNumber">
    10001
    </a>
    <a xmlns="" n="loginShell">
    /bin/bash
    </a>
    <a xmlns="" n="sambaDomainName">
    QSANRD
    </a>
    <a xmlns="" n="sambaSID">
    S-1-5-21-2334677307-2305862619-932033516-21006
    </a>
    <a xmlns="" n="sambaAcctFlags">
    [UX]
    </a>
    </CreateAccountRequest>
    </soap:Body>
    </soap:Envelope>
    Code:
    Body: {
      Fault: {
        Code: {
          Value: "soap:Sender"
         },
        Detail: {
          Error: {
            Code: "account.INVALID_ATTR_VALUE",
            Trace: "btpool0-4:1215183282015:65cd72329e364bb9",
            _jsns: "urn:zimbra"
           }
         },
        Reason: {
          Text: "createAccount invalid attr value: [LDAP: error code 21 - objectClass: value #4 invalid per syntax]"
         }
       }
     },
    Header: {
      context: {
        _jsns: "urn:zimbra",
        change: {
          token: 702
         },
        sessionId: [
          0: {
            _content: "34",
            id: "34",
            type: "admin"
           }
         ]
       }
     },
    _jsns: "urn:zimbraSoap"
    Code:
    code: "account.INVALID_ATTR_VALUE",
    detail: "soap:Sender",
    method: "CreateAccountRequest",
    msg: "createAccount invalid attr value: [LDAP: error code 21 - objectClass: value #4 invalid per syntax]",
    trace: "btpool0-4:1215183282015:65cd72329e364bb9"
    I have no idea about what makes things wrong. Can anyone give me some hint about that?
    Thanks.

    BR,
    kmluoh

  2. #2
    Join Date
    Mar 2007
    Location
    Vancouver, Canada
    Posts
    34
    Rep Power
    8

    Exclamation

    I am running into the same issue when I add a user. I am running Release 5.0.6_GA_2313.UBUNTU6 UBUNTU6 NETWORK edition. Does anyone have a fix for this?

    I urgently need to add a new user.

  3. #3
    Join Date
    Mar 2007
    Location
    Vancouver, Canada
    Posts
    34
    Rep Power
    8

    Default

    Here is the details of the version, the extra object classes and log information with the stack trace. I am troubled that the log states "checkValue: no attribute info for: loginShell|gidNumber|sambaAcctFlags|homeDirectory| uidNumber|sambaSID|sambaDomainName since I had those all filled in the interface.

    Code:
    zimbra@whistler:~$ zmcontrol -v
    
    Release 5.0.6_GA_2313.UBUNTU6 UBUNTU6 NETWORK edition
    
    zimbra@whistler:~$  /opt/zimbra/bin/zmprov gacf | grep zimbraAccountExtraObjectClass
    zimbraAccountExtraObjectClass: amavisAccount
    zimbraAccountExtraObjectClass: posixAccount
    zimbraAccountExtraObjectClass: sambaAccount
    zimbraAccountExtraObjectClass: sambaSamAccount
    zimbra@whistler:~$
    Code:
    2008-09-28 22:40:56,529 INFO  [btpool0-280] [name=jmacdonald@novadx.com;mid=8;ip=10.5.6.26;ua=ZimbraWebClient - FF1.5 (Linux);] soap - CreateAccountRequest
    2008-09-28 22:40:56,533 WARN  [btpool0-280] [name=jmacdonald@novadx.com;mid=8;ip=10.5.6.26;ua=ZimbraWebClient - FF1.5 (Linux);] misc - checkValue: no attribute info for: loginShell
    2008-09-28 22:40:56,533 WARN  [btpool0-280] [name=jmacdonald@novadx.com;mid=8;ip=10.5.6.26;ua=ZimbraWebClient - FF1.5 (Linux);] misc - checkValue: no attribute info for: gidNumber
    2008-09-28 22:40:56,533 WARN  [btpool0-280] [name=jmacdonald@novadx.com;mid=8;ip=10.5.6.26;ua=ZimbraWebClient - FF1.5 (Linux);] misc - checkValue: no attribute info for: sambaAcctFlags
    2008-09-28 22:40:56,533 WARN  [btpool0-280] [name=jmacdonald@novadx.com;mid=8;ip=10.5.6.26;ua=ZimbraWebClient - FF1.5 (Linux);] misc - checkValue: no attribute info for: homeDirectory
    2008-09-28 22:40:56,533 WARN  [btpool0-280] [name=jmacdonald@novadx.com;mid=8;ip=10.5.6.26;ua=ZimbraWebClient - FF1.5 (Linux);] misc - checkValue: no attribute info for: uidNumber
    2008-09-28 22:40:56,533 WARN  [btpool0-280] [name=jmacdonald@novadx.com;mid=8;ip=10.5.6.26;ua=ZimbraWebClient - FF1.5 (Linux);] misc - checkValue: no attribute info for: sambaSID
    2008-09-28 22:40:56,533 WARN  [btpool0-280] [name=jmacdonald@novadx.com;mid=8;ip=10.5.6.26;ua=ZimbraWebClient - FF1.5 (Linux);] misc - checkValue: no attribute info for: sambaDomainName
    2008-09-28 22:40:56,536 INFO  [btpool0-280] [name=jmacdonald@novadx.com;mid=8;ip=10.5.6.26;ua=ZimbraWebClient - FF1.5 (Linux);] SoapEngine - handler exception
    com.zimbra.cs.account.AccountServiceException: createAccount invalid attr value: [LDAP: error code 21 - objectClass: value #4 invalid per syntax]
    ExceptionId:btpool0-280:1222666856535:e60e0984f463689f
    Code:account.INVALID_ATTR_VALUE
            at com.zimbra.cs.account.AccountServiceException.INVALID_ATTR_VALUE(AccountServiceException.java:161)
            at com.zimbra.cs.account.ldap.ZimbraLdapContext.createEntry(ZimbraLdapContext.java:523)
            at com.zimbra.cs.account.ldap.LdapProvisioning.createAccount(LdapProvisioning.java:748)
            at com.zimbra.cs.account.ldap.LdapProvisioning.createAccount(LdapProvisioning.java:597)
            at com.zimbra.cs.service.admin.CreateAccount.handle(CreateAccount.java:58)
            at com.zimbra.soap.SoapEngine.dispatchRequest(SoapEngine.java:410)
            at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.java:267)
            at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.java:159)
            at com.zimbra.soap.SoapServlet.doPost(SoapServlet.java:266)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
            at com.zimbra.cs.servlet.ZimbraServlet.service(ZimbraServlet.java:189)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
            at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487)
            at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1093)
            at org.mortbay.servlet.UserAgentFilter.doFilter(UserAgentFilter.java:81)
            at org.mortbay.servlet.GzipFilter.doFilter(GzipFilter.java:132)
            at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
            at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)
            at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
            at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
            at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:716)
            at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:406)
            at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:211)
            at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
            at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)
            at org.mortbay.jetty.handler.rewrite.RewriteHandler.handle(RewriteHandler.java:350)
            at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)
            at org.mortbay.jetty.Server.handle(Server.java:313)
            at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:506)
            at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:844)
            at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:644)
            at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:205)
            at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:381)
            at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:396)
            at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:442)
    Caused by: javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 21 - objectClass: value #4 invalid per syntax]; remaining name 'uid=mattisha,ou=people,dc=novadx,dc=com'
            at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2998)
            at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)
            at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737)
            at com.sun.jndi.ldap.LdapCtx.c_createSubcontext(LdapCtx.java:770)
            at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_createSubcontext(ComponentDirContext.java:319)
            at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:248)
            at javax.naming.directory.InitialDirContext.createSubcontext(InitialDirContext.java:183)
            at com.zimbra.cs.account.ldap.ZimbraLdapContext.createEntry(ZimbraLdapContext.java:515)
            ... 33 more
    When I try at the command line I get the same result:
    Code:
    zimbra@whistler:~$ zmprov ca mattisha@novadx.com Sekret  
    ERROR: account.INVALID_ATTR_VALUE (createAccount invalid attr value: [LDAP: error code 21 - objectClass: value #4 invalid per syntax])
    zimbra@whistler:~$
    I use Zimbra to manage the Samba accounts so this is critical...

  4. #4
    Join Date
    Mar 2007
    Location
    Vancouver, Canada
    Posts
    34
    Rep Power
    8

    Unhappy

    I upgraded to Release 5.0.9_GA_2533.UBUNTU6 UBUNTU6 NETWORK edition and (after fixing the slapd.conf.in file) the problem persists.

  5. #5
    Join Date
    Mar 2007
    Location
    Vancouver, Canada
    Posts
    34
    Rep Power
    8

    Default

    I also undeployed the posix and samba extensions, then redployed with latest versions (with the ldapSuffix fixe in config_templated) and still no result

  6. #6
    Join Date
    Feb 2007
    Location
    Portland, OR
    Posts
    1,147
    Rep Power
    10

    Default

    Have you tried creating an account using the Admin UI and clicking next till you get to the posix/samba account settings?

    A command like "zmprov ca mattisha@novadx.com Sekret" is going to fail as you are missing required information (The posix/samba information)

    Edit:
    Also it looks like you possibly have not imported the samba/nis(posix) schema into your Zimbra LDAP.
    Please try the first part of step 9 here: Zimbra Integration With Samba - Ubuntu Based (Similar To AD And Exchange) - Page 2 again.
    Last edited by ArcaneMagus; 09-29-2008 at 09:04 AM.

  7. #7
    Join Date
    Mar 2007
    Location
    Vancouver, Canada
    Posts
    34
    Rep Power
    8

    Default

    Yes, that was my initial attempt. The zmprov was just a hack to see what happened, and it gave the same error message.

  8. #8
    Join Date
    Mar 2007
    Location
    Vancouver, Canada
    Posts
    34
    Rep Power
    8

    Default

    Here's a screen shot of the last attempt. I noticed that there is no NT Password set. Should there be?
    Attached Images Attached Images

  9. #9
    Join Date
    Feb 2007
    Location
    Portland, OR
    Posts
    1,147
    Rep Power
    10

    Default

    The NT password is generated from the password you entered at the beginning when you finish creating the account so you don't need to worry about that.

    As far as your problem...if you have the posix and samba extensions to your schema installed (not the admin ui extensions) then I have no idea sorry

  10. #10
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,285
    Rep Power
    10

    Default

    Quote Originally Posted by kmluoh View Post
    I tried to capture the more information via firebug. Here is what I got
    Code:
    <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
    <soap:Header>
    <context xmlns="urn:zimbra">
    <userAgent xmlns="" name="ZimbraWebClient - FF3.0 (Win)"/>
    <sessionId xmlns="" id="34"/>
    <format xmlns="" type="js"/>
    <authToken xmlns="">
    0_5eaf96452bed647931b54b7e4ed821fc2fde25f0_69643d33363a66323963313363642d366366302d346235342d623835642d3133363466323734636465343b6578703d31333a313231353233303336383737373b61646d696e3d313a313b747970653d363a7a696d6272613b6d61696c686f73743d31363a3139322e3136382e31302e31393a38303b
    </authToken>
    </context>
    </soap:Header>
    <soap:Body>
    <CreateAccountRequest xmlns="urn:zimbraAdmin">
    <name xmlns="">
    some.one@qsan.com.tw
    </name>
    <a xmlns="" n="zimbraAccountStatus">
    active
    </a>
    <a xmlns="" n="displayName">
    Some One
    </a>
    <a xmlns="" n="givenName">
    Some
    </a>
    <a xmlns="" n="sn">
    One
    </a>
    <a xmlns="" n="uidNumber">
    10003
    </a>
    <a xmlns="" n="homeDirectory">
    /home/some.one
    </a>
    <a xmlns="" n="gidNumber">
    10001
    </a>
    <a xmlns="" n="loginShell">
    /bin/bash
    </a>
    <a xmlns="" n="sambaDomainName">
    QSANRD
    </a>
    <a xmlns="" n="sambaSID">
    S-1-5-21-2334677307-2305862619-932033516-21006
    </a>
    <a xmlns="" n="sambaAcctFlags">
    [UX]
    </a>
    </CreateAccountRequest>
    </soap:Body>
    </soap:Envelope>
    I have no idea about what makes things wrong. Can anyone give me some hint about that?
    Thanks.

    BR,
    kmluoh
    The soap trace above doesn't show what objectClass values were supplied, thus no useful information can be derived from it.

    --Quanah
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

Similar Threads

  1. [SOLVED] parts_decode_ext error
    By jsabater in forum Administrators
    Replies: 7
    Last Post: 10-13-2008, 07:24 AM
  2. Error loading on Mac OS X 10.4.10 server PPC
    By qprcanada in forum Installation
    Replies: 7
    Last Post: 10-26-2007, 06:25 AM
  3. 4.5 Upgrade failure
    By brained in forum Installation
    Replies: 9
    Last Post: 03-03-2007, 02:30 PM
  4. Services stopped working
    By lilwong in forum Administrators
    Replies: 4
    Last Post: 08-15-2006, 09:19 AM
  5. 3.1 on FC4 problems
    By cohnhead in forum Installation
    Replies: 8
    Last Post: 05-26-2006, 11:16 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •