Results 1 to 5 of 5

Thread: [SOLVED] Unable to add user after LDAP mishap

  1. #1
    Join Date
    Feb 2007
    Location
    Austin, TX
    Posts
    110
    Rep Power
    8

    Default [SOLVED] Unable to add user after LDAP mishap

    One of my admins came to me and said they couldn't add an account, but it didn't exist either. In the mailbox.log I found:

    2008-07-17 11:02:37,773 INFO [btpool0-6708] [name=admin@host.domian.com;ip=xx.xx.xx.xx;] SoapEngine - handler exception
    com.zimbra.common.service.ServiceException: system failure: unable to get account after creating LDAP account entry: admin@otherdomain.com, check ldap log for possible BDB deadlock
    Code:service.FAILURE
    at com.zimbra.common.service.ServiceException.FAILURE (ServiceException.java:183)
    at com.zimbra.cs.account.ldap.LdapProvisioning.create Account(LdapProvisioning.java:763)
    ....
    ....
    (cont'd)

    I can't pull zimbra.logs because that partition had very recently filled up and so I have no zimbra.log from that period. I have since cleaned up the partition and restarted my zimbra.log.

    From the CLI we see very unlogical behavior:

    [zimbra@host ~]$ zmprov ga admin@otherdomain.com
    ERROR: account.NO_SUCH_ACCOUNT (no such account: admin@otherdomain.com)
    [zimbra@host ~]$ zmprov ca admin@otherdomain.com abcd1234
    ERROR: account.ACCOUNT_EXISTS (email address already exists: admin@otherdomain.com)
    [zimbra@host ~]$ zmprov da admin@otherdomain.com
    ERROR: account.NO_SUCH_ACCOUNT (no such account: admin@otherdomain.com)


    Any ideas?
    Peter LeBlond
    Product Development Engineer
    http://www.mxtoolbox.com


  2. #2
    Join Date
    Mar 2007
    Location
    Austin
    Posts
    441
    Rep Power
    8

    Default

    It's possible that there is some extraneous info in your LDAP. You might want to look through the tree and see if that account/email name exists in there, and try to remove it.

    I haven't tried to edit the Zimbra LDAP tree myself before, so I can't say what you'll have to do exactly. Even then, obviously I'd recommend backing things up before poking at the internals.

  3. #3
    Join Date
    Feb 2007
    Location
    Austin, TX
    Posts
    110
    Rep Power
    8

    Default

    What tools / commands do you use / recommend to look at the LDAP tree?
    Peter LeBlond
    Product Development Engineer
    http://www.mxtoolbox.com


  4. #4
    Join Date
    Mar 2007
    Location
    Austin
    Posts
    441
    Rep Power
    8

    Default

    I normally use the CLI tools such as ldapsearch, ldapmodify, etc. You can have it spit out the entire tree using 'ldapsearch -x -h <host>'.

  5. #5
    Join Date
    Feb 2007
    Location
    Austin, TX
    Posts
    110
    Rep Power
    8

    Default

    Here's what support sent to me.

    $ldapsearch -x -h `zmhostname` -D cn=config -w `zmlocalconfig -s -m nokey zimbra_ldap_password` "admin@otherdomain.com"
    I had to pipe this to grep to find the dn for the account.

    Once you get the dn of alias account, you can do ldapdelete:
    $ ldapdelete -x -v -h `zmhostname` -D "cn=config" -w `zmlocalconfig -s -m nokey zimbra_ldap_password`<dn that you get from executing above mentioned ldapsearch>
    I initially tried this with the <> characters, but then realized that they are not literal. My command looked like this

    ldapdelete -x -v -h `zmhostname` -D "cn=config" -w `zmlocalconfig -s -m nokey zimbra_ldap_password` uid=admin,ou=people,dc=otherdomain,dc=com
    Peter LeBlond
    Product Development Engineer
    http://www.mxtoolbox.com


Similar Threads

  1. Replies: 21
    Last Post: 02-04-2010, 10:06 AM
  2. DNS Questions and Trouble Installing
    By smurraysb in forum Installation
    Replies: 22
    Last Post: 03-14-2008, 04:27 PM
  3. Post instsallation problems
    By Assaf in forum Installation
    Replies: 14
    Last Post: 01-29-2007, 11:38 AM
  4. Getting problems in FC4 while instalation
    By kitty_bhoo in forum Installation
    Replies: 13
    Last Post: 09-12-2006, 11:34 PM
  5. Fedora Core 3, Clean Install - Not working!
    By pcjackson in forum Installation
    Replies: 17
    Last Post: 03-05-2006, 07:38 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •