Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » OpenLDAP: Cannot edit LDAP users (Attempting to edit LDAP users causes an error and does not display the edit window.)
  •  
robertflavia

Messages: 100
Karma: -5
Send a private message to this user
We are using OpenLDAP. The users appear in the admin users page. Kerio connect version: 8.3.0.

When attempting to edit an LDAP user (and group) 2 error messages are displayed (see screen shots):

1. "Failed to get user's personal contact."
2. "The item doesn't exist"

The test.1 user is:
========================================================
dn: cn=test.1,dc=flavia,dc=local
objectClass: kerio-Mail-User
objectClass: shadowAccount
objectClass: posixAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
cn: test.1
gidNumber: 1000
homeDirectory: /home/test.1
sn: test.1
uid: test.1
uidNumber: 1001
apple-generateduid: fc50c1cd-1d5f-460f-9f17-4a59c0688be0
description: test.1 user
givenName: test.1
groupMemberShip: TestGroup3
homePostalAddress:: V2lsaGVsbXNow7ZoZXIgQWxsZWUgMjY4JA==
initials: test.1
jpegPhoto:: /9j/4AAQSkZJR/Z
kerio-Mail-AccountEnabled: 1
kerio-Mail-Active: 1
l: Kassel
loginShell: /bin/bash
mail: test.1<_at_>linsvr29.flavia.local
o: flavia
ou: flavia
postalCode: 34141
postOfficeBox: 34141
roomNumber: 1
st: Hessen
street:: V2lsaGVsbXNow7ZoZXIgQWxsZWU=
title: Mr
========================================================

TestGroup3
========================================================
dn: cn=TestGroup3,dc=flavia,dc=local
objectClass: kerio-Mail-Group
objectClass: groupOfNames
cn: TestGroup3
member: cn=test.1,dc=flavia,dc=local
apple-generateduid: c1a7cda1-d704-45d3-8649-2a52f2c3f0f3
description: Alle Mitarbeiter in TestGroup3
kerio-Mail-Active: 1
========================================================


1. Which fields are missing ?
2. Which fields are incorrect ?
3. Is the apple-generateduid correct ?
4. How to troubleshoot?
5. How to get logs?

Kind regards

Robert

  •  
robertflavia

Messages: 100
Karma: -5
Send a private message to this user
Hello,

any ideas how to troubleshoot this?

Kind regards

Robert
  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
What ldapmap file do you use? Did you update also gal_xxx.map file?
  •  
robertflavia

Messages: 100
Karma: -5
Send a private message to this user
Hello Pavel,

attached are the openldap.map and gal_openldap.map files that are used.

Kind regards

Robert

  •  
robertflavia

Messages: 100
Karma: -5
Send a private message to this user
Instead of the apple-generateduid the entryUUID also works. The entryUUID has lower case letters.

mmm... So I'm not sure if what I wrote below is correct.


Looks like Kerio uses the apple-generateduid to search in LDAP and the apple-generateduid must be uppercase in LDAP. I changed the apple-generateduid to upper case and now editting users and groups in kerio works.

I found this in the debug log

27/May/2014 13:22:34][1513] {ldapdb} fc50c1cd-1d5f-460f-9f17-4a59c0688be0: Looking up in cache...
[27/May/2014 13:22:34][1513] {ldapdb} LDAP connection acquired: hostname="10.0.4.17", poolSlot=0. (ThreadId=1513)
[27/May/2014 13:22:34][1513] {ldapdb} LDAP request: action=search, params=" dc=flavia,dc=local??sub?(&(objectclass=kerio-Mail-User)( &(apple-generateduid=FC50C1CD-1D5F-460F-9F17-4A59C0688BE0))(kerio-Mail-Active=*))" (ThreadId=1513)

[Updated on: Wed, 28 May 2014 16:45]

Previous Topic: Junk E-mail setting
Next Topic: Kerio Connect DMZ instructions HOW TO?
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Tue Oct 24 13:15:29 CEST 2017

Total time taken to generate the page: 0.00403 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.