Premium User or Standard User

[kurtbe]

here you are, (cutted comments, lines are rapped but all is in one line)

EDIT_PROMPT=JAVA_HOME EX_HOST EX_LOGON EX_PASS IM_HOST IM_CAA_URL IM_CAA_KEYSTORE IM_CAA_NAME IM_CAA_PASS EX_BASE1 EX_BASE2 EX_BASE3 IM_OMADDRESS

TYPE_ID=13
SYNC_ID=ldapsync
JAVA_HOME=/usr/java/jre1.5.0_04

EX_HOST=opendap.local
EX_PORT=389
EX_LOGON=cn=admin,dc=test,dc=local
EX_PASS=
IM_HOST=scalix.local
IM_CAA_URL=http://scalix.local/caa/
IM_CAA_KEYSTORE=
IM_CAA_ID=12345
IM_CAA_NAME=sxadmin
IM_CAA_PASS=
IM_DELETE_MAILBOX=TRUE


EX_SCALIX_ATTRS=SCALIXHIDEUSERENTRY SCALIXMAILBOXCLASS SCALIXLIMITMAILBOXSIZE SCALIXLIMITOUTBOUNDMAIL SCALIXLIMITINBOUNDMAIL SCALIXLIMITNOTIFYUSER EX_SCALIX_MAILBOX EX_SCALIX_MAILNODE EX_SCALIX_MSGLANG EX_SCALIX_ADMIN EX_SCALIX_MBOXADMIN


EX_SCALIX_MAILBOX=scalixScalixObject
EX_SCALIX_MAILNODE=scalixMailnode
EX_SCALIX_MSGLANG=scalixServerLanguage
EX_SCALIX_ADMIN=scalixAdministrator
EX_SCALIX_MBOXADMIN=scalixMailboxAdministrator
SCALIXHIDEUSERENTRY=scalixHideUserEntry
SCALIXMAILBOXCLASS=scalixMailboxClass
SCALIXLIMITMAILBOXSIZE=scalixLimitMailboxSize
SCALIXLIMITOUTBOUNDMAIL=scalixLimitOutboundMail
SCALIXLIMITINBOUNDMAIL=scalixLimitInboundMail
SCALIXLIMITNOTIFYUSER=scalixLimitNotifyUser


EX_ATTR={SCALIXHIDEUSERENTRY} ${SCALIXMAILBOXCLASS} ${SCALIXLIMITMAILBOXSIZE} ${SCALIXLIMITOUTBOUNDMAIL} ${SCALIXLIMITINBOUNDMAIL} ${SCALIXLIMITNOTIFYUSER} ${EX_SCALIX_MAILBOX} ${EX_SCALIX_MAILNODE} ${EX_SCALIX_MSGLANG} ${EX_SCALIX_ADMIN} ${EX_SCALIX_MBOXADMIN} member dn uid objectClass displayName sn givenname initials mail entryUUID cn scalixEmailAddress facsimileTelephoneNumber homephone streetAddress st telephoneNumber title company departmen t description mobile pager physicalDeliveryOfficeName postalCode secretary

EX_BASE1=ou=users,dc=test,dc=local
EX_FILTER=(|(&(objectclass=inetOrgPerson)(mail=*))(&(objectclass=groupOfNames)(mail=*)))
IM_OMADDRESS=/internet
IM_MV_ATTR=objectClass INTERNET-ADDR omMemberForeignAddr
EX_GUID=entryUUID
LDAPCT_BIN_ATT=
EX_PAGESIZE=1000


IM_MAPPING_TABLE=

${SCALIXHIDEUSERENTRY}|EX-CDA-DIRECTORY|TRUE|1
${SCALIXHIDEUSERENTRY}|EX-CDA-DIRECTORY|FALSE|
${SCALIXMAILBOXCLASS}|UL-CLASS|*|*
${SCALIXLIMITMAILBOXSIZE}|scalixLimitMailboxSize|*|*
${SCALIXLIMITOUTBOUNDMAIL}|scalixLimitOutboundMail|*|*
${SCALIXLIMITINBOUNDMAIL}|scalixLimitInboundMail|*|*
${SCALIXLIMITNOTIFYUSER}|scalixLimitNotifyUser|*|*
${EX_SCALIX_MAILBOX}|omMailbox|*|*
${EX_SCALIX_MAILNODE}|omMailnode|*|*
${EX_SCALIX_MSGLANG}|UL-IL|*|*
${EX_SCALIX_ADMIN}|ADMIN|*|*
${EX_SCALIX_MBOXADMIN}|MBOXADMIN|*|*


objectClass|*|groupOfNames|distributionList
objectClass|*|inetOrgPerson|organizationalPerson
objectClass||*|#ignore others


dn|*|*|*
entryUUID|GLOBAL-UNIQUE-ID|*|*
displayName|CN|*,1,64|*
cn|CN|*,1,64!ISMISSING=displayName|*
cn||*|#suppress it otherwise
initials|I|*,1,5|*
sn|S|*,1,40|*
cn|S|*,1,40!ISMISSING=sn|*
given name is mapped if surname is present
givenName|G|*,1,16!ISPRESENT=sn|*
givenName||*|#suppress it otherwise
mail|INTERNET-ADDR|*,1,512|*
dn|FOREIGN-ADDR|*,1,512|*
member|omMemberForeignAddr|*|*
uid|UL-AUTHID|*|*




facsimileTelephoneNumber|FAX|*,1,32|!CUSTOM=TO_PS_STR
homephone|HOME-PHONE|*,1,32|!CUSTOM=TO_PS_STR
street|STREET-ADDRESS|*,1,128|!REPLACE=\033J|\012
st|STATE-OR-PROVINCE|*,1,128|*
telephoneNumber|PHONE-1|*,1,32|!CUSTOM=TO_PS_STR
title|TITLE|*,1,128|*
co|CNTRY|*,1,2|*
company|EMPL-ORG|*,1,64|*
departmentNumber|EMPL-DEPT|*,1,32|*
description|ENTRY-DESC|*,1,1024|!REPLACE=\033J|\012
l|L|*,1,128|*
mobile|MOBILE-PHONE|*,1,32|!CUSTOM=TO_PS_STR
pager|PAGER-PHONE|*,1,32|!CUSTOM=TO_PS_STR
physicalDeliveryOfficeName|PD-OFFICE-NAME|*,1,128|*
postalCode|POSTAL-CODE|*,1,40|*
=END_MAPPING_TABLE



dn:uid=ttest,ou=Users,dc=test,dc=local
cn: ttest
uid: ttest
uidNumber: 1011
homeDirectory: /home/ttest
loginShell: /bin/bash
gecos: System User
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaSID: S-1-5-21-1568942984-1493428221-2692030887-3022
sambaPrimaryGroupSID: S-1-5-21-1568942984-1493428221-2692030887-513
sambaLogonScript: logon.bat
sambaHomeDrive: P:
sambaLMPassword: 1E6C043AA467B16ACAAD3B435B51404EE
sambaAcctFlags: [U]
sambaNTPassword: 036EA4696AA728C7259A5C78B8C83834A
sambaPwdLastSet: 1159436956
sambaPwdMustChange: 1167990556
userPassword: {CRYPT}.aQOYYeaQ/Nbk
gidNumber: 1006
description: Test Test
displayName: Test Test
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSamAccount
objectClass: scalixUserClass
scalixMailnode: scalix,test
scalixServerLanguage: ENGLISH
scalixMailboxClass: FULL
scalixScalixObject: TRUE
sn: Test
givenName: Test
mail: "TEST TEST" <test@scalix.local>
scalixAdministrator: FALSE

omsearch -e ou1=* | grep ttest
CN=Test Test/G=Test/S=Test/OU1=internet/UL-AUTHID=ttest/FOREIGN-ADDR=uid\=ttest,ou\=users,dc\=scalix,dc\=local/INTERNET-ADDR="TEST TEST" <test@scalix.local>

[davidz]

I'm no expert but the only line that looks strange is your EX_ATTR:

EX_ATTR={SCALIXHIDEUSERENTRY} ${SCALIXMAILBOXCLASS} ${SCALIXLIMITMAILBOXSIZE} ${SCALIXLIMITOUTBOUNDMAIL} ${SCALIXLIMITINBOUNDMAIL} ${SCALIXLIMITNOTIFYUSER} ${EX_SCALIX_MAILBOX} ${EX_SCALIX_MAILNODE} ${EX_SCALIX_MSGLANG} ${EX_SCALIX_ADMIN} ${EX_SCALIX_MBOXADMIN} member dn uid objectClass displayName sn givenname initials mail entryUUID cn scalixEmailAddress facsimileTelephoneNumber homephone streetAddress st telephoneNumber title company departmen t description mobile pager physicalDeliveryOfficeName postalCode secretary

Here is mine:

Code: Select all

EX_ATTR=scalixHideUserEntry scalixMailboxClass scalixLimitMailboxSize scalixLimitOutboundMail scalixLimitInboundMail scalixLimitNotifyUser scalixScalixObject scalixMailnode scalixServerLanguage scalixAdministrator scalixMailboxAdministrator member dn uid objectClass displayName sn givenname initials mail entryUUID cn scalixEmailAddress facsimileTelephoneNumber homephone streetAddress st telephoneNumber title company department description  mobile pager physicalDeliveryOfficeName postalCode secretary

I'm not sure about the brackets '{}' and the symbols '$', so I would suggest to try removing them.

[kurtbe]

Ahh great, now I have an error:

<message>CN=Test Test/G=Test/S=Test/OU1=internet/UL-AUTHID=ttest/scalixScalixObject=TRUE/GLOBAL-UNIQUE-ID=15830a68-ecce-102a-943c-8236c1ab552e/FOREIGN-ADDR=uid\=ttest,ou\=users,dc\=bendlin,dc\=biz/INTERNET-ADDR=test@test [OM 16073] Unknown attribute specified. Parameter : Entry Attribute : scalixScalixObject :scalix.local</message>
<errorcode>OM 16073</errorcode>


I'm looking forward and will reply on results ...

[davidz]

It also looks like this seciton has the {} and $ symbols:

M_MAPPING_TABLE=

${SCALIXHIDEUSERENTRY}|EX-CDA-DIRECTORY|TRUE|1
${SCALIXHIDEUSERENTRY}|EX-CDA-DIRECTORY|FALSE|
${SCALIXMAILBOXCLASS}|UL-CLASS|*|*
${SCALIXLIMITMAILBOXSIZE}|scalixLimitMailboxSize|*|*
${SCALIXLIMITOUTBOUNDMAIL}|scalixLimitOutboundMail|*|*
${SCALIXLIMITINBOUNDMAIL}|scalixLimitInboundMail|*|*
${SCALIXLIMITNOTIFYUSER}|scalixLimitNotifyUser|*|*
${EX_SCALIX_MAILBOX}|omMailbox|*|*
${EX_SCALIX_MAILNODE}|omMailnode|*|*
${EX_SCALIX_MSGLANG}|UL-IL|*|*
${EX_SCALIX_ADMIN}|ADMIN|*|*
${EX_SCALIX_MBOXADMIN}|MBOXADMIN|*|*

Here is how mine looks:

Code: Select all

IM_MAPPING_TABLE=
# scalix reserved attributes
scalixHideUserEntry|EX-CDA-DIRECTORY|TRUE|1
scalixHideUserEntry|EX-CDA-DIRECTORY|FALSE|
scalixMailboxClass|UL-CLASS|*|*
scalixLimitMailboxSize|scalixLimitMailboxSize|*|*
scalixLimitOutboundMail|scalixLimitOutboundMail|*|*
scalixLimitInboundMail|scalixLimitInboundMail|*|*
scalixLimitNotifyUser|scalixLimitNotifyUser|*|*
scalixScalixObject|omMailbox|*|*
scalixMailnode|omMailnode|*|*
scalixServerLanguage|UL-IL|*|*
scalixAdministrator|ADMIN|*|*
scalixMailboxAdministrator|MBOXADMIN|*|*


[kurtbe]

hmmm hmmm hmmm,
thanks for help, davidz - I changed those lines too but the Problem is the same.

From the Forumsearch I knew that this errors occurs If you try to add an Internet User with Scalix Privileges set.

So I think the problem is, that omldapsync don't see the scalixScalixObject value in my ldap and this way try's to add an Internet user .... and there is the problem

[davidz]

Have you tried starting over with a brand new user from openldap? One that has never been used as a test. Also could you post the whole omldapsync output when you get the error. Hopefully someone smarter will lend some assistance as well.

[kurtbe]

So when I use

${EX_SCALIX_MAILBOX} ${EX_SCALIX_MAILNODE}

the user is added as INTERNET user

using scalixScalixObject scalixMailnode

I get this:

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Body>
<SOAP-ENV:Fault>
<faultcode>SOAP-ENV:Server</faultcode>
<faultstring>CAA Service Error</faultstring>
<detail>
<scalix-caa:fault-details xmlns:scalix-caa="http://www.scalix.com/caa">
<message>CN=Test Test/G=TEST/S=Test/OU1=internet/UL-CLASS=FULL/scalixScalixObject=TRUE/scalixServerLanguage=ENGLISH/FOREIGN-ADDR=uid\=ttest,ou\=Users,dc\=test,dc\=local/STREET-ADDRESS=TEST/GLOBAL-UNIQUE-ID=524c1760-e322-102a-9c4a-addf871bb198/INTERNET-ADDR="Test Test" &lt;test@test.local&gt;/ENTRY-DESC=Test Test [OM 16073] Unknown attribute specified. Attribute : scalixScalixObject :scalix.local</message>
<errorcode>OM 16073</errorcode>
</scalix-caa:fault-details>
</detail>
</SOAP-ENV:Fault>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
0 entries passed
1 entries failed
0 entries warned

I think I need prof help tomorrow from Florian or so, thanks a lot for help davidz.

[kurtbe]

So, I got it workig last night though still not everything:

Here is my sync.cfg: (Because sync is working I cutted the head of the file)

------schnipp--------


EX_SCALIX_ATTRS=EX_SCALIX_MAILBOX EX_SCALIX_MAILNODE SCALIXHIDEUSERENTRY SCALIXMAILBOXCLASS SCALIXLIMITMAILBOXSIZE SCALIXLIMITOUTBOUNDMAIL SCALIXLIMITINBOUNDMAIL SCALIXLIMITNOTIFYUSER EX_SCALIX_MSGLANG EX_SCALIX_ADMIN EX_SCALIX_MBOXADMIN

EX_SCALIX_MAILBOX=scalixScalixObject
EX_SCALIX_MAILNODE=scalixMailnode
EX_SCALIX_MSGLANG=scalixServerLanguage
EX_SCALIX_ADMIN=scalixAdministrator
EX_SCALIX_MBOXADMIN=scalixMailboxAdministrator
SCALIXHIDEUSERENTRY=scalixHideUserEntry
SCALIXMAILBOXCLASS=scalixMailboxClass
SCALIXLIMITMAILBOXSIZE=scalixLimitMailboxSize
SCALIXLIMITOUTBOUNDMAIL=scalixLimitOutboundMail
SCALIXLIMITINBOUNDMAIL=scalixLimitInboundMail
SCALIXLIMITNOTIFYUSER=scalixLimitNotifyUser




EX_ATTR=scalixHideUserEntry scalixMailboxClass scalixLimitMailboxSize scalixLimitOutboundMail scalixAdministrator scalixMailboxAdministrator scalixLimitInboundMail scalixLimitNotifyUser scalixScalixObject scalixMailnode member dn uid objectClass displayName sn givenname initials mail entryUUID cn scalixEmailAddress facsimileTelephoneNumber homephone streetAddress st telephoneNumber title company department description mobile pager physicalDeliveryOfficeName postalCode secretary



EX_BASE1=ou=users,dc=test,dc=local
EX_BASE2=ou=groups,dc=test,dc=local
EX_BASE3=
EX_BASE4=
EX_BASE5=
EX_BASE6=
EX_BASE7=
EX_BASE8=
EX_BASE9=


EX_FILTER=(|(&(objectclass=inetOrgPerson)(mail=*))(&(objectclass=groupOfNames)(mail=*)))
IM_OMADDRESS=/internet
IM_MV_ATTR=objectClass INTERNET-ADDR omMemberForeignAddr
EX_GUID=entryUUID
LDAPCT_BIN_ATT=
EX_PAGESIZE=1000
#
# PART 1.4 for EXPORT - ldap parameters
#######################################
# NOTE: export is not supported for this agreement type

# primary mapping table
IM_MAPPING_TABLE=


scalixMailboxClass|UL-CLASS|*|*
scalixScalixObject|omMailbox|*|*
scalixMailnode|omMailnode|*|*
scalixServerLanguage|UL-IL|*|*
scalixAdministrator|ADMIN|*|*
scalixMailboxAdministrator|MBOXADMIN|*|*





# scalix object classes
objectClass|*|groupOfNames|distributionList
objectClass|*|inetOrgPerson|organizationalPerson
objectClass||*|#ignore others
# distinguished name
dn|*|*|*
# global unique id
entryUUID|GLOBAL-UNIQUE-ID|*|*
# common name
displayName|CN|*,1,64|*
# use cn for common name if displayName is missing
cn|CN|*,1,64!ISMISSING=displayName|*
cn||*|#suppress it otherwise
# initial
initials|I|*,1,5|*
# surname
sn|S|*,1,40|*
# use cn for surname if sn is missing
cn|S|*,1,40!ISMISSING=sn|*
# given name is mapped if surname is present
givenName|G|*,1,16!ISPRESENT=sn|*
givenName||*|#suppress it otherwise
# internet addresses
mail|INTERNET-ADDR|*,1,512|*
# no mapping for ALIAS
# the DN of the entry
dn|FOREIGN-ADDR|*,1,512|*
# the DN of the group members
member|omMemberForeignAddr|*|*
# authentication id
uid|UL-AUTHID|*|*
# informational attributes
facsimileTelephoneNumber|FAX|*,1,32|!CUSTOM=TO_PS_STR
homephone|HOME-PHONE|*,1,32|!CUSTOM=TO_PS_STR
street|STREET-ADDRESS|*,1,128|!REPLACE=\033J|\012
st|STATE-OR-PROVINCE|*,1,128|*
telephoneNumber|PHONE-1|*,1,32|!CUSTOM=TO_PS_STR
title|TITLE|*,1,128|*
co|CNTRY|*,1,2|*
company|EMPL-ORG|*,1,64|*
departmentNumber|EMPL-DEPT|*,1,32|*
description|ENTRY-DESC|*,1,1024|!REPLACE=\033J|\012
l|L|*,1,128|*
mobile|MOBILE-PHONE|*,1,32|!CUSTOM=TO_PS_STR
pager|PAGER-PHONE|*,1,32|!CUSTOM=TO_PS_STR
physicalDeliveryOfficeName|PD-OFFICE-NAME|*,1,128|*
postalCode|POSTAL-CODE|*,1,40|*
# no mapping for ASSISTANT-PHONE
# no mapping for PHONE-2
=END_MAPPING_TABLE
#####################################
# secondary mapping table
#IM_MAPPING_TABLE2=
#*|*|*|*
#=END_MAPPING_TABLE
#

----schnapp--------

So I have Ex_Attr now working with the Attributes in my openldap and modified IM_MAPPING_TABLE= to also point to the openldap Attributes.

And this is working, I can sync Users smoothly and can modify Administrator-rights and Userclass. I quite don't need quota support now which is not working with the actual config but that is not high priority.

This was yesterday afternoon ...
Today I went on testing the sync and I recognized, that groups are not synced. I created a new group with same Attributes as in the ldapsync13.schema file and the sync seems to look in groups-folder but he is not recognizing the item. Perhaps missing maps in my sync.cfg?