Artica-Zarafa import Active Directory Windows 2008

discuss between artica users about howto use Artica.
This forum is not read by the Artica's developers.
Questions and answers are from the community..

Artica-Zarafa import Active Directory Windows 2008

New postby rollercoaster » Thu Nov 15, 2012 4:05 am

I have setup Artica with Zarafa using the latest build DVD ISO "artica-zarafa-1.6.090100.debian6-i386.iso". At this point I am trying to import my active directory users using " ActiveDirectory Importation Import your Windows 2003 AD users into this organization" tool under Zarafa Collaboration>>organization>>mycompany.com

I am able to browse my CN=Users using LdapExplorer with my newly created user Artica username so I know the port is open and listening. Although, when I click edit for the tool above I receive an error in Artica.
Connection Failed
error 110 "Connection timed out" 192.168.0.2:389

I must be doing this the wrong way or there is some trick to get it working with Windows 2008 Server Active Directory?



Artica Version
Postfix MTA Mail system
The service currently running
using version number 2.7.1


Attempting to update build to the nightly as suggested.
Attachments
articaaderror.jpg
articaaderror.jpg (187.89 KiB) Viewed 8696 times
articaimport.jpg
articaimport.jpg (200.22 KiB) Viewed 8696 times
Last edited by rollercoaster on Thu Nov 15, 2012 8:41 pm, edited 1 time in total.
rollercoaster
 
Posts: 8
Joined: Thu Nov 15, 2012 3:08 am
Artica servers number: 1
Linux System: CentOS
Technical skills: Microsoft Windows skills

Re: Artica-Zarafa import Active Directory Windows 2008

New postby admin » Thu Nov 15, 2012 1:39 pm

This means that the server is unable to connect to the 389 port of your Active Directory.
suggest to upgrade to 1.6.111514 nightly build ot use this feature.
User avatar
admin
Site Admin
 
Posts: 11946
Joined: Wed Oct 17, 2007 7:59 am
Location: France

Re: Artica-Zarafa import Active Directory Windows 2008

New postby rollercoaster » Thu Nov 15, 2012 9:38 pm

Updated to the nightly build version: 1.6.111514 and now I'm receiving bad username or password.
I'm certain I'm using the correct username and password because I am able to connect to the active directory using other applications like Ldapexplorer and Softerra LDAP Administrator.

What format is the correct to use for the username my DN credentials are CN=Artica,CN=Users,DC=mycompany,DC=com
Should I be using just Artica? or the full DN or what?
rollercoaster
 
Posts: 8
Joined: Thu Nov 15, 2012 3:08 am
Artica servers number: 1
Linux System: CentOS
Technical skills: Microsoft Windows skills

Re: Artica-Zarafa import Active Directory Windows 2008

New postby rollercoaster » Fri Nov 16, 2012 1:12 am

I had to use a work-around to get Artica to connect using a username with no password.
the Active Directory members Importation circle icon turns "yellow" and says Connection success. But it doesn't actually import the users into the Users or Groups On Artica.

I saw in the tutorial that a "green" circle means everything is correct. "Red" means there is no connection or bad username/password.
What does a "yellow" circle icon mean and why isn't it importing the users?
Attachments
articalast.jpg
articalast.jpg (149.7 KiB) Viewed 8675 times
rollercoaster
 
Posts: 8
Joined: Thu Nov 15, 2012 3:08 am
Artica servers number: 1
Linux System: CentOS
Technical skills: Microsoft Windows skills

Re: Artica-Zarafa import Active Directory Windows 2008

New postby admin » Fri Nov 16, 2012 9:38 am

You must setup a DN that allows Artica to browse all Active Directory Branch

just try CN=Administrator,CN=Users,DC=mycompany,DC=com

if it works and you have a green status, try to give more privileges of the Artica account
User avatar
admin
Site Admin
 
Posts: 11946
Joined: Wed Oct 17, 2007 7:59 am
Location: France

Re: Artica-Zarafa import Active Directory Windows 2008

New postby rollercoaster » Fri Nov 16, 2012 8:08 pm

I removed the password for the built-in Administrator account and changed the DN from Artica to use "CN=Administrator,CN=Users,DC=mycompany,DC=com".
I am still receiving a yellow icon and no users have been imported.

Does the importation only work with windows 2003?
Are there other modifications needed on windows 2008 to allow the process to occur successfully?
Has anyone successfully completed an import of AD users from Windows 2008/R2 using artica-zarafa appliance?
rollercoaster
 
Posts: 8
Joined: Thu Nov 15, 2012 3:08 am
Artica servers number: 1
Linux System: CentOS
Technical skills: Microsoft Windows skills

Re: Artica-Zarafa import Active Directory Windows 2008

New postby admin » Fri Nov 16, 2012 10:08 pm

Active Directory is kind of LDAP so 2008 or 2003, Artica try to search some specifics LDAP attributes.

open an unix console and rune this commande line:

Code: Select all
php5 /usr/share/artica-postfix/exec.ad-import-ou.php [organization] --verbose


and post the content
as organization is the organization name you used for the importation.
User avatar
admin
Site Admin
 
Posts: 11946
Joined: Wed Oct 17, 2007 7:59 am
Location: France

Re: Artica-Zarafa import Active Directory Windows 2008

New postby rollercoaster » Sat Nov 17, 2012 8:47 am

root@zarafa-appliance:~# php5 /usr/share/artica-postfix/exec.ad-import-ou.php [Mycompany.com] --verbose
[5052] [DAEMON]::::wad/verifyBranch:: Create cn=adlinker,ou=[Mycompany.com],dc=organizations,dc=my-domain,dc=com in class.activedirectory.inc
[5052] [DAEMON]::::clladp/ldap_event:: ldap_add ERROR 32 (No such object) on DN "cn=adlinker,ou=[Mycompany.com],dc=organizations,dc=my-domain,dc=com" entries: in class.ldap.inc
[5052] [DAEMON]::::clladp/ldap_event:: ERROR ldap_add : objectClass(0)='top' in class.ldap.inc
[5052] [DAEMON]::::clladp/ldap_event:: ERROR ldap_add : objectClass(1)='AdLinker' in class.ldap.inc
[5052] [DAEMON]::::clladp/ldap_event:: ERROR ldap_add : AdLinkerConf(0)='DEFAULT' in class.ldap.inc
[5052] [DAEMON]:::::: LDIF
dn:cn=adlinker,ou=[Mycompany.com],dc=organizations,dc=my-domain,dc=com
objectClass: top
objectClass: AdLinker
AdLinkerConf: DEFAULT
in logs.inc
[5052] [DAEMON]::::Perform_import:: delete /usr/share/artica-postfix/ressources/logs/web/ad-[Mycompany.com].log in class.activedirectory.inc
[5052] [DAEMON]::::wad:: Connection to Active Directory server in class.activedirectory.inc
wad=>TestAddport[5052]: Bind remote :389 php_network_getaddresses: getaddrinfo failed: Name or service not known (0)
[5052] [DAEMON]::::wad:: Unable to connect to the specified server... in class.activedirectory.inc
[DEBUG SOCKET] http://127.0.0.1:47980/cmd.php?postfix-hash-tables=yes<br>
[5052] [DAEMON]::::sockets/getFrameWork:: http://127.0.0.1:47980/cmd.php?postfix-hash-tables=yes in class.sockets.inc line 525
[DEBUG SOCKET] -> cmd.php?postfix-hash-tables=yes curl_init() fopen_curl Line:417<br>
[DEBUG SOCKET] -> cmd.php?postfix-hash-tables=yes curl_exec() fopen_curl Line:430<br>
[DEBUG SOCKET] -> cmd.php?postfix-hash-tables=yes: 0 bytes length Err.0fopen_curl Line:434<br>
[DEBUG SOCKET] return null<br>
root@zarafa-appliance:~#


I used ssh to connect to the appliance and this is what it returned
rollercoaster
 
Posts: 8
Joined: Thu Nov 15, 2012 3:08 am
Artica servers number: 1
Linux System: CentOS
Technical skills: Microsoft Windows skills

Re: Artica-Zarafa import Active Directory Windows 2008

New postby admin » Sat Nov 17, 2012 9:35 am

the right syntax is


Code: Select all
php5 /usr/share/artica-postfix/exec.ad-import-ou.php Mycompany.com --verbose


remove brackets
User avatar
admin
Site Admin
 
Posts: 11946
Joined: Wed Oct 17, 2007 7:59 am
Location: France

Re: Artica-Zarafa import Active Directory Windows 2008

New postby rollercoaster » Sat Nov 17, 2012 11:17 pm

root@zarafa-appliance:~# php5 /usr/share/artica-postfix/exec.ad-import-ou.php Mycompany.com --verbose
[8791] [DAEMON]::::Perform_import:: delete /usr/share/artica-postfix/ressources/logs/web/ad-Mycompany.com.log in class.activedirectory.inc
[8791] [DAEMON]::::wad:: Connection to Active Directory server in class.activedirectory.inc
[8791] [DAEMON]::::wad/Connect:: ERROR 8 () unable to connect to Active Directory server with right username cn=Administrator,cn=Users,dc=mycompany,dc=com in class.activedirectory.inc
[8791] [DAEMON]::::wad:: Unable to connect to the specified server... in class.activedirectory.inc
[DEBUG SOCKET] http://127.0.0.1:47980/cmd.php?postfix-hash-tables=yes<br>
[8791] [DAEMON]::::sockets/getFrameWork:: http://127.0.0.1:47980/cmd.php?postfix-hash-tables=yes in class.sockets.inc line 525
[DEBUG SOCKET] -> cmd.php?postfix-hash-tables=yes curl_init() fopen_curl Line:417<br>
[DEBUG SOCKET] -> cmd.php?postfix-hash-tables=yes curl_exec() fopen_curl Line:430<br>
[DEBUG SOCKET] -> cmd.php?postfix-hash-tables=yes: 0 bytes length Err.0fopen_curl Line:434<br>
[DEBUG SOCKET] return null<br>
root@zarafa-appliance:~#


What authentication mechanism does the importation script use, simple (plain-text), SASL MD5 Digest, SASL GSS-negotiate?
rollercoaster
 
Posts: 8
Joined: Thu Nov 15, 2012 3:08 am
Artica servers number: 1
Linux System: CentOS
Technical skills: Microsoft Windows skills

Next

Return to Community tutorials

Who is online

Users browsing this forum: No registered users and 2 guests

cron