[Owncloud] OC migration from 5.0.14a o 6.0.0a with LDAP crash

Pierre Malard plm at teledetection.fr
Mon Dec 30 14:58:02 UTC 2013


Hi,

Since i had a bug with LDAP, I test updates before install them with a beta repository... So, I'm not blocked but affraid to migrate to 6.0.0a

our configuration :
- OC Server on Debian 7 (wheezy)
- LDAP Server on Debian 7 (wheezy) 
- OpenLDAP server (slapd) v 2.4.31+nmu2 whith a specific shema based on email UID.
- about 500 LDAP accounts
- as we had a problem with SSL LDAP connection with old OC versions, their is no SSL to LDAP.

When I try to upgrade OC to 6.0.0a I have a lot of non-LDAP error (and others) on data/owncloud.log since upgrade session :

non LDAP errors :
{"app":"index","message":"Exception: Echec de la mise \u00e0 niveau \"user_ldap\".","level":4,"time":"2013-12-30T13:56:28+00:00"}
{"app":"core","message":"App \"\" (user_migrate) can't be used because it is not compatible with this version of ownCloud","level":3,"time":"2013-12-30T13:56:33+00:00"}
{"app":"core","message":"can't remove app user_migrate. It is not installed.","level":3,"time":"2013-12-30T13:56:33+00:00"}
......

When I open a web session with an admin LDAP account on the first time, that's ok but when I'm going to th admin page, the interface say our LDAP configuration in "incorrect" whit the message "Could not determine Base DN".
On "data/owncloud.log" file, I have some warnings about my account:
{"app":"user_ldap","message":"initializing paged search for  FilterobjectClass=* base Array\n(\n    [0] => cn=<Email>,ou=mails,dc=<LDAP_Domain>\n)\n attr mail limit 99999 offset 0","level":1,"time":"2013-12-30T14:14:31+00:00"}
{"app":"user_ldap","message":"Ready for a paged search","level":1,"time":"2013-12-30T14:14:31+00:00"}
{"app":"user_ldap","message":"initializing paged search for  FilterobjectClass=* base Array\n(\n    [0] => cn=<Email>,ou=mails,dc=<LDAP_Domain>\n)\n attr jpegPhoto limit 99999 offset 0","level":1,"time":"2013-12-30T14:14:31+00:00"}
{"app":"user_ldap","message":"Ready for a paged search","level":1,"time":"2013-12-30T14:14:31+00:00"}
{"app":"user_ldap","message":"initializing paged search for  FilterobjectClass=* base Array\n(\n    [0] => cn=<Email>,ou=mails,dc=<LDAP_Domain>\n)\n attr  limit 99999 offset 0","level":1,"time":"2013-12-30T14:14:31+00:00"}
{"app":"user_ldap","message":"Ready for a paged search","level":1,"time":"2013-12-30T14:14:31+00:00"}
{"app":"user_ldap","message":"initializing paged search for  FilterobjectClass=* base Array\n(\n    [0] => cn=<Email>,ou=mails,dc=<LDAP_Domain>\n)\n attr mail limit 99999 offset 0","level":1,"time":"2013-12-30T14:14:31+00:00"}
...

And a lot of errors line like that:
{"app":"user_ldap","message":"Configuration Error (prefix ): either no password is given for theuser agent or a password is given, but not anLDAP agent.","level":2,"time":"2013-12-30T14:15:17+00:00"}
{"app":"user_ldap","message":"Configuration Error (prefix ): either no password is given for theuser agent or a password is given, but not anLDAP agent.","level":2,"time":"2013-12-30T14:15:17+00:00"}
{"app":"user_ldap","message":"Configuration Error (prefix ): either no password is given for theuser agent or a password is given, but not anLDAP agent.","level":2,"time":"2013-12-30T14:15:17+00:00"}
{"app":"user_ldap","message":"Configuration Error (prefix ): either no password is given for theuser agent or a password is given, but not anLDAP agent.","level":2,"time":"2013-12-30T14:15:17+00:00"}
{"app":"user_ldap","message":"Configuration Error (prefix ): either no password is given for theuser agent or a password is given, but not anLDAP agent.","level":2,"time":"2013-12-30T14:15:17+00:00"}
{"app":"user_ldap","message":"Configuration is invalid, cannot connect","level":2,"time":"2013-12-30T14:15:17+00:00"}
{"app":"user_ldap","message":"Connection could not be established","level":3,"time":"2013-12-30T14:15:17+00:00"}
{"app":"user_ldap","message":"Configuration Error (prefix ): either no password is given for theuser agent or a password is given, but not anLDAP agent.","level":2,"time":"2013-12-30T14:15:17+00:00"}
.............

And after that, I lost my web connection and I can't log again with my LDAP admin account. When I log with a local admin account, all LDAP users have disappeared !!!!!

When I try to re-install our LDAP configuration (it's very difficult to erase the one in place) everything seem to be Ok after Advanced configuration:
- the test is Ok
- all valid users seem to be found
- all groups are found
But, in the owncloud.log file i steel have these lines:
{"app":"user_ldap","message":"Base tree for Groups is empty, using Base DN","level":1,"time":"2013-12-30T14:35:23+00:00"}
{"app":"user_ldap","message":"Base tree for Groups is empty, using Base DN","level":1,"time":"2013-12-30T14:35:23+00:00"}
.......

When i'm trying to see our users, it works but with a lot og warning in owncloud.log file for each users like this:
{"app":"user_ldap","message":"initializing paged search for  FilterobjectClass=* base Array\n(\n    [0] => cn=<EMail>,ou=mails,dc=<LDAP_Domin>\n)\n attr  limit 99999 offset 0","level":1,"time":"2013-12-30T14:43:20+00:00"}
and some UTF-8 error like that:
{"app":"user_ldap","message":null,"level":1,"time":"2013-12-30T14:43:20+00:00"}
{"app":"user_ldap","message":"Ready for a paged search","level":1,"time":"2013-12-30T14:43:20+00:00"}
{"app":"user_ldap","message":"Paged search successful","level":1,"time":"2013-12-30T14:43:20+00:00"}
{"app":"user_ldap","message":"Set paged search cookie","level":1,"time":"2013-12-30T14:43:20+00:00"}
{"app":"PHP","message":"json_encode(): Invalid UTF-8 sequence in argument at \/var\/www\/owncloud\/lib\/private\/log\/owncloud.php#74","level":2,"time":"2013-12-30T14:43:20+00:00"}

but all users, every groups and types are Ok. So I thing everything is good. :-)

NO, it is not! If I go back to admin page, the LDAP status go from "OK" to "incorrect" with lost of base DN (???) and, in owncloud.log:
{"app":"user_ldap","message":"Configuration Error (prefix ): either no password is given for theuser agent or a password is given, but not anLDAP agent.","level":2,"time":"2013-12-30T14:51:17+00:00"}
........
{"app":"user_ldap","message":"Bind failed: 34: Invalid DN syntax","level":3,"time":"2013-12-30T14:51:17+00:00"}
{"app":"user_ldap","message":"Bind failed: 34: Invalid DN syntax","level":3,"time":"2013-12-30T14:51:18+00:00"}

AND, when i go to "Users" page, all LDAP users have still disappeared !!!!!

Is some body have an explanation?

Best whishes


--
Pierre Malard
       « Mittler zwischen hirn und händen muss das hirz sein ! »
       « La médiation entre le cerveau et les mains doit être le cœur ! »
                    Fritz Lang - "Métropolis" - 1929

   |\      _,,,---,,_
   /,`.-'`'    -.  ;-;;,_
  |,4-  ) )-,_. ,\ (  `'-'
 '---''(_/--'  `-'\_)
perl -e '$_=q#: 3|\ 5-,3-3,2-: 3/,`.'"'"'`'"'"' 5-.  ;-;;,-:  |,A-  ) )-,_. ,\ (  `'"'"'-'"'"': '"'"'-3'"'"'2(-/--'"'"'  `-'"'"'\-): 22PLM::#;y#:#\n#;s#(\D)(\d+)#$1x$2#ge;print'
- --> Ce message n’engage que son auteur <--

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/owncloud/attachments/20131230/8f04dd85/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mail.kde.org/pipermail/owncloud/attachments/20131230/8f04dd85/attachment.sig>


More information about the Owncloud mailing list