docker-fusiondirectory
docker-fusiondirectory copied to clipboard
tiredofit
Error while saving configuration
When I change some value (for me i get the error when changing the strict naming policy) i get the following error message:
LDAP operation failed!
Object: cn=config,ou=fusiondirectory,dc=example,dc=com
Error: Invalid syntax - objectClass: fdSystemsPluginConf (objectClass: value #11 invalid per syntax, while operating on 'cn=config,ou=fusiondirectory,dc=example,dc=com' using LDAP server 'ldap://ldap:389')
But after re-entering the configuration site i see that the changed setting was still saved.
I have seen these in the past - but only when developing my own plugins. FD masks what it is actually doing to the LDAP server to get this error and its important that we capture the query. I believe I went inside the front end of the fd container and changed /etc/fusiondirectory/fusiondirectory.conf (debug mode to 1) and also restarted my ldap server with log_level=1 which gave an enourmous set of output and gave me a hint as to what is failing. It very well may be that you are missing some schemas from installation. I ran into recently the DNS schema not being installed when it actually should have been by default (was enforeced in 7.x series) which was throwing some pretty strange errors.
It's likely not a FD core issue but in relation to this image and I may have not gotten the configuration/dependencies right on which plugins need what, however easily solvable either by switching them on in the docker-compose, and then once we know what is happening I can build it into the image to enforce.
It would be good to get some warning if one plugin is being activated but not its dependencies.
So I believe this is also the base issue behind the huge error which i get when i click on the dashboard?
I have some routines in the startup script is you have PLUGIN_X enabled that it automatically enables a certain other set of plugins. Systems is a good one for that, also Mail I believe has some tweaks. Fusiondirectory's documentation used to talk about all the dependencies but since they've changed their website I'm a bit in the dark as to what requires what sometimes.
I see your huge error and its barking about Argonaut, even if you aren't using it it seems it's going to want to require it in the schema. I'm cautious on the openldap side to install all of the schemas purely for the sake of keeping bloat down, but I may include an option to put them all in.
You can try yourself by PLUGIN_ARGONAUT=TRUE on the fd container and for a quick way to see if it solves it to head into /etc/openldap/schema/fusiondirectory and type fusiondirectory-insert-schema -i argonaut*.schema
edit
Just installing the schema didn't do it for me.Not did installing the env var. Something is missing.
I'll have to go walk through the FD manual and see whats being missed here. It's stating it can't find the ACL for the Argonaut plugin. I have working systems which I'll scan through their config to see what we've done to make it work.
Seeing it as an upstream issue but trying to determine what they did to fix. https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/5855 https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/5967
Seems we do have the fix inside this image. I'll figure out if its something I've done to muck this up.
I'm going to have to put this on pause for the remainder of the day and then change the way the image is installed and then try to see if I can pull from their git branches instead of release to see if this will solve. I'm interested in seeing 1.4-dev anyways. Will let you know.
I managed to get passed it (and dns schema issue too) with
cd /etc/openldap/schema/fusiondirectory/
fusiondirectory-insert-schema -i systems*
fusiondirectory-insert-schema -i service*
fusiondirectory-insert-schema -i dns*
