Custom Script Users not Writing

[jch0182]

I have been trying to get this installed for a couple days now, always ending with LDAP errors. I finally tracked down the issue in the custom script when attempting to add all of the needed custom users (Step 2 of /install/assets/custom-scripts/001-install-fusiondirectory.sh). It looks like the script isn't able to add the users based on the log files:

ldap             | SASL/EXTERNAL authentication started
ldap             | SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
ldap             | SASL SSF: 0
ldap             | modifying entry "olcDatabase={1}mdb,cn=config"

The Read Only user, ppolicy, schemas, etc. all execute just fine.

I'm open to any ideas on this one.

[jch0182]

After some serious digging, I found that the problem was not authentication, but that it was failing without output due to two deprecated attributes attached to the 'config' user:

-fdHttpAuthActivated -fdCasActivated

Removing those two lines allowed the script to run and add all users appropriately.

[tiredofit]

Lovely find. This seems to be related to the 1.4 branch deprecating those attributes - I am just away from my "work" desk at the moment and upon return will issue a fix based on your findings.

[tiredofit]

Fix is in place for tiredofit/openldap-fusiondirectory:2.4-7.1.25 - Thanks for the sleuthing skills to find this one.

I'm going to hold off before bringing this over to the openldap 2.6 series - I still don't feel confident I have things stable and can't dedicate time at this stage to debug.

[jch0182]

Awesome. I'll have to take a look and see how it goes. I'm still running in to a few errors where the system is attempting to write those values anyway, so some additional digging may in fact be needed. Will report back on my findings once I get a chance to test it out.