Hello everyone,
I am having issues with Auto Provisioning using Free-IPA(LDAP) on Carbonio CE 24.3.0
I followed the docs using a "full small" or 5-node setup, and I have added 2 more MTA/PROXY servers for testing. 7-node setup overall.
Ubuntu 22.04
For some reason Auto Provisioning isn't working now despite my previous setups working fine.
Manual user creation via the CLI works correctly. This tells me the configuration is correct and that Carbonio CE can reach our Free-IPA server.
I don't see Auto Provisioning triggering in /opt/zextras/log/mailbox.log like I used to.
I basically followed THIS blog post with the necessary changes to work with our Free-IPA server. I added an extract below.
Is there a way to trigger Auto Provisioning from the CLI? Has anyone else run into this issue?
Configuration Extract:
carbonio prov modifyDomain domain.tld zimbraAutoProvAccountNameMap "sAMAccountName" carbonio prov modifyDomain domain.tld zimbraAutoProvAttrMap "sn=sn" carbonio prov modifyDomain domain.tld +zimbraAutoProvAttrMap "description=description" carbonio prov modifyDomain domain.tld +zimbraAutoProvAttrMap "cn=displayName" carbonio prov modifyDomain domain.tld +zimbraAutoProvAttrMap "givenName=givenName" carbonio prov modifyDomain domain.tld zimbraAutoProvBatchSize "20" carbonio prov modifyDomain domain.tld zimbraAutoProvLdapAdminBindDn "admin@ad.domain.tld" carbonio prov modifyDomain domain.tld zimbraAutoProvLdapAdminBindPassword "P@$$w0rD" carbonio prov modifyDomain domain.tld zimbraAutoProvLdapBindDn "admin@ad.domain.tld" carbonio prov modifyDomain domain.tld zimbraAutoProvLdapSearchBase "dc=ad,dc=domain,dc=tld" carbonio prov modifyDomain domain.tld zimbraAutoProvLdapSearchFilter "(&(ObjectCategory=person))" carbonio prov modifyDomain domain.tld zimbraAutoProvLdapURL "ldap://ad.domain.tld:389" carbonio prov modifyDomain domain.tld zimbraAutoProvMode "EAGER" carbonio prov modifyDomain domain.tld zimbraAutoProvNotificationBody "Your account has been auto provisioned. Your email address is ${ACCOUNT_ADDRESS}." carbonio prov modifyDomain domain.tld zimbraAutoProvNotificationFromAddress "zextras@domain.tld" carbonio prov modifyDomain domain.tld zimbraAutoProvNotificationSubject "New account auto provisioned" carbonio prov modifyDomain mailstore.domain.tld zimbraAutoProvPollingInterval "5m" carbonio prov modifyDomain mailstore.domain.tld zimbraAutoProvScheduledDomains "domain.tld"
It seems the issue may have been due to Domain names. I complete reinstall fixed the problem and everything is working fine now.
There was a general issue of having the zextras@DOMAIN being automatically created based of the hostname during install, I believe. This domain was not able to be completely removed despite my best efforts. There must have been some detritus leftover and this was causing other issues on my install. I am assuming this is related to the auto provisioning issue but I can't be sure.
If you are having the same error as I was, I would recommend:
1. Double check the auto provision configuration to make sure all credentials and domains are correct.
2. Use the command below as the "zextras" user to set up the auto provision configuration ON the node with 'Mesh and Directory' Role (Node 1, in the documented 5-node install)
zmprov < $AUTOPROVISION.FILE
3. Just reinstall.
Hope this helps!