Closed goeba closed 4 years ago
kiarn
commented
4 years ago Hello Andreas,
It's pretty nice to have someone who retrieve the issue from testing here, many thanks for this !
It seems that the user attribute sophomorixWebuiDashboard in ldap is corrupted or not really readable, I will check this.
Regards
Arnaud
kiarn
commented
4 years ago I made a global fix, but it would be interesting for me to know what is to find under your global-admin userconfig.
Can you please try to do a :
ldapsearch -x -H ldap://localhost:389 -b "dc=YOUR,dc=DOMAIN" "(cn=global-admin)" -D 'CN=global-binduser,OU=Management,OU=GLOBAL,DC=YOUR,DC=DOMAIN' -w `cat /etc/linuxmuster/.secret/global-binduser` sophomorixWebuiDashboardon your server ? You will need to replace "YOUR.DOMAIN" with your ldap domain.
goeba
commented
4 years ago Hi, sorry to ask such a dumb question, but: How do I find out my ldap domain? I use a virtual test server for testing, but I did not set up that myself, and I'm a "linux only" user with no windows-domain knowledge! Yours / Viele Grüße Andreas
PLanB2008
commented
4 years ago Well in that case you should know what you configured during the installation :P
One easy linuxmuster way would be to use sophomorix to determine the domain:
sophomorix-user -i -u global-admin
################################################################################ User 1/1 in AD: global-admin in school global CN=global-admin,OU=Management,OU=GLOBAL,DC=linuxmuster,DC=lan ################################################################################
You could also peek in the /etc/samba/smb.conf and look fpr the realm entry, this one also represents your domain.
goeba
commented
4 years ago Ok, as I said I did NOT install that instance! I did it right all the way, my domain is LMN.LAN The results:
# extended LDIF
#
# LDAPv3
# base <dc=LMN,dc=LAN> with scope subtree
# filter: (cn=global-admin)
# requesting: sophomorixWebuiDashboard
#
# global-admin, Management, GLOBAL, lmn.lan
dn: CN=global-admin,OU=Management,OU=GLOBAL,DC=lmn,DC=lan
sophomorixWebuiDashboard: ---
# search reference
ref: ldap://lmn.lan/CN=Configuration,DC=lmn,DC=lan
# search reference
ref: ldap://lmn.lan/DC=DomainDnsZones,DC=lmn,DC=lan
# search reference
ref: ldap://lmn.lan/DC=ForestDnsZones,DC=lmn,DC=lan
# search result
search: 2
result: 0 Success
# numResponses: 5
# numEntries: 1
# numReferences: 3I think this means "nothing" ;) Regards, Andreas
goeba
commented
4 years ago Why does that "insert code" not work???
zefanja
commented
4 years ago For multiline code you need to use 3x "`" at the top and bottom
Test
TestThis looks indeed empty. I assume the sophomorix-user -i -u global-admin command did not return data as well?
You could create another global-administrator by
sophomorix-admin --create-global-admin <name-of-admin> --password <fdrTfdtti>
and try to proceed. If this works delete the original global-administrator and create a new one.
goeba
commented
4 years ago No, sophomorix-user -i -u worked:
root@server:~# sophomorix-user -i -u global-admin
Command line::
Option verbose is a modifier option
Option json is a modifier option
Hmmh. do not know what to do with option info
* forcing info mode
Option combinations successfully checked
OK: SophomorixSchemaVersion 1 matches required Version 1
#### Reading /usr/share/sophomorix/devel/sophomorix.ini ####
#### Distro-check: Ubuntu 18.04 is OK ####
#### Reading /etc/samba/smb.conf ####
#### Reading /usr/lib/linuxmuster-webui/etc/default-ui-permissions.ini ####
#### Parsing: net conf list ####
#### Asking domain passwordsettings from samba ####
#### Reading /etc/linuxmuster/sophomorix/sophomorix.conf ####
#### Reading /etc/linuxmuster/sophomorix/default-school/school.conf ####
################################################################################
User 1/1 in AD: global-admin in school global
CN=global-admin,OU=Management,OU=GLOBAL,DC=lmn,DC=lan
################################################################################
PWDFileExists: FALSE
PASSWORD: Password was not saved on the server!
--------------------------------------------------------------------------------
displayName: Global Admin
sn: Admin
givenName: Global
sophomorixFirstnameASCII: Global
sophomorixSurnameASCII: Admin
sophomorixFirstnameInitial: G.
sophomorixSurnameInitial: A.
sophomorixUserToken: ---
sophomorixBirthdate: ---
sophomorixUnid: ---
sophomorixAdminClass: global-admins
sophomorixExitAdminClass: unknown
sophomorixSchoolname: global
sophomorixAdminFile: none
sophomorixComment: created by linuxmuster-setup
sophomorixFirstPassword: ---
sophomorixExamMode: ---
--------------------------------------------------------------------------------
sophomorixRole: globaladministrator
sophomorixStatus: P
sophomorixCreationDate: 20190622123557.0Z
sophomorixTolerationDate: 19700101000000.0Z
sophomorixDeactivationDate: 19700101000000.0Z
userAccountControl: 66048
--------------------------------------------------------------------------------
mail: global-admin@lmn.lan
sophomorixMailQuota: ---:---:
sophomorixMailQuotaCalculated: 1
--------------------------------------------------------------------------------
sophomorixQuota: linuxmuster-global:---:---:new:---:
sophomorixCloudQuotaCalculated: ---
--------------------------------------------------------------------------------
sophomorixWebuiPermissionsCalculated:
core:config:read: true
core:config:write: true
filesystem:read: true
filesystem:write: true
lm:devices: true
lm:devices:import: true
lm:linbo:configs: true
lm:linbo:examples: true
lm:linbo:icons: true
lm:linbo:images: true
lm:printers: true
lm:quotas:apply: true
lm:quotas:configure: true
lm:quotas:ldap-search: true
lm:rooms:apply: true
lm:rooms:configure: true
lm:schoolsettings: true
lm:settings: true
lm:users:apply: true
lm:users:check: true
lm:users:extra-courses:read: true
lm:users:extra-courses:write: true
lm:users:extra-students:read: true
lm:users:extra-students:write: true
lm:users:globaladmins:create: true
lm:users:globaladmins:delete: true
lm:users:globaladmins:read: true
lm:users:passwords: true
lm:users:schooladmins:create: true
lm:users:schooladmins:delete: true
lm:users:schooladmins:read: true
lm:users:students:read: true
lm:users:students:write: true
lm:users:teachers:list: true
lm:users:teachers:read: true
lm:users:teachers:write: true
lm:workstations: true
lm:workstations:import: true
lmn:groupmembership: true
lmn:groupmemberships:write: true
network:configure: true
network:updown: true
sidebar:view:/view/auth-users: false
sidebar:view:/view/dashboard: true
sidebar:view:/view/lm/devices: true
sidebar:view:/view/lm/globalsettings: true
sidebar:view:/view/lm/linbo: true
sidebar:view:/view/lm/printers: true
sidebar:view:/view/lm/quotas: true
sidebar:view:/view/lm/room-defaults: true
sidebar:view:/view/lm/schoolsettings: true
sidebar:view:/view/lm/settings: true
sidebar:view:/view/lm/users/extra-courses: true
sidebar:view:/view/lm/users/extra-students: true
sidebar:view:/view/lm/users/globaladmins: true
sidebar:view:/view/lm/users/listmanagement: true
sidebar:view:/view/lm/users/print-passwords: true
sidebar:view:/view/lm/users/schooladmins: true
sidebar:view:/view/lm/users/students-list: true
sidebar:view:/view/lm/users/students: true
sidebar:view:/view/lm/users/teachers-list: true
sidebar:view:/view/lm/users/teachers: true
sidebar:view:/view/lm/workstations: true
sidebar:view:/view/lmn/groupmembership: true
sidebar:view:/view/lmn/groupmemberships:write: true
sidebar:view:/view/lmn/landingpage: true
sidebar:view:/view/lmn/session: false
sidebar:view:/view/network: true
sidebar:view:/view/ni/nextcloud: true
sidebar:view:/view/ni/support: true
sidebar:view:/view/plugins: false
sidebar:view:/view/settings: false
------------- sophomorixCustom: ------------------------------------------------
---------- sophomorixIntrinsic: ------------------------------------------------
--------------------------------------------------------------------------------
memberOf: CN=all-internet,OU=Management,OU=GLOBAL,DC=lmn,DC=lan
memberOf: CN=all-intranet,OU=Management,OU=GLOBAL,DC=lmn,DC=lan
memberOf: CN=all-printing,OU=Management,OU=GLOBAL,DC=lmn,DC=lan
memberOf: CN=all-webfilter,OU=Management,OU=GLOBAL,DC=lmn,DC=lan
memberOf: CN=all-wifi,OU=Management,OU=GLOBAL,DC=lmn,DC=lan
memberOf: CN=global-admins,OU=Management,OU=GLOBAL,DC=lmn,DC=lan
memberOf: CN=role-globaladministrator,OU=Groups,OU=GLOBAL,DC=lmn,DC=lan
--------------------------------------------------------------------------------
LOGFILES: 1 Entries
More info for users in AD with:
sophomorix-user -iv -u global-admin
sophomorix-quota -iv -u global-admin
sophomorix-mail -iv -u global-adminThis is the command I used for Arnauds request:
ldapsearch -x -H ldap://localhost:389 -b "dc=LMN,dc=LAN" "(cn=global-admin)" -D 'CN=global-binduser,OU=Management,OU=GLOBAL,DC=LMN,DC=LAN' -w `cat /etc/linuxmuster/.secret/global-binduser` sophomorixWebuiDashboardI think this means "nothing" ;)
No, it doesn't mean nothing, it's pretty much the result I was expecting, and it confirms that the fix from yesterday will work, thank you for taking the time to do it :)
The command just retrieve the sophomorixWebuiDashboard attribute from the user global-admin in ldap. You already have a global-admin user, no need to do something else, we can close this yet.
Clicking on "Dashboard" as global-admin gives "this is likely a bug", traceback:
Version: latest linuxmuster testing.
Regards, Andreas