Finally I solve the problem!!!!! The problem was that I didn't want to use all the ldap users, because there are more than 70000 users and many of them are inactives users, so I wanted to put a ldap filter to get only the active users, but I didn't know how made it in iFolder, so I installed a LDAP proxy with this filter to get only the user that I wanted.
The problem was that this filter was too restrictive, and also filtered some ldap records that iFolder needs (ldap groups info). When I changed the filter and I added the specials records of ldap, all works fine. However, the server is slow. Now I have 35000 users in LDAP, and when any user log in whith the ifolder client, it takes a long time (two minutes more or less) to synchronize the files. I'm very surprised to see how grow the size of Simias.access.log, because every time that any user use the ifolder client, there are 35000 lines like this: <date> <hour> "GetNode" "Success" <user> <usercode1>/member <usercode> <date> <hour> "GetNode" "Success" <user> <usercode2>/member <usercode> <date> <hour> "GetNode" "Success" <user> <usercode3>/member <usercode> .......... Where <usercodeX> I suppose that is the user code of each user in LDAP, so I suppose that every time that any user login in the ifolder client, the ifolder server compare "something" between all users (I imagine that it looks files shared between the users). The question is: What characteristics should has the ifolder server (or how many servers should be) to work fine with this amount of users? Now I'm testing it with a virtual machine with 4 processors and 4 GB of RAM. Thanks for all your help!! Ravi Kumar escribió: > > Cam you try once with Secure LDAP once > > >>> Moises Carretero Lavado <[email protected]> 5/26/2010 5:29 PM >>> > Hi again!! > > Now I can access with the admin user, in both admin and ifolder website, > but there is not any other user (the ldap sync fail). This is the error > in Simias.log: > > 2010-05-26 13:04:37,396 [-307541680] INFO Simias.IdentitySync.Service - > SyncNow method invoked > 2010-05-26 13:04:37,502 [-317036208] ERROR > Simias.OpenLdapProvider.OpenSync - Object reference not set to an > instance of an object > 2010-05-26 13:04:37,502 [-317036208] ERROR > Simias.OpenLdapProvider.OpenSync - at > Simias.OpenLdapProvider.OpenSync.ProcessSearchObjects > (Novell.Directory.Ldap.LdapConnection conn, > Simias.LdapProvider.LdapSettings settings) [0x00000] > > It seems that it can't connect with LDAP, however the user admin can > login correctly (and the login is through LDAP, isn't it?), and > simias-server-setup was success when I configure it with LDAP. > > I test it with firewall down and up, and I test the proxy user with this > command: > > ldapsearch -x -h <myip> -D "<proxy_user>" -W > > And when I write its password, it returns all ldap users. In Simias.conf > there is the same configuration that I use in the above command. > > I don't know if this is relevant but: > - I use SSL connections (mode of communication for iFolder = SSL), but I > use not secure LDAP (SLDAP = N). > - LDAP Groups = N > > > Ravi Kumar escribió: > > > > There is one script to run the ldap sync manually on > > community.ifolder.com. However, it would / might fail when ldap sync's > > next time. I would suggest running simias-server-setup correctly with > > correct LDAP details . Manually creation / updating Simias.conf file / > > Simias.config is not advisable . > > > > > > You could run simis-server-setup again and give same data path and > > change the current setup. > > > > > > Please correct me If I have mis understood your query. > > > > > > ravi > > > > >>> Moises Carretero Lavado <[email protected]> 5/25/2010 6:08 PM >>> > > I found the problem. I don't configure apache in the ifolder > > installation, so the file /etc/apache2/conf.d/simias.conf didn't exist. > > When I create this file, and I change de permissions of /var/simias it > > works. > > > > However, when I try to configure it using SSL and LDAP, the admin > > doesn't login. In adminweb.log the error is also the same error, and in > > Simias.log the error is: > > > > 2010-05-25 14:29:21,262 [1916991824] DEBUG > > Simias.Security.Web.AuthenticationModule - In > > verify[rincipalfromrequest: soapmethod is GetAuthenticatedUser > > 2010-05-25 14:29:21,263 [1916991824] DEBUG Simias.DomainProvider - > > domainID e4b33e22-1896-4087-849e-3428b70d0953 > > 2010-05-25 14:29:21,263 [1916991824] DEBUG Simias.Server.Authentication > > - Authenticate called > > 2010-05-25 14:29:21,263 [1916991824] DEBUG Simias.Server.Authentication > > - admin is not member of simias > > > > The LDAP is up, and works OK; and the ifolder installation with LDAP was > > success. I think the synchronization between LDAP and ifolder fails, > > because in Simias.log there is the next message: > > > > 2010-05-25 14:32:33,309 [User Move thread] DEBUG > > Simias.UserMovement.iFolderUserMove - UpdateUserMoveQueue: Updating user > > Reprovision queue, There are 0 users to be Reprovisioned > > > > The users 'admin' and 'ifolder' exist in LDAP when I write: ldapsearch > > -x -h localhost '(uid=admin or ifolder)', and the Simias.config is: > > > > <configuration> > > <section name="EnterpriseDomain"> > > <setting name="SystemName" value="iFolder" /> > > <setting name="Description" value="iFolder Enterprise System" /> > > <setting name="AdminName" > value="uid=admin,ou=People,dc=***,dc=**" /> > > </section> > > <section name="Server"> > > <setting name="Name" value="ifolder" /> > > <setting name="PublicAddress" value="https://****/simias10"; /> > > <setting name="PrivateAddress" value="https://****/simias10"; /> > > </section> > > <section name="Authentication"> > > <setting name="SimiasAuthNotRequired" value="Registration.asmx, > > Login.ashx, Simias.asmx:PingSimias, DomainService.asmx:GetDomainID, > > pubrss.ashx, pubsfile.ashx, Simias.asmx:GetRAList, > > Simias.asmx:GetRACertificate, iFolderBackup.asmx:GetSimiasDataPath, > > iFolderBackup.asmx:Ping" /> > > <setting name="SimiasRequireSSL" value="yes" /> > > </section> > > <section name="Identity"> > > <setting name="Assembly" value="Simias.OpenLdapProvider" /> > > <setting name="ServiceAssembly" value="Simias.Server" /> > > <setting name="Class" value="Simias.OpenLdapProvider.User" /> > > <setting name="LdapSyncOnRestart" value="No" /> > > <!-- > > <setting name="Assembly" value="Simias.SimpleServer" /> > > <setting name="Class" value="Simias.SimpleServer.User" /> > > --> > > <!-- > > <setting name="Assembly" value="Simias.MdbSync" /> > > <setting name="Class" value="Simias.MdbSync.User" /> > > --> > > </section> > > <section name="StoreProvider"> > > <setting name="Assembly" value="SimiasLib.dll" /> > > <setting name="Type" > > value="Simias.Storage.Provider.Flaim.FlaimProvider" /> > > <setting name="Path" value="/var/simias/data/simias" /> > > </section> > > <section name="LdapAuthentication"> > > <setting name="LdapUri" value="ldap://localhost/"; /> > > <setting name="ProxyDN" value="cn=ifolder,dc=***,dc=**" /> > > </section> > > <section name="LdapProvider"> > > <setting name="NamingAttribute" value="uid" /> > > <setting name="Search"> > > <Context dn="ou=People,dc=***,dc=**" /> > > </setting> > > </section> > > </configuration> > > > > Can I run the synchronize script with LDAP manually? > > > > Thanks!! > > > > > > Mahabaleshwar Asundi escribió: > > > Hi, > > > > > > As such there are no specific known issues for openSuse 64/32 bit > > > architecture for the problem that you are observing. > > > > > > Probably the simias server instance is going down. There could be some > > > issue with the simias instance. Please check apache error-log file, > > > that is where exact error information gets captured. > > > > > > One other observation, based on your previous mail content, it looks > > > like file permissions are set with root as owner and group. usually > > > apache runs with wwwrun as user and www as group. > > > Usually iFolder setup code looks for /etc/apache2/uid.conf file to get > > > apache user and group details. If this file does not exist then, > > > apache user name and group details can be passed through command line > > > options. > > > > > > Above will make sure that proper permissions are set for respective > > > files which simias server can open and use. > > > > > > I guess this the issue, if the issue is still not solved with the > > > workaround let us know apache error log details so that we can > > > further help you with this problem. > > > > > > Thanks > > > Mahabalesh > > > > > > > > > >>> Moises Carretero Lavado <[email protected]> 5/25/2010 3:52 PM >>> > > > The 'ps' result is: > > > > > > wwwrun ... /usr/bin/mono /usr/lib/mono/2.0/mod-mono-server2.exe > > > --filename /tmp/mod_mono_server_admin --applications > > > /admin:/usr/lib64/simias/admin --nonstop > > > > > > wwwrun ... /usr/bin/mono /usr/lib/mono/2.0/mod-mono-server2.exe > > > --filename /tmp/mod_mono_server_ifolder --applications > > > /admin:/usr/lib64/simias/webaccess --nonstop > > > > > > But the url: http://<my_domain>/simias10 return a 404 page not found > > > error :( > > > > > > Ravi Kumar escribió: > > > > > > > > Are you sure server is running ? OR configured to run behind > apache ? > > > > > > > > > > > > check ps -ef | grep simias > > > > > > > > > > > > try accessing /_http://_/<ip>/simias10/Simias.asmx . Atleast > > > > simias.log should get generated. > > > > > > > > > > > > ravi > > > > > > > > >>> Moises Carretero Lavado <[email protected]> 5/25/2010 3:20 PM >>> > > > > Now I have the most simple configuration: NONSSL and without LDAP. > > > > However, the error message and behavior is the same when I use > SSL and > > > > LDAP. And in both cases, the installation process was success. > > > > > > > > > > Ravi Kumar escribió: > > > > >> > > > > >> Few are hitting this issue which I doubt is something related > > to SSL > > > > >> . Can you share the setup details such as SSL/ NONSSL , > apache SSL, > > > > >> LDAP ? > > > > >> > > > > >> > > > > >> ravi > > > > >> > > > > >> >>> Moises Carretero Lavado <[email protected]> 5/25/2010 1:26 > PM >>> > > > > >> Hi! > > > > >> > > > > >> I have a ifolder 3.8 server installed in OpenSUSE 11.1 x64. > When I > > > > >> installed it in OpenSUSE 11.1 i586 it works fine, but in the 64 > > bits > > > > >> version I can't login. > > > > >> > > > > >> In this OpenSUSE I install ifolder x64 and i586, I install it > > > with and > > > > >> without SSL, with and without LDAP, and always there is the same > > > error > > > > >> in adminweb.log: > > > > >> > > > > >> /2010-05-25 09:26:45,560 [1713776976] INFO Login - [127.0.0.2] > > > Client > > > > >> Information: admin, 127.0.0.2, Mozilla/5.0 (X11; U; Linux x86_64; > > > > es-ES; > > > > >> rv:1.9.1.9) Gecko/20100317 SUSE/3.5.9-0.1.1 Firefox/3.5.9 > > > > >> 2010-05-25 09:26:45,804 [1713776976] INFO Login - [127.0.0.2] > > Login > > > > >> Failed > > > > >> System./ > > > > >> /ObjectDisposedException: The object was used after being > disposed. > > > > >> at System.Net.HttpWebResponse.//CheckDisposed () [0x00000] > > > > >> at System.Net.HttpWebResponse.//get_StatusDescription () > > [0x00000] > > > > >> at (wrapper remoting-invoke-with-check) > > > > >> System.Net.HttpWebResponse://get_StatusDescription () > > > > >> at Novell.iFolderWeb.Admin.//TopNavigation.GetExceptionType > > > > >> (System.Exception e) [0x00000] > > > > >> at Novell.iFolderWeb.Admin.Login.//DoLogin (System.String > > username, > > > > >> System.String password, Boolean check) [0x00000] > > > > >> 2010-05-25 09:26:45,809 [1713776976] ERROR Global - [127.0.0.2] > > > > >> Application Error > > > > >> System.//ObjectDisposedException: The object was used after being > > > > >> disposed. > > > > >> at System.Net.HttpWebResponse.//CheckDisposed () [0x00000] > > > > >> at System.Net.HttpWebResponse.//get_StatusDescription () > > [0x00000] > > > > >> at (wrapper remoting-invoke-with-check) > > > > >> System.Net.HttpWebResponse://get_StatusDescription () > > > > >> at Novell.iFolderWeb.Admin.//TopNavigation.GetExceptionType > > > > >> (System.Exception e) [0x00000] > > > > >> at Novell.iFolderWeb.Admin.Login.//DoLogin (System.String > > username, > > > > >> System.String password, Boolean check) [0x00000] > > > > >> > > > > >> /I think the problem is simias doesn't work properly, because in > > > > >> /var/simias/data/simias not exist any FlaimSimias file, neither > > > > >> /var/simias/data/simias/log/simias.log. And the problem is I > can't > > > > >> access whith any user in both admin and ifolder areas. > > > > >> > > > > >> Is there any know bug in OpenSUSE 11.1 x64 whith ifolder 3.8 or > > > simias? > > > > >> > > > > >> -- > > > > >> Moisés Carretero Lavado > > > > >> Área de Base de Datos y Sistemas > > > > >> Servicio de Informática > > > > >> Vicerrectorado de Nuevas Tecnologías > > > > >> > > > > >> Universidad de Extremadura > > > > >> Edificio del Rectorado, Badajoz > > > > >> Extension: 86814 > > > > >> > > > > >> > > > > >> > > > > > > > > > > ------------------------------------------------------------------------------ > > > > >> > > > > >> > > > > >> _______________________________________________ > > > > >> ifolder-devel mailing list > > > > >> [email protected] > > > > >> https://lists.sourceforge.net/lists/listinfo/ifolder-devel > > > > >> > > > > > > > > > > > > > > > > > > > > > > -- > > > > Moisés Carretero Lavado > > > > Área de Base de Datos y Sistemas > > > > Servicio de Informática > > > > Vicerrectorado de Nuevas Tecnologías > > > > > > > > Universidad de Extremadura > > > > Edificio del Rectorado, Badajoz > > > > Extension: 86814 > > > > > > > > > > > > > -- > > > Moisés Carretero Lavado > > > Área de Base de Datos y Sistemas > > > Servicio de Informática > > > Vicerrectorado de Nuevas Tecnologías > > > > > > Universidad de Extremadura > > > Edificio del Rectorado, Badajoz > > > Extension: 86814 > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > > > > _______________________________________________ > > > ifolder-devel mailing list > > > [email protected] > > > https://lists.sourceforge.net/lists/listinfo/ifolder-devel > > > > > > -- > > Moisés Carretero Lavado > > Área de Base de Datos y Sistemas > > Servicio de Informática > > Vicerrectorado de Nuevas Tecnologías > > > > Universidad de Extremadura > > Edificio del Rectorado, Badajoz > > Extension: 86814 > > > > > -- > Moisés Carretero Lavado > Área de Base de Datos y Sistemas > Servicio de Informática > Vicerrectorado de Nuevas Tecnologías > > Universidad de Extremadura > Edificio del Rectorado, Badajoz > Extension: 86814 > -- Moisés Carretero Lavado Área de Base de Datos y Sistemas Servicio de Informática Vicerrectorado de Nuevas Tecnologías Universidad de Extremadura Edificio del Rectorado, Badajoz Extension: 86814 ------------------------------------------------------------------------------ _______________________________________________ ifolder-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/ifolder-devel
