[CalendarServer-dev] twistedcaldav/directory/ldapdirectory.py:1267:getGroups empty argument error

Dennison Williams dennison.williams at gmail.com
Wed Feb 13 17:23:37 PST 2013 

Bringing this back onto the list in case its useful to someone else.
Inline below.

On 02/08/2013 06:51 PM, Morgen Sagen wrote:
> 
> On Feb 8, 2013, at 4:45 PM, Dennison Williams <dennison.williams at gmail.com> wrote:
> 
>> On 02/08/2013 05:55 PM, Morgen Sagen wrote:
>>> That patch is not what you want.  getGroups( ) should not be getting passed a set([None]) to begin with, and it's likely due to a configuration problem.
>>
>> Ok ... got it.
>>
>>>
>>> 1) Do you have proxy assignments, i.e. does proxies.sqlite have anything in the GROUPS table?  You should also see the number of proxy assignments logged in the error.log with an "info" level line like:  "There are 0 proxies"
>>
>> In the log there is a line:
>> [twistedcaldav.directory.directory.GroupMembershipCacheUpdater#info]
>> There are 1 proxies
>>
>> When I try to browse this with the sqlite utility I get
>>
>> sqlite /var/lib/caldavd/proxies.sqlite
>> Unable to open database "/var/lib/caldavd/proxies.sqlite": file is
>> encrypted or is not a database
> 
> Try using "sqlite3"?
> 
>>
>>> 2) Does your caldavd.plist have UseExternalProxies set to true?  (It shouldn't.  Set it to false.  Setting it to true is an advanced config where proxy assignments can be controlled via LDAP.) 
>>
>> Its set to false
> 
> Good.
> 
>>
>>> 3) [My question from earlier] How does your LDAP schema specify group membership?  How have you adjusted your caldavd.plist to match?  (If you explain the former, I can help with the latter.)
>>
>> ldapsearch -x -h ad.meow.com -D 'auth' -w 'also_not_the_real_pass' -b
>> 'cn=Users,dc=meow,dc=comm' '(&(objectClass=user)(cn=MeowGroup))'
>>
>> dn: CN=MeowGroup,CN=Users,DC=meow,DC=com
>> objectClass: top
>> objectClass: group
>> cn: MeowGroup
>> member: CN=Meow1,CN=Users,DC=meow,DC=com
>> member: CN=Meow2,CN=Users,DC=meow,DC=com
>> distinguishedName: CN=MeowGroup,CN=Users,DC=meow,DC=com
>> instanceType: 4
>> whenCreated: 20111021025749.0Z
>> whenChanged: 20120816194841.0Z
>> uSNCreated: 12429
>> uSNChanged: 12429
>> name: Executive
>> objectGUID:: n/mb9e13cki32CdHMCjdPA==
>> objectSid:: AQUAAAAAAAUVAAAARUxc9755Z7MIG4EGcQQAAA==
>> sAMAccountName: MeowGroup
>> sAMAccountType: 268435456
>> groupType: -2147483646
>> objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=meow,DC=com
>> dSCorePropagationData: 16010101000000.0Z
>>
>> Attached is my caldavd.plist
> 
> Great, your caldavd.plist appears to match the schema. 
> 
> So I am really interested to see what's wrong with your proxy db.  If that file is corrupt, you can just move that sqlite db aside and a new one will get created next time you start the server.

I have attached the previous proxies.sqlite file.  As you can see there
is one row in the GROUPS table:

sqlite> select * from GROUPS;
None#calendar-proxy-write|

Indeed deleting this DB and restarting the server caused the server to
recreate a new empty DB.

After a few restarts I got this working though.  Thanks for the help

> 
> 
>>
>>
>>
>>>
>>> ~morgen
>>>
>>> On Feb 8, 2013, at 2:53 PM, Dennison Williams <dennison.williams at gmail.com> wrote:
>>>
>>>> I think this is a bug, and I have a fix, but I am not sure if it is in
>>>> the "right" place.  Anyhow this allows calendarserver to at least to
>>>> populate the Group Membership Cache in memcache.  And start up the
>>>> network listeners.
>>>>
>>>> I am now seeing other issues with starting the group caching service, so
>>>> maybe this does not actually fix the problem.
>>>>
>>>> The two attached files are the patches, directory-4.2-20130208.patch
>>>> against the 4.2 branch and directory-main-20130208.patch against the
>>>> main development branch (checked out today).
>>>>
>>>> -Dennison
>>>>
>>>> On 01/30/2013 11:42 PM, Dennison Williams wrote:
>>>>> On 01/30/2013 10:53 PM, Glyph wrote:
>>>>>>
>>>>>> On Jan 30, 2013, at 8:06 PM, Dennison Williams
>>>>>> <dennison.williams at gmail.com <mailto:dennison.williams at gmail.com>> wrote:
>>>>>>
>>>>>>> Tracing this all the way up the stack I see tha the getGroups method
>>>>>>> receives a guid value of  set([None]), but this is not caught as I think
>>>>>>> maybe it should be on line 675
>>>>>>>
>>>>>>> if guids is None:
>>>>>>>
>>>>>>> But because I am not super familar with this application and have
>>>>>>> limited familiarity with python I am not sure if this indicates an issue
>>>>>>> with my config, my environment, or the code.
>>>>>>
>>>>>> The LDAP directory is incredibly flexible, and can be coerced to do
>>>>>> various insane things by setting up mappings incorrectly.  Having a copy
>>>>>> of your caldavd.plist would be helpful when diagnosing this error.
>>>>>> (Actually having a copy of your entire directory along with that would
>>>>>> be even more useful, but I presume that isn't possible ;-)).
>>>>>
>>>>> Please see attached my caldavd.plist.  I could also send a few sections
>>>>> from an ldapsearch query if that was helpful
>>>>>>
>>>>>> -glyph
>>>>>
>>>>
>>>> <directory-4.2-20130208.patch><directory-main-20130208.patch>_______________________________________________
>>>> calendarserver-dev mailing list
>>>> calendarserver-dev at lists.macosforge.org
>>>> https://lists.macosforge.org/mailman/listinfo/calendarserver-dev
>>>
>>
>> <caldavd.plist>
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: proxies.sqlite.gz
Type: application/x-gzip
Size: 562 bytes
Desc: not available
URL: <http://lists.macosforge.org/pipermail/calendarserver-dev/attachments/20130213/da25ff3d/attachment.gz>

More information about the calendarserver-dev mailing list