User import on NS7

NethServer Version: NethServer release 7.2.1511 (rc2)
Module: nethserver-dc

On NS6.8 I could import users and create their email accounts using this script. But I can’t find anything similar on NS7.

1 Like

If you have windows power shell there is plenty of import scripts around for Active Directory that should work on ns7 too at least for users and groups.

About email addresses, we need a script for ns7 though…

Well yes, would love the script with email addresses (and maybe aliases too, if possible).
I’ve spend 2 days testing the import script and perfecting the csv file, would be nice if it could be of use :innocent:. Also I do feel more comfortable in a Linux environment, never really used windows servers much.

2 Likes

Hi @indra, could you test this?

https://github.com/DavidePrincipi/nethserver-sssd/blob/871c76f6b02eab3e5aa01348a330e808d95fdef9/README.rst#account-import-scripts

I never tested them! If something is wrong, fixes are welcome :innocent:

1 Like

Great, thanks. Making a backup before test. I’ll let you know how it goes.

3 Likes

Yes, it worked, with errors though.
Users are created with full name, but password aren’t set.

This is message log :

Nov 29 12:23:54 nethserver esmith::event[10753]: Event: user-create indra Indra Pharazijn
Nov 29 12:23:54 nethserver esmith::event[10753]: User ‘indra’ created successfully
Nov 29 12:23:54 nethserver esmith::event[10753]: Action: /etc/e-smith/events/user-create/S40nethserver-dc-user-create SUCCESS [0.297852]
Nov 29 12:23:54 nethserver esmith::event[10753]: No cache object matched the specified search
Nov 29 12:23:54 nethserver esmith::event[10753]: Action: /etc/e-smith/events/user-create/S90nethserver-sssd-clear-cache FAILED: 2 [0.005817]
Nov 29 12:23:54 nethserver esmith::event[10753]: Event: user-create FAILED

This is command line output :

[root@nethserver tmp]# ./import_users userimport-main.tsv
[ERROR] Account indra user-create event failed.
[root@nethserver tmp]#

And email import says :

[root@nethserver tmp]# ./import_emails userimport-email.tsv
[WARNING] Account indra does not exist, skipped.

With nothing in messages log

1 Like

Perhaps we need to flush the sssd cache…

sss_cache -E

Then

./import_emails userimport-email.tsv

Please update import_emails from

https://raw.githubusercontent.com/DavidePrincipi/nethserver-sssd/ae1656a32b2377081d3e0725a6dd706f1751cc6e/scripts/import_users

1 Like

still no joy, but some small change, message log output :

Nov 29 15:00:18 nethserver esmith::event[2936]: Event: user-create indra Indra Pharazijn
Nov 29 15:00:18 nethserver esmith::event[2936]: expanding /etc/postfix/internal_access
Nov 29 15:00:18 nethserver esmith::event[2936]: expanding /etc/postfix/virtual
Nov 29 15:00:18 nethserver esmith::event[2936]: Action: /etc/e-smith/events/actions/generic_template_expand SUCCESS [0.119293]
Nov 29 15:00:19 nethserver esmith::event[2936]: Action: /etc/e-smith/events/user-create/S30nethserver-mail-postmap-update SUCCESS [0.109152]
Nov 29 15:00:19 nethserver esmith::event[2936]: User ‘indra’ created successfully
Nov 29 15:00:19 nethserver esmith::event[2936]: Action: /etc/e-smith/events/user-create/S40nethserver-dc-user-create SUCCESS [0.302278]
Nov 29 15:00:19 nethserver esmith::event[2936]: Action: /etc/e-smith/events/user-create/S90nethserver-sssd-clear-cache SUCCESS [0.070955]
Nov 29 15:00:19 nethserver esmith::event[2936]: Event: user-create SUCCESS
Nov 29 15:00:19 nethserver esmith::event[2936]: Event: password-modify indra /tmp/import_users_PuN0y
Nov 29 15:00:19 nethserver esmith::event[2936]: passwd: Unknown user name ‘indra’.
Nov 29 15:00:19 nethserver esmith::event[2936]: Action: /etc/e-smith/events/password-modify/S25password-set FAILED: 252 [0.026061]
Nov 29 15:00:19 nethserver esmith::event[2936]: [NOTICE] Skipping user indra, it doesn’t belong to our domain.
Nov 29 15:00:19 nethserver esmith::event[2936]: Action: /etc/e-smith/events/password-modify/S30nethserver-dc-password-set SUCCESS [0.002756]
Nov 29 15:00:19 nethserver esmith::event[2936]: [NOTICE] Skipping user indra, it doesn’t belong to our domain.
Nov 29 15:00:19 nethserver esmith::event[2936]: Action: /etc/e-smith/events/password-modify/S40nethserver-dc-user-unlock SUCCESS [0.002472]
Nov 29 15:00:19 nethserver esmith::event[2936]: Action: /etc/e-smith/events/password-modify/S90password-cleanup SUCCESS [0.00983]
Nov 29 15:00:19 nethserver esmith::event[2936]: Event: password-modify FAILED

I don’t know if it could be related to the workgroup fix I applied before import :

I’ll retry with a fresh install, to avoid residual stuff from last imports distorting results.

1 Like

Sorry, I missed it! I must add the @domain suffix to provided user names! Hold on a minute…

Edit: @indra, please download the new import_users version from

https://raw.githubusercontent.com/DavidePrincipi/nethserver-sssd/602c641/scripts/import_users

1 Like

import on clean server without workgroup fix, still errors, new message log :

Nov 29 16:15:49 nethserver esmith::event[18330]: Event: user-create indra Indra Pharazijn
Nov 29 16:15:50 nethserver esmith::event[18330]: expanding /etc/postfix/internal_access
Nov 29 16:15:50 nethserver esmith::event[18330]: expanding /etc/postfix/virtual
Nov 29 16:15:50 nethserver esmith::event[18330]: Action: /etc/e-smith/events/actions/generic_template_expand SUCCESS [0.121073]
Nov 29 16:15:50 nethserver esmith::event[18330]: Action: /etc/e-smith/events/user-create/S30nethserver-mail-postmap-update SUCCESS [0.111477]
Nov 29 16:15:50 nethserver esmith::event[18330]: User ‘indra’ created successfully
Nov 29 16:15:50 nethserver esmith::event[18330]: Action: /etc/e-smith/events/user-create/S40nethserver-dc-user-create SUCCESS [0.389637]
Nov 29 16:15:50 nethserver esmith::event[18330]: No cache object matched the specified search
Nov 29 16:15:50 nethserver esmith::event[18330]: Action: /etc/e-smith/events/user-create/S90nethserver-sssd-clear-cache FAILED: 2 [0.006766]
Nov 29 16:15:50 nethserver esmith::event[18330]: Event: user-create FAILED

1 Like

You can safely ignore that error :wink:

How did the password setting go?

Users still have the key sign in the user manager, and when I try to login to the server-manager with a user it says :

Password
Invalid credentials

No passwords were set, I guess :confused:

1 Like

Any other error message in /var/log/messages?

Not really, something bout printers :

Nov 29 17:02:17 nethserver smbd[22898]: [2016/11/29 17:02:17.219880, 0] …/source3/printing/print_cups.c:151(cups_connect)
Nov 29 17:02:17 nethserver smbd[22898]: Unable to connect to CUPS server localhost:631 - Transport endpoint is not connected
Nov 29 17:02:17 nethserver smbd[32044]: [2016/11/29 17:02:17.221318, 0] …/source3/printing/print_cups.c:529(cups_async_callback)
Nov 29 17:02:17 nethserver smbd[32044]: failed to retrieve printer list: NT_STATUS_UNSUCCESSFUL

But prolly unrelated, did notice something else.
“db accounts show” returns nothing, not even a blank line, which seems kinda odd.
Because I can see the users in the server manager :

I tried the script on my VM. Similar error messages here for nethserver-directory account provider, but accounts were actually created and passwords correctly set.

I’ll try to fix the error messages.

Edit:

Update nethserver-sssd from testing: it contains the scripts/ dir under RPM docs with a fix for import_emails.

yum --enablerepo=nethserver-testing update nethserver-sssd-1.0.8-1.29.g6b60240.ns7.noarch.rpm
2 Likes

Setup a blank machine in vbox, unattended install, updated, setup and configured dc.
Updated nethserver-sssd from testing, @davidep should I still use the scripts from your github, or should i use the ones from scripts/ dir under RPM docs ? And how should I run em, I can’t seem to locate them :innocent:

Type

rpm -qd nethserver-sssd
1 Like

Yes now I see, we’ll be back after the break :smiley:

User import went fine, passwords were set (except for the ones with less than 7 chars), testing email creation and adding to groups after the break.

Ps. would this script


still work for adding existing users to existing groups, without breaking to much ?

1 Like

We should ask @paspo, but I guess it was written for ns6…