Does InterWorx-CP support LDAP configurations?

I am trying to synchronize InterWorx shell users and groups through LDAP, so rsync backups of files, resources found on non-InterWorx servers, etc, can all respect the same UID and GID.

My first InterWorx box to attempt this configuration is up and working properly with my LDAP server. However, when I create a new account, a local user and group are created. User name conflicts (against ones already in LDAP) are possible, but the next UID/GID was properly chosen from LDAP however.

Does InterWorx use PAM for configuring accounts? If so, is the PAM configuration to blame for InterWorx not creating the accounts in LDAP?

I tried creating the SiteWorx user/group in LDAP before creating the SiteWorx account, and that didn’t work either. The “SiteWorx Account” form indicated the “Unix User Name” was good (green checkmark), but the form returned an error:

? There was a problem validating the form. Please see details below.
? An error occurred during SiteWorx account activation, check the iworx.log file for more details

iworx.log

[INFO] : adding user: testuser with homedir /home/testuser : package.activate.php
[EMERG] : ERROR: /usr/local/interworx/include/drivers/other/ShellAccount.php(64): Uncaught IWorx_Exception: groupadd failed: groupadd: group ‘testuser’ already exists : package.activate.php
[EMERG] : : package.activate.php
[EMERG] : #0 /usr/local/interworx/include/drivers/other/ShellAccount.php(64): ShellAccount::addGroup() : package.activate.php
[EMERG] : #1 /usr/local/interworx/bin/package.activate.php(317): ShellAccount::addGroup() : package.activate.php
[EMERG] : #2 /usr/local/interworx/bin/package.activate.php(280): package_activate_useradd() : package.activate.php
[EMERG] : #3 /usr/local/interworx/bin/package.activate.php(194): package_activate_setup() : package.activate.php
[EMERG] : #4 /usr/local/interworx/bin/package.activate.php(151): package_activate_doit() : package.activate.php
[EMERG] : #5 /usr/local/interworx/bin/package.activate.php(70): package_activate_main() : package.activate.php
[EMERG] : #6 /usr/local/interworx/bin/package.activate.php(53): package_activate() : package.activate.php
[EMERG] : #7 {main} : package.activate.php
[EMERG] : ----- DEBUG STACKTRACE BEGIN ----- : package.activate.php
[EMERG] : /usr/local/interworx/include/IWorxDebug.php getStackTrace (167) : package.activate.php
[EMERG] : 0 exceptionHandler (0) : package.activate.php
[EMERG] : ----- DEBUG STACKTRACE END ----- : package.activate.php

I cannot find a way to create a LDAP user/group automatically through the command line, and SiteWorx won’t proceed if the user/group already exists. I wouldn’t mind making the LDAP user by hand (signup can be automated by a custom script and the API), but the second issue is worse. It implies it would be impossible to transfer an InterWorx account to another InterWorx server as long as they share a LDAP database.

I understand now that LDAP isn’t a supported setup, but I’m curious if it ever will be. Our goal is to be able to keep a central directory of users and groups so it is easier to cross the hardware boundary. It would make it much easier to store home directories on a large NFS storage, avoiding the need to transfer web/email files if the customer needs to move to a different server.

I tried creating the SiteWorx user/group in LDAP before creating the SiteWorx account, and that didn’t work either. The “SiteWorx Account” form indicated the “Unix User Name” was good (green checkmark), but the form returned an error:

? There was a problem validating the form. Please see details below.
? An error occurred during SiteWorx account activation, check the iworx.log file for more details

iworx.log

[INFO] : adding user: testuser with homedir /home/testuser : package.activate.php
[EMERG] : ERROR: /usr/local/interworx/include/drivers/other/ShellAccount.php(64): Uncaught IWorx_Exception: groupadd failed: groupadd: group ‘testuser’ already exists : package.activate.php
[EMERG] : : package.activate.php
[EMERG] : #0 /usr/local/interworx/include/drivers/other/ShellAccount.php(64): ShellAccount::addGroup() : package.activate.php
[EMERG] : #1 /usr/local/interworx/bin/package.activate.php(317): ShellAccount::addGroup() : package.activate.php
[EMERG] : #2 /usr/local/interworx/bin/package.activate.php(280): package_activate_useradd() : package.activate.php
[EMERG] : #3 /usr/local/interworx/bin/package.activate.php(194): package_activate_setup() : package.activate.php
[EMERG] : #4 /usr/local/interworx/bin/package.activate.php(151): package_activate_doit() : package.activate.php
[EMERG] : #5 /usr/local/interworx/bin/package.activate.php(70): package_activate_main() : package.activate.php
[EMERG] : #6 /usr/local/interworx/bin/package.activate.php(53): package_activate() : package.activate.php
[EMERG] : #7 {main} : package.activate.php
[EMERG] : ----- DEBUG STACKTRACE BEGIN ----- : package.activate.php
[EMERG] : /usr/local/interworx/include/IWorxDebug.php getStackTrace (167) : package.activate.php
[EMERG] : 0 exceptionHandler (0) : package.activate.php
[EMERG] : ----- DEBUG STACKTRACE END ----- : package.activate.php

I cannot find a way to create a LDAP user/group automatically through the command line, and SiteWorx won’t proceed if the user/group already exists. I wouldn’t mind making the LDAP user by hand (signup can be automated by a custom script and the API), but the second issue is worse. It implies it would be impossible to transfer an InterWorx account to another InterWorx server as long as they share a LDAP database.

I understand now that LDAP isn’t a supported setup, but I’m curious if it ever will be. Our goal is to be able to keep a central directory of users and groups so it is easier to cross the hardware boundary. It would make it much easier to store home directories on a large NFS storage, avoiding the need to transfer web/email files if the customer needs to move to a different server.

well, Iworx have a plugin system (php+js), you will probably have to write some code … but it’s doable.