Virtualmin Deletes Admin LDAP Group while restoring.

When restoring a Virtual server from a backup while using LDAP Users and Groups, the group is deleted while restoring.

Steps to repeat this issue was performed using two Virtualmin GPL environments (inside kvm vrituals in my case) creating a virtual-server on node1 with the following options enabled (everything else was disabled in my test as per backup options go):

Only selected .. Include sub-servers of those selected.

Features to backup: Only these selected below:
Virtual server password, description and other details
Mail/FTP users and mail aliases
Apache webserver configuration
Apache SSL webserver configuration and certificate
Webmin ACL files

Virtualmin settings to backup:
NONE

Backup Destination:
Local file or directory: /home/bkup (this was shared storage so it was available on both nodes in my test)

Backup Format:
One file per server (old format)

Backup Level:
Full (all files)

Then restore it into node2. The restore will fail due to the following error:

Extracting backup archive file ..
.. done

Re-creating virtual server _domain1_ ..

Creating administration group _user1_ ..
.. failed to create administration group : ldap-useradmin::create_group failed : Failed to add group to LDAP database : Already exists at /usr/share/webmin/web-lib-funcs.pl line 1331.

Restoring backup for virtual server _domain1_ ..

Restore failed : setquota: group _domain1_ does not exist.

At the time, the user already existed from the virtual-server on node1, then during the restore to node2, the LDAP group no longer existed, so on top of it failing, it deleted the record itself. Secondary attempt to restore right after the first failed attempt resulted in:

Extracting backup archive file ..
.. done

Re-creating virtual server _domain1_ ..

Creating administration group _group1_ ..
.. administration group was created but does not exist!

Restoring backup for virtual server _domain1_ ..
Restore failed : setquota: group _group1_ does not exist.

Status: 
Active

Comments

That "group was created but does not exist" error usually happens if the system is not setup via NSS to get Unix users and groups from LDAP .. even though Virtualmin is configured to add users and groups to LDAP.

Could that perhaps be the case?

Nope. This is not the case.

NSS is fully setup and functional.

If you add a group to LDAP using Webmin (at System -> LDAP Users and Groups), does it show up as a Unix group on the system immediately? Sometimes nscd being installed can delay this ..

Yes, it does. I don't run nscd. As I said, I have a fully functional correct LDAP setup with NSS, including group-based security policy login restrictions.

So if you just manually create a new domain on the problem system with Virtualmin, do you get the same error message?